Deep Dive – Accellion File Transfer Appliance
Find Threat Talks on
Accellion File Transfer Appliance (FTA) Breach
How compliance creates operational blind spots You’ve diligently chosen a file transfer tool that is widely trusted, certified and compliant with all the necessary regulations – so you’ve done everything right, yes? But what if being compliant doesn’t actually mean you’re secure? In our latest Deep Dive, Lieuwe Jan Koning is joined by Threat Intel Specialist Luca Cipriano and CISO Tim Timmermans as they explore a critical case study: Accellion FTA. Over 300 companies, including major players like Shell and the Reserve Bank of New Zealand, relied upon this trusted secure file transfer solution. But when an attack hit its legacy version, these organizations found out the hard way that compliance doesn’t always equal security.Infographic
For a complete overview of the Accellion FTA breach and other attacks featured in the Bridging the Gap: Compliance and Security Threat Talks; download the infographic.Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO, ON2IT Group
Luca Cipriano
Threat Intel Specialist, ON2IT
Tim Timmermans
CISO the Netherlands, ON2IT
Episode details
How secure is your “secure” file transfer tool?
In this Deep Dive, we take an in-depth look at the critical distinction between compliance and actual cybersecurity in the context of the Accellion File Transfer (FTA) Breach.
A well-known appliance, Accellion was trusted by over 300 organizations, including high-profile entities like Shell and the Reserve Bank of New Zealand. Despite Accellion’s reputation for being certified and compliant with all relevant regulations, its legacy software version became a significant cybersecurity liability.
Host Lieuwe Jan Koning is joined by Threat Intel Specialist Luca Cipriano and CISO Tim Timmermans of ON2IT.
Luca outlines all the steps the attackers took: from them first identifying the vulnerability in the legacy software, to then executing several zero-day attacks to infiltrate the systems. How do these zero-day attacks work?
As Luca provides a detailed run-through of all the steps the attackers took, Tim offers solutions: what could have been done to stop the attacker in this specific step? What general precautions could organizations like Shell have taken?
Tune in for this Deep Dive and find out!
Stay up-to-date on cybersecurity threats
Subscribe to our Spotify channel for deep dives into the dynamic world of cybersecurity. Stay informed, and stay secure!