FBI Issues Warning on Poorly Secured File Transfer Protocol (FTP) Servers.

Date posted: April 28, 2017

The Federal Bureau of Investigation (FBI) recently issued an alert to warn organizations that hackers are targeting poorly secured file transfer protocol (FTP) servers.  These servers enable hackers to access protected health information (PHI), store malicious tools, and launch cyber attacks.  Organizations should be aware of FTP server targets because these servers operate in “anonymous” mode and are associated with medical and dental facilities which have access to PHI.  Hackers are able to use this information to intimidate, harass, and blackmail business owners, as well as commit identity theft.  When a server is in anonymous mode, a user can access the stored files with the use of a common username and without the need for a password.  Any information that is compromised can be altered, encrypted, deleted, or sold.

Practical tips for protection against FTP server attacks include the following:

  • Organizations should check their networks for FTP servers that operate in anonymous mode;
  • If an FTP server must operate in anonymous mode, it should not include PHI or other sensitive information; and
  • Suspicious or criminal activity should be reported to the FBI Cyber Watch at CyWatch@ic.fbi.gov or 855-292-3937.

The FBI report is available at:

https://info.publicintelligence.net/FBI-PHI-FTP.pdf.

‹ Return to the Main News Page
‹ Return to the CRC Homepage