Jack Rhysider

Not only that, Sophos was worried that they had lost capability to update any of their firewalls properly.

So the attackers took copies of the configurations from the firewalls and then passwords from it?

This was a pretty darn scary event for the Sophos team to handle.

Okay, step one, fix the bug that made these things vulnerable.

And step two is get the bug fixed on as many firewalls as soon as possible.

They were able to complete step one pretty quick, but step two was a little bit more tricky.

If you buy a firewall, whether for your home or a large enterprise, typically you've got to update it yourself, just like how you have to do your own software updates on your phone or computer.

And Sophos firewalls are no different.

The customers are the ones who have to issue updates for this thing.

But to Sophos, this was too critical of a bug to try to tell 80,000 customers, go update your firewalls.

Because I'm just guessing that like less than 50% of them would do it in the first month.

There's just not enough time or it's not a high enough priority for them to fix it.

So Sophos decided to do something they've never done before.

This was the first time Sophos ever issued a hotfix to one of their customers' devices.

Yeah, I think this is a really big deal.

Like, it makes me wonder if there's language in the small print of the terms of service that says Sophos reserves the right to make configuration changes to your firewall or update it whenever they want.

Gosh, I really don't know where I stand on this.

I was a firewall admin for my previous employer for 10 years.

Those Cisco firewalls were my babies.

I knew everything about them.