Singtel’s internal file sharing provider suffered cyber security attack

Accellion’s file sharing system called FTA has been illegally attacked.

Singaporean multinational telecommunications conglomerate Singtel has been informed by its third-party vendor Accellion that it has suffered a cyber attack.

According to Singtel, Accellion’s file sharing system called FTA has been illegally attacked by unidentified hackers. This is a standalone system that we use to share information internally as well as with external stakeholders.

Accellion has informed that this incident is part of a wider concerted attack against users of their file sharing system.

“We have since suspended all use of the system and activated investigations, working closely with cyber security experts and the relevant authorities, including the Cyber Security Agency of Singapore which is providing additional guidance,” stated Singtel. “We are currently conducting an impact assessment with the utmost urgency to ascertain the nature and extent of data that has been potentially accessed. Customer information may have been compromised.

“Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks.

“We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”

According to Singtel this was an isolated incident involving a standalone third-party system, its “core operations remain unaffected and sound”.

Accellion stated the Accesslion FTA is 20-year-old product nearing end-of life and was the target of a sophisticated cyberattack.

All FTA customers were promptly notified of the attack on December 23, 2020.  At this time, Accellion has patched all known FTA vulnerabilities exploited by the attackers and has added new monitoring and alerting capabilities to flag anomalies associated with these attack vectors.

All vulnerabilities are limited exclusively to FTA and Accellion kiteworks Content Firewall remains unaffected.

“They do not in any way impact Accellion’s enterprise content firewall platform known as kiteworks,” stated the vendor. “The vast majority of Accellion’s clients reside on the kiteworks platform, which is built on an entirely different code base, using state-of-the-art security architecture, and a segregated, secure development process.”

In mid-December 2020, Accellion was made aware of a zero-day vulnerability in its legacy FTA software and released a fix within 72 hours.

This initial incident was the beginning of a concerted cyberattack on the Accellion FTA product that continued into January 2021. Accellion identified additional exploits in the ensuing weeks and rapidly developed and released patches to close each vulnerability.

Accellion continues to work closely with FTA customers to mitigate the impact of the attack and to monitor for anomalies.

“Our latest release of FTA has addressed all known vulnerabilities at this time,” commented Frank Balonis, CISO at Accellion. “Future exploits, however, are a constant threat. We have encouraged all FTA customers to migrate to kiteworks for the last three years and have accelerated our FTA end-of-life plans in light of these attacks. We remain committed to assisting our FTA customers, but strongly urge them to migrate to kiteworks as soon as possible.”

FTA’s maturity notwithstanding, these exploits demonstrate a highly sophisticated attack. In 2021, every software security provider must not only demonstrate secure software architecture but must also be proficient at cyberwarfare.

Accellion is uniformly committed to protecting its customers and their supply chain partners from cyber criminals by preventing breaches and compliance violations, rapidly responding to cyberattacks in process, and mitigating the impact of incursions with extensive forensics and customer support.

In regard to this incident, Accellion is contracting with an industry-leading cybersecurity forensics firm to conduct a compromise assessment and will share their findings when available.

FTA customers are encouraged to contact Accellion customer support for additional information at support@accellion.com.

To learn more how the flagship Accellion kiteworks platform helps organisations secure their third-party communications, please visit Enterprise Content Firewall.