SonicWall has issued a warning about a rise in cyberattacks aimed at their Generation 7 firewalls over the past 72 hours.

SonicWall has issued an urgent security advisory due to a significant rise in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72 hours. The company is actively investigating a series of attacks that seem to focus on devices with the Secure Sockets Layer Virtual Private Network (SSLVPN) feature enabled. In a statement to partners and customers, SonicWall confirmed that it is analysing a surge of threat activity reported both internally and externally. This alert has been amplified by notable third-party cybersecurity research teams, including Arctic Wolf, Google’s Mandiant, and Huntress, who have also observed and highlighted these malicious campaigns. Central to the investigation is the critical question of whether the ongoing attacks exploit a previously disclosed vulnerability or if threat actors are leveraging a new, undiscovered flaw. SonicWall has assured its user base that it is collaborating closely with external threat research partners to dissect the attacks and identify the root cause.

In light of these developments, SonicWall has strongly advised all customers using Gen 7 firewalls to take immediate defensive measures to mitigate their exposure. The primary recommendation is to disable SSLVPN services wherever practical. For organisations where disabling SSLVPN is not feasible, SonicWall has outlined essential security steps to implement immediately. These include restricting access by limiting SSLVPN connectivity to known and trusted source IP addresses, enabling security services such as Botnet Protection and Geo-IP Filtering, and enforcing Multi-Factor Authentication (MFA). While MFA is a critical best practice, SonicWall has warned that it may not be sufficient against the specific activities currently under investigation. Administrators are urged to audit user accounts, removing any inactive or unused local accounts, and to practice strong password hygiene. SonicWall emphasises the importance of remaining vigilant and applying these mitigations without delay.