Professional Documents
Culture Documents
Name
Course
Tutor
Date
Using several zero-day vulnerabilities and a new web shell, hackers could penetrate up to 100
companies and steal confidential data using Accellion's legacy File Transfer Appliance (FTA).
The attack exploited an SQL injection flaw in the FTA web interface, an XSS flaw in FTA's file
manager, a blind SQL injection and command injection flaw in FTA's administrative interface,
and an unauthorized upload vulnerability. The extortionist group could steal data from Jones Day
law firm, Kroger stores, and Shell Oil company along with other government and educational
institutions by exploiting a security flaw that was in Accellion legacy file transfer software.
Accellion's File Transfer Appliance, which is a dedicated device used to push massive and
sensitive files through a network, had four vulnerabilities. The stolen data included invoices,
purchase orders, and personal information like social security numbers. After the data theft, they
threatened victims via email for ransom else they would publish the stolen information on the
Clop leak site. The victims reached out to Accellion, but because of laxity, the breach became
severe, and more data was stolen. Accellion is now facing several lawsuits in Northern California
and Washington state court because of the widespread intrusions. Companies like Kroger took
immediate actions by canceling Accellion from its software stack, though the company moved
Upon detection of vulnerabilities in the FTA, Accellion did not move fast enough to patch the
software vulnerabilities. Accellion then issued a public statement that it had patched all known
vulnerabilities displayed internal communication challenges. Reluctancy also played a major role
in aggravating the attack. Accellion had recommended that companies move to their latest and
secure content sharing platform and firewall Kiteworks for years, issuing incentives as free data
It is imperative that companies by carrying out routine audits of their network infrastructure
monitoring incoming and outgoing traffic. Software that accesses resources like the internet must
be updated regularly. I would slowly phase out old and legacy software with poor vendor
support. I would have assisted the organization in moving to the secure Kiteworks upon
recommendation by Accellion. I would help the organization in making sure the migration
process is smooth and efficient and retrain employees on the usage of the new system. I would
employ a multilayered approach to securing the network infrastructure from the most basic
employees on basic system security like the importance of sophisticated passwords, phishing,
and eavesdropping.
REFERENCES
https://www.wired.com/story/accellion-breach-victims-extortion/