Why Managed File Transfer Products Are a Hacker's ParadiseJohn Dwyer of IBM Security X-Force on Using Predictive Threat Intelligence
This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Exploiting one is a great way to steal data and carry out an extortion-based attack.
Research by John Dwyer of IBM Security X-Force shows that MFTs have characteristics that make them attractive to cybercriminals: They handle critical data, often connect to a third party, contain personal identifying information, and often allow lateral movement. But there is a path toward protecting MFTs in the future, Dwyer's research also shows.
In this video interview with Information Security Media Group at Black Hat USA 2023, Dwyer discussed:
- The need for scaled contextual awareness of datasets to make defenders aware of their MFTs' underlying software components;
- How IBM is developing a predictive threat intelligence platform; How the threat landscape is evolving globally.
Dwyer leads a team of security researchers focused on adversary trend analysis, threat hunting, detection engineering, incident response technology and integrating partner technologies into X-Force's ecosystem. He tracks and models adversary operations to develop immersive simulation exercises to help drive improvements in incident response, threat hunting, and detection engineering. Prior to joining X-Force, Dwyer was a defensive cyber operations researcher working with the U.S. Army and U.S. Air Force to develop and incident response capabilities.