Urgent CERT NZ advisory for SonicWall devices

[Andy]

CERT NZ has issued an urgent advisory regarding end of life (EOL) SonicWall devices being targeted by ransomware attacks. What does this mean? If you use a SonicWall device you may be at risk of being targeted by ransomware. Important: If you’re using a SonicWall a device please let us know as soon as possible and confirm whether you have followed CERT NZ’s advice. How do I know if my organisation is at risk? SonicWall devices The following range of SonicWall devices are affected by this vulnerability: SRA 4600/1600 SRA 4200/1200 SSL-VPN 200/2000/400 SMA 400/200 SMA 210/410/500v using 8.x firmware SonicWall firmware Your organisation could also be at risk of this attack if you’re using any devices with 8.x firmware from SonicWall, or firmware versions 9.x before 9.0.0.10-28sv and 10.x before 10.2.0.7-34sv. If you’re unsure whether your organisation is impacted or not, we recommend checking with your trusted IT contact as we know this information is technical. What can I do to protect my organisation? SonicWall devices SonicWall recommends that if your organisation is using any of the devices above, please disconnect or upgrade these immediately. SonicWall firmware If your organisationhas a SonicWall device that’s still under support, but using 8.x firmware then please immediately upgrade to the latest version from SonicWall. Organisations with 9.x should immediately update to 0.0.10-28sv or later. Organisations with 10.x should immediately update to 10.2.0.7-34sv or later. Organisations with any of these devices should urgently reset all associated passwords and enable Multi-factor Authentication (MFA). You can find links to the firmware updates on SonicWall’s security notice. We’re here to help, so if you have any questions please feel free to post down below.