New Delhi, May 8 (IANS) C-level executives — who have access to a company’s most sensitive information — are being increasingly and proactively targeted by cybercriminals, correlating to a rise of social engineering attacks with financial motivation, says a new report.
Senior executives are 12 times more likely to be the target of social incidents, and nine times more likely to be the target of social breaches than in previous years, according to the Verizon 2019 Data Breach Investigations Report.
The research is based on analysis of data 41,686 security incidents, and 2,013 confirmed breaches from 86 countries.
“As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed. They really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats,” Bryan Sartin, Executive Director of Security Professional Services at Verizon said in a statement.
A successful pretexting attack on senior executives can reap large dividends as a result of their – often unchallenged – approval authority, and privileged access into critical systems.
Typically time-starved and under pressure to deliver, senior executives quickly review and click on emails prior to moving on to the next (or have assistants managing email on their behalf), making suspicious emails more likely to get through.
The increasing success of social attacks such as business email compromises can be linked to the unhealthy combination of a stressful business environment combined with a lack of focused education on the risks of cybercrime.
The Verizon study also showed how the growing trend to share and store information within cost-effective cloud based solutions is exposing companies to additional security risks.
The study showed that attacks on human resource personnel decreased from last year.
Compared to last year, the attacks on human resource personnel went down by six times, the study said.
Ransomware attacks account for nearly 24 per cent of incidents where malware was used, the study said.