All Known Vulnerabilities Closed and Migration Efforts Continue

Accellion, Inc., provider of the industry’s first enterprise content firewall, today issued an update on the recently reported security incident regarding FTA, Accellion’s legacy large file transfer product.

Accellion FTA, a 20 year old product nearing end-of life, was the target of a sophisticated cyberattack. All FTA customers were promptly notified of the attack on December 23, 2020.  At this time, Accellion has patched all known FTA vulnerabilities exploited by the attackers and has added new monitoring and alerting capabilities to flag anomalies associated with these attack vectors.

Accellion kiteworks Content Firewall Unaffected

All vulnerabilities are limited exclusively to FTA.  They do not in any way impact Accellion’s enterprise content firewall platform known as kiteworks. The vast majority of Accellion’s clients reside on the kiteworks platform, which is built on an entirely different code base, using state-of-the-art security architecture, and a segregated, secure development process.

In mid-December, Accellion was made aware of a zero-day vulnerability in its legacy FTA software. Accellion released a fix within 72 hours. This initial incident was the beginning of a concerted cyberattack on the Accellion FTA product that continued into January 2021. Accellion identified additional exploits in the ensuing weeks and rapidly developed and released patches to close each vulnerability. Accellion continues to work closely with FTA customers to mitigate the impact of the attack and to monitor for anomalies.

Accellion FTA Customers Encouraged to Upgrade to kiteworks

“Our latest release of FTA has addressed all known vulnerabilities at this time,” commented Frank Balonis, Accellion’s Chief Information Security Officer. “Future exploits, however, are a constant threat. We have encouraged all FTA customers to migrate to kiteworks for the last three years and have accelerated our FTA end-of-life plans in light of these attacks. We remain committed to assisting our FTA customers, but strongly urge them to migrate to kiteworks as soon as possible.”

FTA’s maturity notwithstanding, these exploits demonstrate a highly sophisticated attack. In 2021, every software security provider must not only demonstrate secure software architecture but must also be proficient at cyberwarfare. Accellion is uniformly committed to protecting its customers and their supply chain partners from cyber criminals by preventing breaches and compliance violations, rapidly responding to cyberattacks in process, and mitigating the impact of incursions with extensive forensics and customer support.  In regard to this incident, Accellion is contracting with an industry-leading cybersecurity forensics firm to conduct a compromise assessment and will share their findings when available.

FTA customers are encouraged to contact Accellion customer support for additional information at support@accellion.com.

To learn more how the flagship Accellion kiteworks platform helps organizations secure their third party communications, please visit Enterprise Content Firewall.

 

About Accellion

Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.

Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.

Lancez-vous.

Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

Comienza ahora.

Es fácil empezar a asegurar el cumplimiento normativo y gestionar los riesgos de manera efectiva con Kiteworks. Únete a las miles de organizaciones que confían en su plataforma de comunicación de contenidos hoy mismo. Selecciona una opción a continuación.

Explore Kiteworks