A new bug is found in a cloud system which is used to manage the SonicWall firewall. As per the reports, this bug can allow hackers to break into thousands of corporate networks. The firewalls and virtual private network have proper gatekeepers which can protect the corporate network from hackers and cyber attacks. Currently, they are also allowing the employees to work from home because of the pandemic. Hackers are actively looking for opportunities so that they can find bugs in the network and break into the systems of the company.
A researcher from a security firm successfully found a new bug in the SonicWall’s Global Management System (GMS). This system was created for the IT department of the company so that all of the employees can remotely access the SonicWall devices across the network. If the hackers get hold of the bug then they can create a user account which can access the data of the company very easily. The account created by the hacker can access the information of the company and manage the SonicWall gear of that company.
The two problems that the hacker can face before attacking the company’s information is to first have a SonicWall GMS user account. This issue is solved very quickly because the hacker can just buy a SonicWall device. The second barrier for the hacker will be the unique 7 digit number associated with the company’s network. As per the researcher, the unique number is in a sequence. Thus, the hacker will be very quick to guess the unique number because it is not really unique. If the hacker is able to go inside the company’s network then he will be able to inject the ransomware directly to the network. A financial hack can take place very easily.
Although, the company has recently fixed the bug but have taken more than two weeks to patch it.