For years now, organisations have not given a second thought to the risks associated with traditional file transfer practices such as hypertext transfer protocol (HTTP) or file transfer protocol (FTP). Companies have been busy moving their files from one location to another, in accordance with the needs of their business, without any consideration for the risks.
Today, the risks are intensifying, and many businesses will receive a short, sharp shock once their data transfer frailties are exposed.
Two distinct file transfer camps
As the threat of a security breach comes increasingly to the fore, two directly opposing data transfer groups have emerged. The first camp consists of firm believers in the overarching need for collaboration in the file transfer process. The second camp places far greater emphasis on the security and compliance of all file transfer activities.
However, there is nothing to say that such opposing aims cannot be reconciled by one file transfer solution. In fact, secure file transfer exists to bring the aims of these two camps together, to create a secure solution which is also convenient, flexible and collaborative.
The vulnerability of FTP
File transfer protocol (FTP) is an inherently risky method of file transfer as the protocol provides no encryption for data in transit, or at rest. This exposes FTP to a number of vulnerabilities which secure file transfer would eliminate. Potential security attacks when using FTP include:
Brute force – The attacker infiltrates the FTP server by successfully guessing the password. The use of weak passwords or setting the same password across multiple FTP servers increases the risk of an attack. Here are some strong password guidelines to keep your server secure.
Packet capture – Data transfer via FTP is unencrypted. This means Information can be easily read using network packet capture techniques, which intercept and capture data packets to expose the sensitive data.
Port stealing – The dynamic port numbers assigned by operating systems can be easily decoded by experienced attackers. By identifying the next number in the pattern, a hacker will be able to access a file at the expense of an authorised client. Files can then be stolen, forged, or malicious files can be added to the data stream.
FTP bounce – In cases where the file transfer process is slow, users may choose to resort to a proxy FTP, which creates a direct data transmission between two FTP servers. This makes it possible for an attacker to gain access to any data transmitted via the network.
Spoof attacks – If access to the FTP server is restricted via the network address, an attacker can gain access by assuming the host address of a computer on the corporate network and download as many files as they like.
How does secure file transfer help?
Your most effective defence against any of these attacks is secure file transfer. This solution provides a tremendous level of file security. Corporate data can be secured in transfer and at rest, while the presence of comprehensive network and application security ensures data is secured at all times. Each transfer is then protected by multiple security features which can be set from a policy or end-user perspective.
Has your business ever been the victim of an FTP security breach? What type of attack was attempted and was it successful? Please share your thoughts in the comments section below.