Defend Against File Transfer Exploits with Secure Protocols and Advanced Email Protections
The zero-day vulnerability attack of Progress Software’s MOVEit file transfer app and subsequent massive data breaches of major organizations continues to unfold, highlighting an increase in this form of exploitation. Major players involved in the hit include HR software provider Zellis, the BBC, British Airways, and the government of Nova Scotia, Canada. Due to the sensitive nature of the compromised data, it’s not surprising that the ransom demands are now rolling in.
MOVEit’s managed app for transferring large files and sensitive data is used by thousands of organizations including Chase, GEICO, and US federal agencies. An SQL injection vulnerability in MOVEit was actually discovered approximately two years ago and malicious actors conducted careful reconnaissance and testing before unleashing the devastating attack.
File transfer tools are attractive and popular targets
For the cyber gang involved and numerous malicious actors, file transfer application exploits yield very high-value data for ransoms or sales on the dark web. Large businesses in particular are sending and receiving very sensitive data in significant volumes every day, as well as maintaining large data storage pools. If hackers successfully execute an SQL injection, it potentially enables them to execute remote code that makes changes to a device and allows the exfiltration of data.
While application flaws can be discovered by companies and patch updates can be issued, it may be too late if attackers gain the advantage before patching. Additionally, many companies fail to implement an expedient response to patching protocols, paying dearly for the delay.
The importance of secure file sharing
Businesses and consumers rely upon the ability to send and receive information to conduct transactions and acquire services. We now benefit from technology that enables the immediacy of this process with to-and-from simplicity. However, the risks of data transfer and file sharing have increased exponentially with the rise in digitalization and the remote BYOD movement.
It is vitally important to handle private and sensitive information with extreme care and businesses must create that internal climate of care while deploying adequate protections. The most common pathway for data sharing is via email; however, storage and file size limitations often cause users to seek workarounds like using consumer-grade file-sharing services such as Dropbox, Google Drive, Microsoft OneDrive, and others, to overcome the restrictions. Unfortunately, these services lack robust data protections leading to possible data leakage, IP loss, poor control over where data resides, DDoS attacks, and ultimately, data breaches. Businesses, in addition to employing advanced email protections, need to enforce the use of business-grade file-sharing services that offer greater protection.
Secured and unsecured transfer protocols
The requisites of security best practices employ protocols that encrypt data over the network, in transit, and storage, and require strong authentication of the sender and recipient.
HTTP using Transport Layer Security (TLS) encrypts data in transit and is supported by most web servers. HTTPS typically only provides authentication of the server end, requiring the addition of multi-factor authentication.
Simple Mail Transfer Protocol (SMTP) for transmitting email messages and attachments frequently sends data through a number of machines before it ends up in the recipient’s email inbox, and performs no user authentication or data encryption.
File Transfer Protocol (FTP) alone lacks significant security features, however, FTPS (File Transfer Protocol Over SSL/TLS) offers encryption and uses a Secure Sockets Layer (SSL) to enable private and secure communications across a network. FTPS uses SSH (secure shell) for authentication and strong encryption algorithms like AES and Triple DES to secure data exchange.
In order to thwart data transfer vulnerabilities and threats, businesses should consider:
- Business-grade services that include visibility to monitor data in transfer, access controls, compliance, and e-discovery
- Business-focused cloud services that offer data backups and redundancies to ensure ready access to files
- More integrated systems that include other key capabilities, such as email security, privileged access management, and zero trust network (ZTN)
- Training users on the risks of data transfer and enforcement of best practices
The best systems for secure file-sharing and document management are business-level solutions that encourage the highest level of team compliance and data protection.
RevBits advanced email and cybersecurity solutions cover the entire threat landscape
RevBits full suite of cybersecurity solutions protects endpoints, emails, networks, and privileged accounts. All of these vulnerability vectors are protected by RevBits patented next-gen technology.
RevBits advanced email security features:
- Advanced phishing detection with +50 unique algorithms
- Advanced page impersonation detection
- Advanced URL threat analysis
- Scanning of password-protected attachments
- Real-time and continuous security education for end users
- Only solution with an SEG-based analysis capability and endpoint-based inbox analysis agent
The only way to develop a strong security posture is to employ the most robust tools on the market. To learn more about RevBits cybersecurity solutions visit https://www.revbits.com/
Originally published on www.revbits.com
