On top of that, there will be numerous considerations about what the IT integration will look like, including network connectivity and business application connectivity.
In its report, ReliaQuest notes that SonicWall devices are often used by small and mid-sized firms, which are often M&A targets of larger companies. However, it said, it can’t be sure firms were targeted by Akira operators because they’d swallowed organizations that had SonicWall devices.
It did say that in the incidents examined, once inside the victims’ networks, the attackers immediately looked for privileged accounts, such as those originating from old managed service provider (MSP) or administrator logins, that had been transferred over during the M&A process. “Crucially, these credentials were often unknown to the acquiring company, and left unmonitored and unrotated post-acquisition,” the report says.
