Since the beginning of February, local vulnerability has turned into a weapon of mass destruction.
Fortra, which works with clients and the CISA Cybersecurity and Infrastructure Protection Agency, provided information about massive cyberattacks targeting a vulnerability in its GoAnywhere MFT product.
The company has faced backlash for keeping quiet about the attacks on GoAnywhere, which have affected dozens of major organizations, including the University of Cincinnati, Think Mutual Bank, Nemours pediatric health care system, and many international government agencies.
On February 13, Community Health Systems (CHS) confirmed that nearly a million patients' sensitive data was stolen in a GoAnywhere MFT hack by the Clop group.
The statement came after the Clop group said it had hacked more than 130 organizations in 10 years using the GoAnywhere vulnerability. It is worth noting that Fortra released an emergency update on February 6 to fix the flaw, but this did not stop hackers from using it in their attacks.
Throughout this Fortra published only recommendations on problems, but the representative of the company said that it became known about the attacks on GoAnywhere.
"We immediately took several steps to address this issue, including temporarily disabling this service to prevent any arbitrary unauthorized activity, and issued mitigation recommendations, including instructions for our customers to apply the update," a spokesperson said.
In addition, CISA has included this vulnerability in its CVE catalog to improve access to information about this issue.
On Feb. 1, Fortra explained that the vulnerability is related to remote code injection, and that hackers need access to the administrator console in order to successfully exploit it, so the console should not be publicly available on the Internet. If attackers can get deep enough into the system, they can cause massive damage.
The bug was publicly flagged by cybersecurity expert Brian Krebs, who posted an advisory on social media platform Mastodon and wrote that the company said it had "temporarily taken the service offline in response."
GoAnywhere MFT is a file transfer management product that provides automation and security for organizations. This web tool is used by dozens of large companies and educational institutions in the United States.