Free is no longer an acceptable route for MSPs looking to protect their customers
Tallinn, Estonia — March 30, 2023 — “Security is not cheap,” says Dimitri Osler, and the days of “free” PBXs are drawing to a close. “MSPs simply cannot afford to take the risk anymore, and your reputation will take the hit if you pursue the cheapest option,” he added.
The news comes as 3CX announced that a critical piece of their infrastructure, the 3CXDesktopApp, had been compromised by malware. SentinelOne had noted a spike in trojanised installers within the 3CXDesktopApp since March 22, eight days before 3CX acknowledged the problem.
“Our own analysis of the attack shows that while the 3CX incident response plan was reasonable, it missed some crucial points,” stated Dimitri. “Eight days from breach to communication seems too long for critical communications software, although we appreciate that some of that time was likely spent investigating the scale of the problem. We’d also have other recommendations for their partners.”
Like every software company, Wildix makes use of code libraries. The key is in handling those libraries with appropriate skepticism and ensuring they are secure.
“Our development teams handle third-party code as our own, apply the same controls and ensure it’s fit for purpose during each iteration of development,” said Vladimir Sorokin, CDO of Wildix. “This costs money, of course, but it means our customers have the confidence that we will remain secure. We will conduct a review of our own controls and incident response plans to ensure we can learn from 3CX’s experience.”
SentinelOne, the company that broke the news of the attack, notes that the hack uses multiple stages to breach the 3CX system, and its ultimate goal is to steal information, such as cookies and credentials. This can lead to echoes of the original attack as user data is used to further breach previously compromised systems.
“We’d recommend that all 3CXDesktopApp users reset their credentials across all systems after removing the app,” added Dimitri. “MFA is crucial to help mitigate these attacks, as well. Wildix partners can trust that our systems are secure by design, and we’ve invested heavily in threat analysis and mitigation across our development processes, especially for third-party code libraries.”