SonicWall Breach Exposes All Cloud Backup Customers' Firewall Configs (csoonline.com) 14
An anonymous reader quotes a report from CSO Online: On Sept. 17, security vendor SonicWall announced that cybercriminals had stolen backup files configured for cloud backup. At the time, the company claimed the incident was limited to "less than five percent" of its customers. Now, the firewall provider has admitted that "all customers" using the MySonicWall cloud backup feature were affected. According to the company, the stolen files contain encrypted credentials and configuration data. "[W]hile encryption remains in place, possession of these files could increase the risk of targeted attacks," SonicWall warns in its press release.
Security specialist Arctic Wolf also warns of the consequences of the incident. "Firewall configuration files store sensitive information that can be leveraged by threat actors to exploit and gain access to an organization's network," explains Stefan Hostetler, threat intelligence researcher at Arctic Wolf. "These files can provide threat actors with critical information such as user, group, and domain settings, DNS and log settings, and certificates," he adds. Arctic Wolf has previously observed threat actors, including nation-state and ransomware groups, exfiltrating firewall configuration files to use for future attacks. SonicWall urges all customers and partners to regularly check their devices for updates. Admins can find additional information here.
Security specialist Arctic Wolf also warns of the consequences of the incident. "Firewall configuration files store sensitive information that can be leveraged by threat actors to exploit and gain access to an organization's network," explains Stefan Hostetler, threat intelligence researcher at Arctic Wolf. "These files can provide threat actors with critical information such as user, group, and domain settings, DNS and log settings, and certificates," he adds. Arctic Wolf has previously observed threat actors, including nation-state and ransomware groups, exfiltrating firewall configuration files to use for future attacks. SonicWall urges all customers and partners to regularly check their devices for updates. Admins can find additional information here.
No surprise (Score:5, Insightful)
The lack of responsible product development will continue until there is adequate responsibility for irresponsible product development.
Yours, Capt. Obvious.
Re: (Score:2)
Alas, that would give us vibe responsibility, not adequate responsibility.
Re: (Score:2)
Nice stream of unconsciousness, AC, but that's not how shit works in real life.
Re: (Score:2)
Indeed. Real liability or things will just get worse. Economics graduates cannot self-regulate, they will just make things cheaper and cheaper until everything breaks.
For really bad failures (such as this one) I would also like to see _personal_ liability of the c-level fuckup responsible.
Don't be so bloody stupid ... (Score:5, Insightful)
and backup sensitive information like this into someone else's cloud. Yes it might be easier but you are just inviting trouble.
Re: (Score:2)
For some reason, if it makes things cheaper, many "decision makers" prefer the "bloody stupid" approach.
Re: (Score:2)
"I know, we'll solve that problem using the cloud!".
Now you have two problems.
Re: (Score:1)
"I know, we'll solve that problem using the cloud!".
To some jokes on that they apparently have their pie in the sky (specifically the cloud). Or is it the whole have a cake and eat it too thing in the sky? Wonder if being in the in the cloud give brain fog?
The Cloud is based on Trust. (Score:3)
That is what the cloud is good for (Score:2)
Save some time figuring out who to email the alert (Score:2)
Let's see if they also put all email addresses in the CC field.
Wah-wah-waaaaah (Score:2)