Enterprising cyber attackers driven by a money motive are setting their sights on objects that will deliver the highest returns. Because of their access to high-value systems and data, C-suite executives are a prime target for social engineering hacks. This year’s Verizon Data Breach Investigation Report (DBIR) found social attacks, including business email compromises (BECs) against enterprise executives, are on the rise.
Executive cybersecurity 2019
Speculating that the combination of proximity to high-value assets and the intensive pressure of their roles which limits executive time to scrutinise messages makes them more vulnerable than most employees with less critical roles, the Verizon DBIR reported that staffers in leadership roles are 12 times more likely to be the victims of credential theft or other social incidents such as being tricked into transferring money to an adversary’s bank account.
Business email compromises are part of a subset of financially-motivated incidents known as financially-motivated social engineering attacks. These events are initiated through a social platform but are not associated with malware or malicious employee behaviour. Incidents such as financial pretexting and phishing are among the 370 recorded financially-motived social engineering incidents that occurred last year, 248 of which were verified to be breaches.
The Verizon DBIR, which examined 41,686 security incidents including 2,013 confirmed data breaches globally investigated by Verizon and multiple international agencies including the FBI and the Secret Services, did find one notable type of financially-motivated social engineering attack: W-2 phishing attacks against human resources workers used to file false tax returns were virtually eliminated. The supposition is that wide-spread awareness led to better protections and controls over employee tax information, but there is no definitive proof of what dramatically reduced the number of these incidents.
In the report, which classifies incident by nine general types of events, Verizon found that as organisations move more of their data to the cloud and other digital depositories, they may be putting these assets at risk by failing to institute appropriate controls. Enterprise adoption of cloud solutions offers cost and efficiency benefits, but lack of security safeguards leaves these companies vulnerable to financially-motivated social attacks against web-based email incidents.