3CX Attack Shows The Dangers Of ‘Alert Fatigue’ For Cybersecurity

The supply chain attack on 3CX might have been detected sooner if not for “alert fatigue”, a desensitisation to frequent alerts and false positives, say cybersecurity experts. When users received warnings about the VoIP vendor’s software, both they and the support team assumed it was a false positive, delaying detection of the attack. Experts warn this issue demonstrates the real-world consequences of alert fatigue in cybersecurity.