The cyber security company SonicWall officially stated it was the victim of a coordinated attack on its internal systems.
The networking device maker said on Friday night that it is investigating a security breach that looked to be a part of a “coordinated attack” by “highly sophisticated” hackers. This is over a period where the company has seen a dramatic surge in cyber attacks on organisations providing critical infrastructure to businesses and governments. This increase includes not only traditional corporate technology, but also manufacturing and supply chain infrastructure within production plants and laboratories.
The company said that the attack targeted its internal systems by “exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.”
The breach looks to centre around the companies Secure Mobile Access 100 series, which “simplifies end-to-end secure remote access to corporate resources”. The 100 Series solution simplifies end-to-end secure remote access to corporate resources hosted across on-prem, cloud and hybrid data centers.
SonicWall had previously thought that its NetExtender VPN client version 10x may also have been compromised, but supplied an update on Saturday highlighting it was not, along with its firewalls, SMA 1000 series and SonicWave products being unaffected.
SonicWall posted “We believe it is extremely important to be transparent with our customers, our partners and the broader cybersecurity community about the ongoing attacks on global business and government”.
With the increase in cyberattacks across all industries, and on cybersecurity firms themselves, multiple security solutions and a pro-active threat hunting team is the only way to continually protect an organisation.
If you are concerned about your organisations security, get in contact to discover how our Security Operations Centre can protect your endpoints, proactively monitor your network, and proactively hunt vulnerabilities.