rocketwise

On Friday evening (January 22nd), SonicWall released a security notice that their internal systems were compromised by unknown hackers that leveraged a “zero-day” vulnerability in their VPN product.

Why does it matter?

As many dealerships in North America find their networks behind SonicWall firewalls, this is an incident that needs to be watched carefully.

What does this vulnerability do?

At the moment, SonicWall has stated that the potential impact would allow unauthorized access by third parties (hackers) to a dealership’s internal networks at any given branch location.

What we know.

Update: 1/25/2021
As we’ve been monitoring the situation with the SonicWall vulnerabilities, they have released a few updates over the weekend.
 
In short, the NetExtender VPN Client (which was initially thought to be vulnerable) has now been determined by SonicWall to be unaffected.
 
They have also narrowed down the list of affected SonicWall firewalls to their SMA 100 series firewalls.
 
If you any of your dealership locations use an SMA 100 firewall, it is recommended that you make certain to disable Virtual Office and HTTPS administrative access from the Internet.
 
As SonicWall continues to investigate these exploits, we will keep you posted with any further recommendations.
 
Initial Update: 1/23/2021
Initial reports from SonicWall are not entirely clear. It appears that vulnerabilities exist within NetExtender VPN Client software, SonicWall SMA-series firewalls and (possibly) all other firewall models. The recommendations by SonicWall at this point are to either white-list all known IP addresses for remote access or to disable all VPN services on your firewalls.
 
As many dealership remote users are individuals working from a variety of locations at any given time, the white-listing method will most likely prove very burdensome to implement.
 
Other Resources:

Written by

Kevin possesses the unique ability to understand, and explain in non-threatening and non-technical ways how technology, business and team members work with, and sometimes, against each other. He has an innate ability to understand how technology works at the basic conceptual level and how it interacts with hardware, software, networking, people and business processes. A rare combination in today's technology arena.

Kevin lives in Charleston, South Carolina with his bride Summer, their two sons - Caleb and Isaiah - and their Vizsla wonder dog Dexter.

WHAT OUR EXPERTS HAVE TO SAY

Password Managers

Published by Kevin Landers on January 7, 2022

Multi-Factor Authentication (MFA)

Published by Kevin Landers on January 7, 2022

Risks of Compromised Passwords

Published by Kevin Landers on January 7, 2022