Filter by Category

Are Your FTP Credentials Secure?

Do you know where your FTP credentials are?

FTP Security WormholeA security researcher named Chris Larson happened onto a curious website last September that had been serving some malicious-looking exe files.

While poking around, he wrote in his blog, "I came across an 'unlocked door' on the malicious Web site and took a look inside." Treading like an adventurer in Alice's wonderland, Larson discovered that this little doorway opened into a world of potential hurt for companies around the world.

There was a strange, oddly-sized GIF file that, with further poking, revealed a hidden payload. The GIF revealed four text files. Little by little, their contents spilled out, until finally it revealed a dark criminal archive. The files contained the login credentials of more than 100,000 FTP sites.

It was an unbelievable discovery, like a Russian nesting doll, that - when unpacked - opened a veritable wormhole to FTP sites around the world: Domain names, User IDs, and Passwords.

Nearly two thousand of these FTP credentials were the domain credentials from one particular site that claimed to Web-host nearly two hundred thousand separate FTP sites. Another file contained a hundred thousand credentials from a variety of unrelated individual sites. Using this archive of FTP credentials, the thief (or thieves) could penetrate, inspect, and selectively harvest the information contained within stored files that users had transferred between their workstations and their corporate computers.

How this archive was assembled and hidden demonstrates how the network of thieves profits and expands. Larson noticed a duplication of a small percentage of the FTP credentials. This seems to indicate that the archive was probably robotically created by a virus or Trojan.

Larson had discovered an actual retail operation that gathers FTP credentials, and then sells those credentials - like a retail mailing list -- throughout the underworld to anyone who can pay the price. The archive, in its hidden GIF packaging, appears to be the actual product. Such an archive would be valuable to identity thieves with its hidden payload. In this state, it was ready to be transmitted to other thieves, running beneath the radar of security network packet sniffers.

This begs the question: "Do you know where your company's FTP credentials are stored?" If your company is using a managed file transfer solution like GoAnywhere MFT, you already know the answer.

The best MFT suites manage the access to FTP, centralize the file transfer process, and secure the credentials that are communicated between hosts. By using a MFT suite, IT can institute rules by which file transfer credentials are organized, encrypt the transfers themselves, and log every transfer activity. User credentials to other servers are also centralized and secured, and the connection rules that your business partners use can be managed to ensure that user ids and passwords regularly updated.

Chris Larsen uncovered a secret world in which the doors to our systems - and our business partner's systems - are sold as simple commodities, available to anyone who can pay the price. It's like a toyshop where your company's FTP credentials are displayed like exotic dolls, nested within a GIF wrapping: a GIF that promises to keep on giving.

Isn't it time to do something about it?

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


10 Ways to Achieve File Transfer Automation with GoAnywhere MFT

January 14, 2019

Here’s a fun fact: When it comes to streamlining file transfer processes, automation is the supporting sidekick to any IT or cybersecurity professional. Like Robin supports Batman…


Which is Better: Dropbox vs. MFT?

January 9, 2019

So you’re looking for a way to securely share files with your team. Great! There are plenty of tools you can use today to collaborate and share documents as projects arise. Some are on-premises…


Data Breach and Incident Response Plans | 2019 Templates & Best Practices

December 27, 2018

Every year, organizations hope that statistics for data breaches will improve, that things will be better than the year before. And every year, they are dismayed to discover that even though…


How One Global Health IT Company Achieves PCI-Compliant File Transfers with an MFT Solution

December 21, 2018

Compliance audits can be stressful, especially when they come on the heels of data security standard updates and deadlines. For one global health technology company, a looming PCI DSS audit not only…


What is FTPS?

December 4, 2018

Whether you’re looking to upgrade from your current FTP file transfers or have new requirements from a trading partner or customer, you might be wondering what FTPS is. How does it work, you…