Earlier in the month (April) 3CX became victims to a security attack on their products and larger supply chain . The incident was conducted by a highly experienced and knowledgeable hacker, who exploited a weakness within the 3CX product. The hack was thoroughly planned and the compromise began in early 2022. An employee installed software onto their website that enabled the threat actor to work in the background, un-noticed. This threat actor would then later compromise and maintain persistence on the employees personal computer, resulting in the April 2023 attack.
3CX acted quickly on the attack and began investigating the incident with Mandiant immediately. Mandiant deliver dynamic cyber defense solutions by combining services and products powered by industry-leading expertise, intelligence and innovative technologies. With Mandiant in support, a full investigation began which included a series of security reviews of the Web Client and the PWA App.
7 Step Security Plan
The investigation has since been complete and the findings have resulted in the following 7 step security plan:
- Hardening Multiple Layers of Network Security
- Revamping Build Security
- Ongoing Product Security Review with Mandiant
- Enhancing Product Security Features
- Performing Ongoing Penetration Testing
- Refining Crisis Management and Alert Handling Plans
- Establishing a New Department for Network Operations and Security
3CX will be working tirelessly over the next few months to harden multiple layers of their network security by implementing the remediation plan recommendations provided by Mandiant. A commitment is now in place to continuously track, improve and enhance the product security features of 3CX as a whole.
How are Fuse 2 staying ahead of the curve?
From a Fuse 2 standpoint, we took many similar protocols to protecting our customers and partners systems. This began by making sure all systems where locked down onto our network, with resilience and security at its core this was the immediate first response. Once this was complete, we continuously provided our affected customers and partners with updates regarding the security breach and advised antivirus scans and removal of the 3CX desktop application.
While this incident is currently in hand, we are dedicated to regular security scans and on-going support in the unlikely event of a further security threat. Should any further questions arise regarding the reliability and security of 3CX, our team of dedicated technical support engineers are on-hand day and night to answer any system queries you may have. Unfortunately, in the industry of telecoms, hackers are becoming more knowledgeable on the Cloud Communication Systems and cyber-attacks are often attempted. However, companies like 3CX and Fuse 2 Communications are dedicated to acting quickly and implementing advanced security protocols to prevent any further attacks.
Should you wish to find out more about how we are taking the extra steps to secure your communications, get in touch today