Another Year, Another Managed File Transfer Exploit

by | Jan 29, 2024

The Biblical adage “judge not, that ye be not judged” is often misapplied as an excuse to say nothing in the face of obvious error. “Well, nobody’s perfect and so I don’t want to judge that person,” the logic goes. A sentiment often punctuated by the pseudo-scriptural aphorism, “There but by the grace of God go I.” But the idea is to avoid making assumptions about motivations; it has no bearing on assessing actions. If we avoid pointing out the obvious, we risk falling victim to a third cliché: “Those who do not learn from history are doomed to repeat it.”

A New Year Starts Ominously for MFT

Listen, the last twelve months have not been great for managed file transfer. When news broke in February that Fortra’s GoAnywhere platform had been compromised by the Cl0p ransomware gang, it was the first domino to fall. By the end of the year other MFT products, including Aspera, Titan, and ShareFile would be exploited by threat actors as well. And the biggest blow would be the attack on Progress Software’s MOVEit managed file transfer solution which, at last count, affected more than 2,600 organizations resulting in the compromise nearly 90 million individuals’’ personal data.

And now, on the first anniversary of the start of our industry’s not good, very bad year, there was more bad news. It seems that another critical security flaw (CVE 2024-0204) was discovered in the GoAnywhere platform back in December. According to an article in CRN, the vulnerability was discovered by researchers at cybersecurity firm Rapid7 and “can enable an attacker to bypass authentication and has been awarded a severity score of 9.8 out of 10.0.” After learning of the flaw, GoAnywhere updated the product to fix the issue. Even though there may have been no known exploitations of the vulnerability, threat actors are quick to take advantage of any opportunities they find to crack enterprise defenses and steal data.

Be on High Alert

Events from the last year suggest that cybercriminals are looking for ways to compromise managed file transfer systems. That should put vendors and users on high alert and get them to examine their products, deployments, and digital supply chains for weaknesses. And, as always, if you’ve got questions about managed file transfer security, don’t hesitate to get in touch. Whether you use our Diplomat MFT solution, another product, or are examining your options in the market, we can help.