State-Sponsored Hackers Blamed for SonicWall’s September Cloud Backup Breach

Bassyonni

ago 2 hours

State-Sponsored Hackers Blamed for SonicWall’s September Cloud Backup Breach

SonicWall has officially attributed its September cloud backup breach to state-sponsored hackers. This security incident involved unauthorized access to firewall configuration backup files. The breach occurred through an API call within a specific cloud environment, as stated by SonicWall in a recent press release.

Details of the September Breach

In a statement, SonicWall clarified that the breach affected less than 5% of its cloud backup service customers. The company initially reported unauthorized access nearly a month ago, which raised concerns among its users. However, it reassured that the incident was separate from the ongoing Akira ransomware attacks targeting firewalls and edge devices worldwide.

Investigation and Response

SonicWall engaged Mandiant, a cybersecurity firm owned by Google, to investigate the breach. The findings confirmed that the compromised files did not impact SonicWall’s products, firmware, or other systems. To enhance security, SonicWall has implemented several remedial actions recommended by Mandiant.

Collaboration with Mandiant for breach investigation.
No impact on existing products or services confirmed.
Remedial actions taken to secure network and cloud infrastructure.

Security Recommendations for Customers

SonicWall has urged its customers to take proactive steps following the breach. Users should log in to MySonicWall.com to check the status of their devices. If any services were impacted, customers are advised to reset their credentials immediately.

Tools for Enhanced Security

To aid in these security measures, SonicWall has introduced two new tools:

Online Analysis Tool: Helps identify services needing remediation.
Credentials Reset Tool: Assists in performing credential-related security tasks.

In light of rising threats from nation-state hackers, SonicWall emphasizes its commitment to fortifying its security posture. The company aims to maintain its leadership role, particularly for small and medium-sized businesses (SMBs) facing increased risks.