15 July 2021
Dear ACSC Alert Service subscriber
SonicWall, a network and cyber security appliance vendor, is reporting that ransomware activity is currently targeting their Secure Mobile Access (SMA) and Secure Remote Access (SRA) products. This ransomware activity is reported by SonicWall as abusing stolen credentials.
The ACSC is aware of stolen credentials affecting Australian organisations that were likely the result of vulnerable SonicWall devices being exploited.
The ACSC has previously issued an alert on a remote credential access vulnerability affecting SonicWall products.
Mitigation
Australian organisations should review their networks for the presence of affected SonicWall products which are outlined in the security notice from SonicWall. If vulnerable products are identified, Australian organisations should review and implement the recommended mitigations provided by SonicWall.
Assistance
The ACSC is monitoring the situation and is able to provide assistance and advice as required.
Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 .
Read this alert on the website: https://www.cyber.gov.au/acsc/view-all-content/alerts/sonicwall-devices-targeted-ransomware-utilising-stolen-credentials
Are you a victim of cybercrime? Visit ReportCyber to take your next steps.
We use hyperlinks to give you more information. If you don’t want to click hyperlinks, you can search for the information on the cyber.gov.au.
CONTACT US
Facebook: https://www.facebook.com/cybergovau
Twitter: https://twitter.com/CyberGovAU
Web: www.cyber.gov.au 
