Summary is AI-generated, newsdesk-reviewed
  • Akira ransomware exploits SonicWall SSL VPNs, spiking global cyberattack incidents on organizations.
  • Resetting credentials, enforcing MFA, and timely updates essential for VPN security.
  • S-RM: Poorly configured VPNs risk breaches that disrupt banking, healthcare, and remote work.
Related Links

Global cyber risk consultancy S-RM has reported a sharp increase in ransomware incidents exploiting SonicWall firewall devices with SSL VPN enabled. The activity, tied to the Akira ransomware strain, is impacting organizations worldwide and has knock-on effects for everyday users.

The warning comes amid heightened national debate around the UK Government’s Online Safety Act and the security implications of VPN usage. S-RM says the latest attacks are a timely reminder that while VPNs can be essential security tools, poorly configured or incompletely patched VPN infrastructure can be a gateway for cybercriminals.

S-RM’s investigation

Key points from S-RM’s investigation include:

  • The Akira ransomware group is exploiting incomplete remediation of the earlier software vulnerabilities to gain initial access, even on devices that have been patched
  • Post-compromise tactics include privilege escalation on SQL servers, creation of local accounts, network reconnaissance, data exfiltration, and ransomware deployment
  • Files encrypted by Akira carry the extensions ‘.arika’ or ‘.akira’

Enterprise infrastructure breaches

Ted Cowell, Head of Cyber Security UK at S-RM, comments: “These cases show that patching alone is not a silver bullet. If you don’t reset credentials, enforce MFA across the board, and actively hunt for suspicious activity, you could already be compromised.”

While the attacks are aimed at enterprise infrastructure, the fallout doesn’t stop there. Breaches can cause service outages, lock people out of online banking, delay healthcare appointments, or disrupt remote work. The message is simple: whether you’re a business or an individual, VPN security matters – and the Online Safety Act debate should remind us that how we configure and maintain these tools is just as important as whether we use them.”

S-RM urges all organizations using SonicWall SSL VPNs to:

  • Update firmware to the latest version
  • Reset all user and service account passwords
  • Enforce MFA for all accounts
  • Remove unused accounts
  • Conduct immediate threat hunting for signs of compromise

Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.

  • Related companies
  • S-RM
  • View all news from
  • S-RM

Related videos

Insta DomainLink Secret™

Insta DomainLink Secret™
Wan 2.2-S2V Demo Video: Female Singer

Wan 2.2-S2V Demo Video: Female Singer
Dahua MultiVision Online Event - Look Wider, Protect Deeper

Dahua MultiVision Online Event - Look Wider, Protect Deeper

In case you missed it

What Are Emerging Applications For Physical Security In Transportation?
What Are Emerging Applications For Physical Security In Transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher's Perimeter Solutions With Fortified Partnership
Gallagher's Perimeter Solutions With Fortified Partnership

Global security manufacturer Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years o...

Genetec's Role In Data Sovereignty For Security
Genetec's Role In Data Sovereignty For Security

Genetec Inc., the global pioneer in enterprise physical security software, highlights why data sovereignty has become a central concern for physical security leaders as more survei...

Featured white papers
The Key To Unlocking K12 School Safety Grants

The Key To Unlocking K12 School Safety Grants

Download
Honeywell GARD USB Threat Report 2024

Honeywell GARD USB Threat Report 2024

Download
Physical Access Control

Physical Access Control

Download
The 2024 State Of Physical Access Trend Report

The 2024 State Of Physical Access Trend Report

Download
The Security Challenges Of Data Centers

The Security Challenges Of Data Centers

Download
More corporate news
2025 OSPAs: Allied Universal's Security Excellence

2025 OSPAs: Allied Universal's Security Excellence
VIVOTEK's AI Strategy Boosts Security Solutions

VIVOTEK's AI Strategy Boosts Security Solutions
Gallagher Security Insights: 2026 Trends Survey Open

Gallagher Security Insights: 2026 Trends Survey Open
Featured products
Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)

Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)
Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises

Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises
Delta Scientific MP100 Portable Barricade Solution

Delta Scientific MP100 Portable Barricade Solution