Skip to main content

SonicWall Releases Urgent Security Notice of Potential Ransomware Attacks

Ransomware campaign targeting unpatched and end-of-life SMA and SRA products
Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

SonicWall PSIRT has released an urgent security notice detailing an ongoing ransomware campaign targeting their SMA and SRA products running older and vulnerable firmware versions. Organisations running these versions are exposing themselves to the risk of attacks.


Affected platforms

The following platforms are known to be affected:

SonicWall Secure Mobile Access (SMA) 100 series Versions: all versions running 8.x firmware

SonicWall Secure Remote Access (SRA) Versions: all versions running 8.x firmware


Threat details

Imminent ransomware attacks

Attackers are actively targeting a known vulnerability in Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running 8.x firmware. This firmware is end-of-life (EOL) and the vulnerability has been patched in newer versions of the firmware (9.x and later).

SonicWall advise that organisations failing to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack.


Remediation advice

Affected organisations should review the SonicWall Urgent Security Notice and ensure all affected products are updated to a non-vulnerable firmware version.


Last edited: 15 July 2021 2:30 pm