Mandiant validates full remediation of all known security vulnerabilities in the FTA product
Palo Alto, CA | March 1, 2021
Accellion, Inc., provider of Kiteworks, the industry’s first enterprise content firewall, today issued a statement with regards to the previously reported cyberattacks on Accellion’s legacy File Transfer Appliance (“FTA”) product.
As previously disclosed, Accellion engaged FireEye Mandiant, a leading cybersecurity forensics firm, to conduct an investigation into the sophisticated cyberattacks on Accellion’s legacy FTA software in December 2020 and January 2021, and to review the FTA software for any other potential security vulnerabilities. Today, Mandiant has shared its full and final report with Accellion, which includes the following key findings:
- All known FTA vulnerabilities have been remediated: Following penetration testing and code review, Mandiant has validated that Accellion has closed all known FTA vulnerabilities with patches issued soon after the vulnerabilities were identified.
- Mandiant did not identify any additional vulnerabilities that were exploited by the attackers: The previously remediated vulnerabilities were the only ones known to be involved in the December 2020 and January 2021 attacks. During their investigation, Mandiant identified two new vulnerabilities, which have since been patched, accessible only by authenticated FTA users. Mandiant found no evidence that these vulnerabilities were exploited by threat actors.
Charles Carmakal, SVP and CTO of FireEye Mandiant, said, “We worked closely with the Accellion team over the past several weeks to review the Accellion FTA solution. We have concluded our security assessment and determined that effective patches have been made available for all Accellion FTA vulnerabilities known to have been exploited by threat actors in December 2020 and January 2021. As part of our engagement, Mandiant performed penetration testing and code review of the latest version of the FTA solution (9.12.444) and we have confirmed that Accellion has closed all identified FTA vulnerabilities.”
“Since becoming aware of these attacks, our team has been working around the clock to develop and release patches that resolve each identified FTA vulnerability, and support our customers affected by this incident,” said Jonathan Yaron, Accellion’s Chief Executive Officer. “I want to thank the Mandiant team for their expert collaboration in investigating this incident and reviewing our software to ensure all known FTA vulnerabilities have indeed been closed. To better ensure customer security in today’s dynamic threat environment, we have decided to accelerate FTA’s end-of-life to April 30, 2021 and continue to strongly urge all FTA customers that have not done so already to upgrade to the Kiteworks® platform as soon as possible.”
Accellion’s Kiteworks® content firewall platform was not affected by these attacks. The vulnerabilities exploited in these attacks apply only to Accellion’s legacy FTA product. Kiteworks® is built on a completely different code base using state-of-the-art security architecture, and is designed to provide industry-leading security for sensitive third party communications.
Accellion remains committed to supporting customers impacted by this incident, including assisting clients in their forensic analysis. Accellion developed a special tool for clients to use on their systems in order to check for indicators of compromise associated with the attack activity and to identify any files downloaded if their system was exploited. Additionally, Accellion has established a new “Trust Center” page on its website that includes a comprehensive FAQ and timeline of the attack as well as other relevant security information and updates. The Trust Center can be found at https://www.accellion.com/trust-center/.
To read Mandiant’s full findings on the cyberattacks on Accellion’s legacy FTA product, please visit Accellion FTA Attack – Mandiant Report.
To learn more about how Accellion helps organizations secure their third-party communications, please visit Enterprise Content Firewall.
About Accellion
Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.
Media Contacts
Additional Resources
Accellion and kiteworks are registered trademarks of Accellion, Inc. in the US and other countries. All other trademarks contained herein are the property of their respective owners.