back to article Can 'Mad Libs for incident response' prevent the next MOVEit fiasco?

While MOVEit is just the latest example of a managed file transfer (MFT) tool being exploited by criminals to maximize the amount of data – and money –— they can grab, these types of attacks aren't going to stop anytime soon. From the miscreant perspective, they represent the perfect crime. That is, unless the defenders can …

  1. MacGuffin

    Best Job Title Ever

    MFT or Managed File Transfer Tool. Describes my job and what I am for doing it.

  2. t245t Silver badge
    Terminator

    A framework to get out ahead of the next mass exploitation

    How about putting core processes in FPGAs that can be scrambled at first boot there-by preventing some generic virus/worm running rampant through your organization.

    "MFTs, by nature of their design, are meant to be a system that is exposed to external parties, and they transact and transfer sensitive data between enterprises"

    That's interesting to know /s

  3. Claptrap314 Silver badge
    Pint

    Obvious, simply, and unworkable

    There is an obvious and simple solution: use sftp for everything. It is unworkable. I have first-hand knowledge. We're in the heal care space. It averages more than a month to get an sftp connection set up with a new data provider.

    For crying in ---------------------------------------------------------------------------->

    1. Anonymous Coward
      Anonymous Coward

      Re: Obvious, simply, and unworkable

      More than a month? Ouch.

      You need to get your data providers in touch with the last AC who posted on the first Reg article https://forums.theregister.com/forum/all/2023/06/01/moveit_transfer_zero_day/

      1. Claptrap314 Silver badge

        Re: Obvious, simply, and unworkable

        It's not the data providers per se. It's usually the IBM India subcontractors. If you've not had to work with them---be very, very, very glad...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like