The security agencies recommend updating to Accellion FTA version FTA 9 12 432 or later as the best way to mitigate the risks. If this is not possible, organizations should isolate or block internet access to and from systems hosting the software, check systems for malicious activity and consider moving to a new file-sharing platform.
Accellion says FTA will reach end of life on April 30, 2021, when the company will no longer support it. Accellion is recommending its customers migrate to its newer product, Kiteworks, which it says is more secure. Good for Accellion for urging its customers to migrate away from the vulnerable FTA web server that appears to have resulted in 100 companies being attacked and data stolen from 25 of them thus far. Accellion s transparency is commendable, says Sam Curry, chief security officer at Cybereason.