In the first half of 2023, both MOVEit and GoAnywhere Managed File Transfer (MFT), widely used file transfer solutions, fell victim to significant cyberattacks, revealing exploitations of sophisticated zero-day vulnerabilities. These incidents underscore the need for organizations of all sizes to engage with software vendors who prioritize implementing stringent security measures.
MOVEit experienced three separate breaches at the hands of a Russian-speaking crime syndicate known as Clop. The criminals took advantage of an SQL injection flaw to gain unauthorized access to various organizations' data, with victims ranging from Zellis, the Canadian province of Nova Scotia, British Airways, the BBC, to the UK retailer Boots.(1)
In a parallel development, the ransomware group Cl0p exploited a vulnerability (CVE-2023-0669) in Fortra's GoAnywhere MFT, breaching more than 130 organizations. The vulnerability allowed unauthorized remote code execution and data theft, with notable victims such as Rubrik, Hitachi Energy, Crown Resorts, and the UK's Pension Protection Fund (PPF).(2)
Despite the numerically limited reported breaches, the extensive repercussions of these cyberattacks shine a spotlight on the inherent security risks in file transfer software, thus necessitating the implementation of robust security measures.
Best-in-class software vendors, typically equipped with substantial resources and expertise, invest heavily in research and development to create highly secure and robust products. They engage leading cybersecurity professionals, develop advanced threat intelligence mechanisms, and respond swiftly to newly identified vulnerabilities.
Furthermore, these software providers extend their security solutions beyond the software itself, offering real-time threat monitoring, prompt patch application, and dedicated customer support. As evidenced by the breaches of both MOVEit and GoAnywhere, rapid patch implementation is a critical factor in preventing vulnerability exploits. Larger companies usually have the infrastructure to efficiently distribute these patches.
In addition, these leading software vendors often employ robust incident response strategies, helping customers to minimize the damage when breaches occur. This proactive approach can be pivotal in the rapidly evolving landscape of cybersecurity.
The recent cyberattacks on MOVEit and GoAnywhere serve as stark reminders of the importance of robust security measures in managed file transfer solutions. In the face of the increasingly sophisticated cyber threat environment, it becomes paramount for organizations to rely on best-in-class software vendors capable of offering enhanced security measures. The value of these vendors is not just in their advanced products, but also in their swift actions, regular updates, and the robust support necessary to tackle cyber threats.
By David Heath
Comments