The Federal Bureau of Investigations released a Private Industry Notification warning certain medical businesses about the possibility of cyberattack on File Transfer Protocol servers. When the FTP server is operating in an anonymous mode, a user can access the FTP with a common username without using a password or by submitting a generic password or email address.
The FBI observed that cybercriminals are seeking out FTP servers in anonymous mode to access personally identifiable information for blackmail or for sale on the dark web. Businesses, especially medical and dental facilities, should check their networks for FTP servers running in anonymous mode and either disable anonymous authentication or if anonymous mode is necessary, ensure that PII is not stored on the server.
