Lots of us think we’re immune to cyber-attacks, especially those working in tech and IT roles and businesses, and even some of our savvier customers who are perhaps at times overly confident about their own preparedness. And so, a recent incident that impacted San Francisco-based company, Framework, is a timely reminder that cyber incidents can strike any business, especially when your team, or those in your supply-chain, aren’t alert.
A proponent of the right to repair movement, Framework builds laptops and devices that are easily disassembled and repaired with replaceable parts. It was founded in late 2019 by former Apple and Oculus engineer Nirav Patel.
Despite its tech pedigree, the company this week confirmed that hackers have accessed customer data after successfully phishing an employee belonging to a supply-chain partner, at its accounting service provider.
Keating Consulting is an external accounting partner of Framework, and one of its employees’ fell victim to a carefully targeted, socially engineered attack.
In a notification to affected customers, Framework says, “On January 9th, at 4:27am PST, the attacker sent an email to the accountant impersonating our CEO asking for Accounts Receivable information pertaining to outstanding balances for Framework purchases.”
The accountant replied on January 11, sending the cybercriminals, who they mistakenly thought was the CEO, a spreadsheet containing customer information, including full names, email addresses and balances owed.
The concern now is that this information will be used in follow on attacks targeting Framework customers, that impersonate the company and ask for payments.
CEO Fraud or Whaling attacks are not uncommon. Here are some examples from our previous blog post, showing how easy they are for attackers to execute.
With little time and cost invested, a cybercrime network can easily assume the identity of a high-profile executive and pressure employees within the business to make a payment.
It’s a simple, yet highly effective, scam, and it demonstrates how easily your business and customer data can fall into the wrong hands.
Framework says it will require mandatory phishing and social engineering attack training for any of Keating Consulting’s employees who have access to its customers’ information, and that it is “additionally auditing the trainings and standard operating procedures of all other accounting and finance consultants who currently or previously have had access to customer information.”
The Silicon Valley-based accounting company, Keating Consulting, has not responded to questions about the security of the data relating to its other 300 clients.
The volume and sophistication of cyber attacks will continue to escalate throughout 2024. In its 2023 Cyber Threat Report, ASD said that it responded to ‘over 1,100 cyber security incidents from Australian entities. Separately, nearly 94,000 reports were made to law enforcement through ReportCyber – around one every 6 minutes.’
The Hon Richard Marles, MP, Deputy Prime Minister and Minister for Defence, says, ‘In the current strategic era, Australia’s geographic advantages have been eroded as more countries have enhanced their ability to project combat power across greater ranges, including through the rapid development of cyber capabilities.’
‘Australian governments, critical infrastructure, businesses and households continue to be the target of malicious cyber actors… both state and non-state actors continue to show the intent and capability to compromise Australia’s networks. It also highlights the added complexity posed by emerging technologies such as artificial intelligence.’
‘The report demonstrates the persistent threat that state cyber capabilities pose to Australia. This threat extends beyond cyber espionage campaigns to disruptive activities against Australia’s essential services.
The report also confirms that the borderless and multi-billion dollar cybercrime industry continues to cause significant harm to Australia, with Australians remaining an attractive target for cybercriminal syndicates around the world.’
Share this Framework example with your customers and peers as a reminder of the need to stay vigilant against cyber threats in the year ahead.
Keeping Businesses Safe and Secure
Prevention is always better than a cure, and one of the best defences is to encourage businesses to proactively boost their company’s cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for businesses to fortify.
No one vendor can stop all email threats, so it’s crucial to remind customers that if they are using Microsoft 365, they should also have a third-party email security specialist in place to mitigate their risk. For example, using a third-party cloud email solution like MailGuard.
MailGuard provides a range of solutions to keep businesses safe, from email filtering to email continuity and archiving solutions. Speak to your customers today to ensure they’re prepared, and get in touch with our team to discuss strengthening your customer’s Microsoft 365 security.
Talk to us
MailGuard's partner blog is a forum to share information; we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 2822
UK partners call 0 800 404 8993
