Routine mergers and acquisitions are giving extortionists an easy way in, with Akira affiliates reaching parent networks through compromised SonicWall gear inherited in the deal, according to ReliaQuest.

In every Akira attack the threat detection firm analyzed between June and October that involved buggy SonicWall SSL VPN appliances , the ransomware operators gained access to the bigger, acquiring enterprises because they had already compromised the smaller companies' SonicWall gear.

"In these cases, the acquiring enterprises were unaware that these devices existed in their new environments, leaving critical vulnerabilities exposed," ReliaQuest threat intel analyst Thomas Higdon said in a Tuesday blog.

Over the summer, Akira affiliates exploited buggy SonicWall firewalls and SSL VPN mis

See Full Page