Skip to main content

Explained: How MOVEit Breach Shows Hackers' Interest in File Transfer Tools

Ransom-seeking hackers have increasingly turned a greedy eye toward the world of managed file transfer (MFT) software, plundering the sensitive data being exchanged between organizations and their partners in a bid to win big payouts.

Governments and companies globally are scrambling to deal with the consequences of a mass compromise made public on Thursday that was tied to Progress Software's MOVEit Transfer product. In 2021 Accellion's File Transfer Appliance was exploited by hackers and earlier this year Fortra's GoAnywhere MFT was compromised to steal data from more than 100 companies.

So what is MFT software? And why are hackers so keen to subvert it?

Corporate dropboxes

FTA, GoAnywhere MFT, and MOVEit Transfer are corporate versions of file sharing programs consumers use all the time, like Dropbox or WeTransfer. MFT software often promises the ability to automate the movement of data, transfer documents at scale and provide fine-grained control over who can access what.

Consumer programs might be fine for exchanging files between people but MFT software is what you want to exchange data between systems, said James Lewis, the managing director of UK-based Pro2col, which consults on such systems.

"Dropbox and WeTransfer don't provide the workflow automation that MFT software can," he said.

MFT programs can be tempting targets

Running an extortion operation against a well-defended corporation is reasonably difficult, said Recorded Future analyst Allan Liska. Hackers need to establish a foothold, navigate through their victim's network and exfiltrate data — all while remaining undetected.

By contrast, subverting an MFT program — which typically faces the open internet — was something more akin to knocking over a convenience store, he said.

"If you can get to one of these file transfer points, all the data is right there. Wham. Bam. You go in. You get out."

Hacker tactics are shifting

Scooping up data that way is becoming an increasingly important part of the way hackers operate.

Typical digital extortionists still encrypt a company's network and demands payment to unscramble it. They might also threaten to leak the data in an effort to increase the pressure. But some are now dropping the finicky business of encrypting the data in the first place.

Increasingly, "a lot of ransomware groups want to move away from encrypt-and-extort to just extort," Liska said.

Joe Slowik, a manager with the cybersecurity company Huntress, said the switch to pure extortion was "a potentially smart move."

"It avoids the disruptive element of these incidents that attract law enforcement attention," he said.

© Thomson Reuters 2023
 

Apple unveiled its first mixed reality headset, the Apple Vision Pro, at its annual developer conference, along with new Mac models and upcoming software updates. We discuss all the most important announcements made by the company at WWDC 2023 on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.


from Gadgets 360 https://ift.tt/J8aSNUh
Labels:

Comments

Post a Comment

Popular posts from this blog

Samsung Galaxy S24 Series Pre-Order Details Leak Out; Galaxy S24+ Spotted on Walmart Listing

Samsung Galaxy S24 series is expected to be unveiled on January 17 and past rumours have already given us a fair idea of what to expect from the new flagship phones. The most recent leaks suggest video recording upgrades on the Samsung Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra along with some pre-order perks. The regular models are also tipped to be priced lower than their predecessors. The Galaxy S24 Ultra, in contrast, could see a price jump across all three storage variants. Meanwhile, Walmart accidentally listed the Galaxy S24+ on its online website, whereas Samsung retailers in Brazil have also started teasing the phone ahead of the debut. On X (formerly Twitter), Tipster Ice Universe (@UniverseIce)  posted that Samsung's flagship Galaxy S24 phones will be priced slightly lower than expected. He claimed that Galaxy S24 and Galaxy S24+ stock is large this time as the company is optimistic about the upcoming phones. Further, the Galaxy S24 series is said to offer the abili
Post a Comment
Read more

End-of-Season Savings on Convertible Air Conditioners Starting at Rs. 22,990

Check out Croma's latest deals on Convertible Air Conditioners, with prices starting from just Rs. 22,990. This sale brings together top brands like Voltas, Daikin, and Croma, offering a mix of high-tech features and value for money. Whether you're looking for energy-saving options or models with the latest cooling technology, there's something for everyone. Plus, these ACs are more environmentally friendly. Big discounts on the usual prices and special bank offers make this a great time to upgrade your air conditioner. Croma 4 in 1 Convertible 1.5 Ton 3 Star Inverter Split AC Get the Croma 4 in 1 Convertible AC at a great deal of Rs. 28,990, down from Rs. 42,000. Made for compact spaces, this 3-star, 1.5 Ton AC is efficient and eco-friendly, complete with a PM 2.5 filter. HDFC Bank users can avail themselves of an extra discount, making it an even better bargain. Buy now at: Rs. 28,990 (MRP Rs. 42,000) Voltas 183V Vectra Platina 4 in 1 Convertible 1.5 Ton 3 Star Invert
Post a Comment
Read more

Google Pixel Watch 2 Spotted on Google Play Console; Specifications, Chipset Tipped

Google Pixel Watch 2 is expected to launch soon as the successor to the Google Pixel Watch , which was released in October 2022. The debut Pixel Watch model has a 1.2-inch AMOLED touch display protected by 3D Corning Gorilla Glass 5 and an Exynos 9110 SoC. The watch also claimed to have a battery life of up to 24 hours. However, the upcoming Pixel Watch 2 is expected to include an improved SoC and battery. There have been several rumours about the purported smartwatch. The wearable was reportedly spotted on Google Play Console, where some key specifications were listed. A 9to5Google report says that the Pixel Watch 2 was recently spotted on the Google Play Console. The listing shows some key details of the smart wearable, including its processor, display and software specifications. The report says that the watch is likely to be powered by a Qualcomm SW5100 SoC, which claims to be the Snapdragon W5 chipset, not the W5+ variant. It is also tipped to retain 2GB of RAM from the precedi
Post a Comment
Read more