CEO Sacked After $56 Million Whaling Attack

CEO Sacked After $56 Million Whaling Attack

An Austrian aerospace manufacturer has sacked its CEO after his apparent mistakes led to the firm being defrauded out of €50 million ($55.8m) in a whaling attack revealed earlier this year.

FACC, which produces parts for the likes of Boeing and Airbus, said that in a supervisory board meeting last week it had decided to “revoke” Walter Stephan with immediate effect.

It added in a brief statement:

“The supervisory board came to the conclusion, that Mr. Walter Stephan has severely violated his duties, in particular in relation to the ‘Fake President Incident’. Mr. Robert Machtlinger was appointed as interim CEO of FACC AG.”

The incident in question appears to have been a classic whaling attack, in which a fraudster impersonating a CEO or senior board member emails a member of the finance department to request a money transfer out of the company.

However, it’s unclear exactly what mistakes Stephan played which led to his sacking, as the finance employee who made the mistake in transferring the funds and her immediate boss have already been dismissed, according to reports.

Such incidents have been on the rise in recent months.

Email security firm Mimecast interviews IT professionals periodically about whaling attacks and found 75% of respondents in March this year had seen an increase in attacks. That’s up from 55% in December 2015.

Also, the FBI warned in February that attacks had generated $2 billion for fraudsters over the past two years.

Orlando Scott-Cowley, cybersecurity strategist at Mimecast, warned firms not to be complacent when they read about whaling attacks.

“Every CEO needs to be ultimately responsible for implementing appropriate checks and balances, including security training and technology, to protect their employees and shareholders from crippling losses,” he told Infosecurity.

“It doesn’t matter how experienced or senior you are – you are still likely to fall for a well-crafted targeted attack. So assume you and your team will be duped, and plan accordingly. The incidents of these attacks are only set to grow. They are relatively easy for the criminals to conduct and are hard to protect against just using traditional security technologies.”

Wieland Alge, EMEA VP at Barracuda Networks said attackers usually spoof the CEO’s email address with a fake domain to improve their chances of success.

“It turns out that the one of the most effective defenses is a very transparent and open company culture. All departments, but particularly HR and Finance, must be able to communicate, preferably over the phone, with the CEO and CFO directly,” he added.

“This is quite a routine practice in young and fast moving companies, but becomes much less common in the larger businesses, sometimes down to the personality of the CEO and CFO, but more often down to well internalized habits. It goes without saying that properly configured and maintained email security systems also play a big part in preventing these kinds of attacks.”

Source: Information Security Magazine