C-suite increasingly targeted by hackers, reports finds
High-level executives are increasingly likely to be targeted by hackers looking to gain access to businesses’ most valuable information, a new security report has found.
Verizon’s 2019 Data Breach Investigations Report, which analysed 41,686 security incidents over the past 12 months, including 2,013 confirmed breaches, revealed C-suite personnel have become a major focus for criminals due to the high level of access they have to enterprise data.
Social engineering attacks aimed at these personnel have therefore risen hugely over the past year. The report found senior executives are now 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches than in previous years.
Successful attacks on these executives can reap major dividends for hackers as a result of their approval authority and privileged access into critical systems, which often goes unchallenged.
“Typically time-starved and under pressure to deliver, senior executives quickly review and click on emails prior to moving on to the next (or have assistants managing email on their behalf), making suspicious emails more likely to get through,” Verizon noted.
Elsewhere, the report warned that as businesses transform how they collect and analyse data – particularly at the edge of the network – criminals will increasingly look to target these edge-based applications, so security must be a top priority when implementing these new Internet of Things and big data solutions.
The trend towards convenient, cost-effective cloud services must also be a security focus, as Verizon’s analysis found that there was a substantial shift towards compromise of cloud-based email accounts via the use of stolen credentials.
Meanwhile, misconfigured cloud applications were responsible for many massive file storage breaches, exposing at least 60 million records analysed in the report. This accounts for 21 per cent of breaches caused by errors.
Bryan Sartin, executive director of security professional services at Verizon, said: “As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.