SonicWall Says It Was Victim of ‘Sophisticated’ Hack

(Bloomberg) -- The cybersecurity company SonicWall Inc. said it was the victim of a coordinated attack on its internal systems by “highly sophisticated” hackers.

The Silicon Valley-based company said it’s investigating a compromise in its Secure Mobile Access 100 series, which “simplifies end-to-end secure remote access to corporate resources,” according to the company website.

SonicWall had previously said its NetExtender VPN client version 10x may also have been compromised, but the company ruled that out in an updated statement on Saturday. It also said SonicWall firewalls, SMA 1000 series and SonicWave access points aren’t affected.

The company is still investigating whether attackers exploited a so-called “zero day” -- a newly discovered software flaw -- in the SMA 100 series product.

Shevaun Betzler, a company spokesperson, said that a few thousand devices have been impacted.

It wasn’t clear if the SonicWall breach was related to the recent cyber-attack against U.S. government agencies and companies -- including cybersecurity firms -- by suspected Russian hackers, which authorities have described as sophisticated.

The initial discovery of that attack in December determined that the hackers had breached widely used software by Texas-based SolarWinds Corp.

As many as 18,000 SolarWinds customers received the malicious code in updates of the company’s Orion software, though it’s believed that hackers initiated further attacks on far fewer entities.

However, the hackers used other methods to infiltrate computer networks, some of which have recently been disclosed. For instance, the cybersecurity company Malwarebytes Inc. said on Jan. 19 that it had been targeted by the suspected Russian hackers who abused “applications with privileged access to Microsoft Office 365 and Azure environments.”

(Updated with new details in fifth paragraph about number of devices impacted.)