C-level executives under cyber attack
C-level executives across the globe are increasingly and proactively being targeted by cyber criminals, correlating to a rise of social-engineering attacks.
This is according to Ray Ottey, fellow cyber security practitioner at multinational telecommunications conglomerate VerizonCommunications. Ottey was speaking at the NetEvents EMEA IT Spotlight event in Barcelona, Spain last week.
He unpacked some of the main findings of the Verizon 2019 Data Breach Investigations Report, which found C-level executives, who have access to a company's most sensitive information, are now the major focus for social-engineering attacks.
"Senior executives are 12 times more likely to be the target of social incidents, and nine times more likely to be the target of social breaches than in previous years - and financial motivation remains the key driver.
"Financially-motivated social engineering attacks (12% of all data breaches analysed) are a key topic in this year's report, highlighting the critical need to ensure all levels of employees are made aware of the potential impact of cyber crime," explained Ottey.
The 12th edition of the report includes data from 73 contributors, and analyses 41 686 security incidents, and 2 013 confirmed breaches from 86 countries across the globe. It also analyses approximately 1.5 billion data points of non-incident data.
The report reveals that increasing success of social-engineering attacks such as business e-mail compromises (which represent 370 incidents or 248 confirmed breaches of those analysed), can be linked to the unhealthy combination of a stressful business environment combined with a lack of focused education on the risks of cyber crime.
"A successful pretexting attack on senior executives can reap large dividends for criminals as a result of C-level executives' often unchallenged approval authority and privileged access to critical systems," he added.
Typically time-starved and under pressure to deliver, senior executives quickly review and click on e-mails prior to moving on to the next, or have personal assistants managing e-mail on their behalf, making suspicious e-mails more likely to get through, according to the report.
"One-quarter of all breaches are still associated with espionage, and ransomware attacks still remain strong, accounting for 24% of the malware incidents analysed and ranking number two in most-used malware varieties. Compromise of Web-based e-mail accounts using stolen credentials (98%) are on the increase, seen in 60% of attacks involving hacking a Web application," explained Ottey.
According to the Verizon 2019 Data Breach Investigations Report media statement, this year's findings also highlight how the growing trend to share and store information within cost-effective cloud-based solutions is exposing companies to additional security risks.
"There was a substantial shift towards compromise of cloud-based e-mail accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration ('miscellaneous errors') led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analysed in the DBIR dataset. This accounts for 21% of breaches caused by errors," explains George Fischer, president of Verizon global enterprise, in the statement.
"Enterprises are increasingly using edge-based applications to deliver credible insights and experience. Supply chain data, video and other critical - often personal - data will be assembled and analysed at eye-blink speed, changing how applications utilise secure network capabilities."
Security must remain front and centre when implementing these new applications and architectures. Technical IT hygiene and network security are table stakes when it comes to reducing risk, advises Verizon.
"As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed," asserts Bryan Sartin, executive director of security professional services at Verizon.
"Businesses really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line."
Additional findings of the Verizon 2019 Data Breach Investigations Report:
- Chip and PIN payment technology has started delivering security dividends: The number of physical terminal compromises in payment card related breaches is decreasing compared to Web application compromises.
- Ransomware attacks are still going strong: They account for nearly 24% of incidents where malware was used. Ransomware has become so commonplace that it is less frequently mentioned in the specialised media unless there is a high-profile target.
- Media-hyped crypto-mining attacks were hardly existent: These types of attacks were not listed in the top 10 malware varieties, and only accounted for roughly 2% of incidents.
- Outsider threats remain dominant: External threat actors are still the primary force behind attacks (69% of breaches) with insiders accounting for 34%.
- Attacks on human resource personnel have decreased from last year: Findings saw six times fewer human resource personnel being impacted this year compared to last.