Latest warning From ACSC. SonicWall Devices Targeted With Ransomware Utilising Stolen Credentials

High Alert - Act Quickly
15 July 2021

Dear ACSC Alert Service subscriber

SonicWall, a network and cyber security appliance vendor, is reporting that ransomware activity is currently targeting their Secure Mobile Access (SMA) and Secure Remote Access (SRA) products. This ransomware activity is reported by SonicWall as abusing stolen credentials.

The ACSC is aware of stolen credentials affecting Australian organisations that were likely the result of vulnerable SonicWall devices being exploited.

The ACSC has previously issued an alert on a remote credential access vulnerability affecting SonicWall products.


Australian organisations should review their networks for the presence of affected SonicWall products which are outlined in the security notice from SonicWall. If vulnerable products are identified, Australian organisations should review and implement the recommended mitigations provided by SonicWall.


The ACSC is monitoring the situation and is able to provide assistance and advice as required.

Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 .

Read this alert on the website:

Are you a victim of cybercrime? Visit ReportCyber to take your next steps.

We use hyperlinks to give you more information. If you don’t want to click hyperlinks, you can search for the information on the
Web: Facebook\ 32x32 Twitter\ 32x32 YouTube\ 32x32