“By isolating critical networks from third-party vendors, cybercriminals are restricted to a limited set of systems or networks in the unfortunate event of a data breach,” he said.
James McQuiggan, security awareness advocate at KnowBe4, says that organizations need to implement various risk mitigation programs to reduce any data breach with a supply chain provider. The groups are using the same website of the gang deploying the Clop ransomware to post copies of stolen data from FTA and threaten victim organizations to release more unless they pay up. Near the end of February, five countries urged IT departments using the application to temporarily isolate or block internet access to and from systems hosting FTA, and to search for indicators of compromise.Īlso, last month researchers at FireEye’s Mandiant threat intelligence division said they believe multiple threat groups are working together in a scheme of Accellion FTA-related data theft and extortion involving a ransomware gang but no deployment of ransomware. Since then, a number of alarms have been raised about FTA.
ACCELLION FILE TRANSFER APPLIANCE UPDATE
“While Accellion maintains tight security standards for its legacy FTA product, we strongly encourage our customers to update to (Accellion) Kiteworks, the modern enterprise content firewall platform, for the highest level of security and confidence,” the company added. That month the company issued a statement saying that in mid-December Accellion was made aware of a vulnerability in FTA and issued a patch. News of Accellion-related breaches began appearing in January. Government victims include the office of the auditor of Washington State. They include Canada’s Bombardier, Qualys, and U.S. The statement didn’t detail when the breach occurred or when it was discovered by Shell.īecause Accellion is used for large file transfers a considerable number of victims are multi-national corporations. “We have also been in contact with relevant regulators and authorities and will continue to do so as the investigation continues.” “Shell is in contact with the impacted individuals and stakeholders and we are working with them to address possible risks,” the statement read. There is no evidence of any impact on Shell’s core IT systems as the file transfer service is isolated from the rest of Shell’s digital infrastructure, the company said in a statement. Shell uses the server for transferring large files. Some contained personal data and others included data from Shell companies and some of their stakeholders.” The company recently admitted that “an unauthorized party gained access to various files during a limited window of time. Energy giant Royal Dutch Shell has become the latest corporation to admit its Accellion FTA file transfer appliance was hacked.
0 kommentar(er)
