Cybersecurity Tools Now Delivering Ransomware

Another new ransomware threat is making its rounds and targeting unpatched and end-of-life SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. This threat is being used right now, so if any businesses use these devices, they should be taking action right away. Let’s talk about what to do against the SMA and SRA ransomware. 

Mandiant, SonicWall, and other trusted third parties have worked to figure out the nature of this threat. They’ve found that it uses stolen credentials to install ransomware on devices that are vulnerable and have been described as imminent. This means that without immediate action, these threats could become extremely problematic for your business and its technology. SonicWall has been in contact with its customers who were affected in order to inform them about the situation.

Don’t panic, though, there is some good news. The vulnerability that is allowing threats in is a part of the older version of the firmware. If you are using a more recent version of it, this issue will already be patched for you. This is what SonicWall said about this: “SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below and take immediate action.” SonicWall has also detailed the devices that are affected, how they are affected, and what they recommend you do about these issues. If your device has reached its end of life, SonicWall suggests that you take it offline and reset its credentials. If your device is still supported, you should update your firmware immediately to fix the vulnerability. You should also change your user passwords and enable multi-factor authentication.

SonicWall understands the issues that make arise when you upgrade to more recent hardware, so they have issued a statement to their customers about this. “To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we’re providing a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained.” While this is a short-term fix, the long-term fix is to upgrade your hardware.

Threats that target unupgraded firmware and software are not uncommon. It is always important that you do not let your devices reach their end of life. MyTek is here to help you with this and can be there to make sure that your technology is always updated and can’t be affected by threats like the SMA and SRA ransomware. Give us a call today at 623-312-2444.

Table of Contents

HUMANIZING IT AND CREATING IT HAPPINESS IN ARIZONA

Our goal is to reinvent the managed IT experience for growing Arizona businesses through a partnership with no long-term commitments, technology options that are flexible to meet your needs and infrastructure and strategy that position your technology as a competitive advantage.

Download Our Price Sheet