Hacking uncovered by forensic investigation

An Austrian aerospace parts manufacturer has been the target of a cyber attack that resulted in a €50m loss to the firm. The firm revealed that its financial accounting department had been the target of cyber fraud after forensic investigations revealed the heist.

It is thought that the heist was what is called a ‘spear whaling attack’ that may have resulted in online banking fraud. A whaling attack, unlike the better-known phishing attack, is when scammers target a senior member or executive of the finance department with a social engineering hack.

They do this by pretending to be management, usually the CEO of the targeted company, in order to trick the finance executive to go through with a significant wire transfer of funds away from the company. Unsurprisingly, they target successful companies with a healthy cash flow for such attacks.

The firm in question, FACC AG, is conducting a forensic investigation but has stated that its IT infrastructure, data security and intellectual property IP) rights have not been affected by the criminal activity. The board will decide on further action after the outcome of the forensic investigation.

Email phishing and wire transfer frauds are becoming increasingly common and while it might seem far-fetched that an employee would transfer cash to a new account, the attacks are very sophisticated. By creating a fake email address that resembles that of a senior executive, an individual who is used to receiving ad hoc requests like this may not notice.

Forensic accountants would advise their clients to put processes in place to avoid such attacks, such as reviewing the email address of the sender closely or considering whether the person making the request would normally send such requests. Better to ask questions before than have to find where the money has gone after the attack.

Author: Roger Isaacs, 9 February 2016

Share on Twitter