12/22/2023 0 Comments Accellion breach washington state![]() ![]() The company says it has been working for three years to transition customers away from FTA and onto its new platform, Kiteworks. The company had already planned to end support for FTA on April 30, and had discontinued support for its operating system, Centos 6, on November 30. “In some instances observed, the attacker has subsequently extorted money from victim organizations to prevent public release of information exfiltrated from the Accellion appliance.”Īccellion has consistently emphasized that its FTA product, which has been around for more than 20 years, is at the end of its life. “Worldwide, actors have exploited the vulnerabilities to attack multiple federal and state, local, tribal, and territorial government organizations as well as private industry organizations including those in the medical, legal, telecommunications, finance, and energy sectors,” the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said at the end of February in a joint statement with international authorities. The Accellion hackers, however, look to be motivated by criminal profit. ![]() Both of those initiatives appear to have hit thousands of companies, but primarily for espionage purposes. “By definition, everything sent through Accellion FTA was pre-identified as sensitive by the user.”Īccellion FTA exploitation has made the news in recent months along with massive nation-state hacking sprees that targeted the IT services firm SolarWinds and the managed email system Microsoft Exchange Server. “These vulnerabilities are particularly damaging, because in a normal case an attacker has to hunt to find your sensitive files, and it’s a bit of a guessing game, but in this case the work is already done,” says Jake Williams, founder of the security firm Rendition Infosec, which is working on remediating an Accellion FTA-related breach. The four vulnerabilities are in Accellion’s File Transfer Appliance, essentially a dedicated computer used to move large and sensitive files within a network. Last week, cybersecurity firm Qualys also acknowledged that it was a victim. Known victims include the Reserve Bank of New Zealand, the state of Washington, the Australian Securities and Investments Commission, the Singaporean telecom Singtel, the high-profile law firm Jones Day, the grocery store chain Kroger, and the University of Colorado. The hackers appear to have connections to the financial crimes group FIN11 and the ransomware gang Clop. On March 1, security firm FireEye announced the results of its investigation, concluding that two separate, previously unknown hacking groups carried out the hacking and the extortion work, respectively. Since then, dozens of companies and government organizations worldwide have acknowledged that they were breached as a result of the flaws-and many face extortion, as the ransomware group Clop has threatened to make their data public if they don’t pay the monies demanded. Wired reported on March 8 that firewall vendor Accellion released a patch in late December2020, and then more fixes in January, to address a cluster of vulnerabilities in one of its network equipment offerings. Accellion Breach Worsens: Dozens of Companies and Government Organizations Compromised ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |