SonicWall Attributes September Security Breach to State-Sponsored Threat Actors
SonicWall has officially pointed the finger at state-sponsored threat actors for the security breach in September that resulted in the unauthorized exposure of firewall configuration backup files.
The company stated in a recent release that the malicious activity, attributed to a state-sponsored threat actor, involved the unauthorized access of cloud backup files from a specific cloud environment using an API call. SonicWall clarified that this incident was not connected to the Akira ransomware attacks targeting firewalls and edge devices worldwide.
Although SonicWall did not disclose the country responsible for the breach or provide any specific indicators linking it to a known threat actor or group.
This revelation comes nearly a month after the company announced that an unauthorized party had gained access to firewall configuration backup files for all customers utilizing the cloud backup service. In September, SonicWall revealed that the threat actors only accessed the backup files stored in the cloud for less than 5% of its customers.
After engaging the services of Mandiant, owned by Google, to investigate the breach, SonicWall confirmed that it did not impact its products, firmware, or other systems. The company implemented various remedial actions recommended by Mandiant to strengthen its network and cloud infrastructure, and it is committed to enhancing its security measures.
With nation-state-backed threat actors targeting edge security providers, especially those catering to SMBs and distributed environments, SonicWall aims to solidify its position as a leader for partners and their SMB customers amidst this escalating threat landscape.
SonicWall customers are urged to log in to MySonicWall.com to check their devices and reset credentials for affected services, if necessary. The company has also introduced an Online Analysis Tool and Credentials Reset Tool to identify services requiring remediation and perform security tasks related to credentials.
