SonicWall Confirms State-Sponsored Hackers Behind the Massive Firewall Backup Breach

SonicWall, a global cybersecurity company, confirmed that state-sponsored hackers were behind a recent incident involving unauthorized access to firewall backup files.

The breach began in early September, when the company detected suspicious activity involving the download of backup firewall configuration files stored in a cloud environment.

Upon discovery, SonicWall quickly activated its incident response plan, called in Mandiant, a well-known cybersecurity response firm, and notified partners and customers directly.

The company maintained frequent and transparent communication, hosting live Q&A sessions and providing tools and guidance to help partners respond effectively.

SonicWall also offered commercial concessions to support partners as they worked through remediation steps.

Mandiant Investigation Reveals Cloud-Isolated Attack

Mandiant’s thorough investigation has now concluded. The results show that the attackers, linked to a state-sponsored threat group, used an API call to access cloud backup files stored in a specific cloud environment.

According to the findings, this incident did not relate to the recent global Akira ransomware attacks targeting firewalls and edge devices.

Importantly, SonicWall confirmed that its products, firmware, and other systems, like source code and customer networks, were not impacted or compromised.

All remediation actions recommended by Mandiant have been implemented, and SonicWall continues to work closely with security experts to strengthen its cloud and network infrastructure further.

The company emphasized that its long-standing focus on security excellence and partner support remains firm. Earlier in the year, SonicWall launched a Secure by Design modernization initiative.

This included updates to product architecture, cloud operations, internal cybersecurity practices, and the appointment of a new Chief Information Officer.

The company also continues to invest in advanced response teams and cutting-edge security tools. SonicWall’s determination to stay ahead is underscored by external validation.

Even as nation-state threat actors increasingly target security vendors, SonicWall is committed to transparency, strong partnerships, and relentless improvement to safeguard its customers and partners worldwide.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post SonicWall Confirms State-Sponsored Hackers Behind the Massive Firewall Backup Breach appeared first on Cyber Security News.