What is a Dark Web Alert?
A dark web alert is a notification you receive when your personal information, such as your passwords, have been found on the dark web. Without a dark web alert, you won’t know when your personal information...
The C-Suite and other senior executives are frequently the targets of cyberattacks. As the most visible members of an organization, executives have access to sensitive information, influence inside the organization and a public platform, making them valuable targets for cybercriminals.
Organizations of all sizes need to actively reduce risk for senior management. Simple actions — such as using strong and unique passwords, eliminating the reuse of passwords and enforcing multi-factor authentication — can dramatically reduce the risk of a cyber attack.
In this blog, we’ll explore the specific attacks against executives, ways that executives can stay safe from cyberattacks and why taking special measures to keep management safe is critical to enterprise security.
Cyberattacks against organizations of all sizes continue to increase in dramatic fashion. In 2022, cyberattacks rose by a staggering 38%. These attacks are also becoming more sophisticated. Coordinated, highly-researched attacks against executives have become a common tactic among cybercriminals.
A 2023 Ivanti survey of IT leaders and executives found that leaders are four times more likely to be victims of phishing attacks than all other office workers. And overall, the growing proportion of cyberattacks that target management resulted in more than $12.5 billion in losses in 2021, according to the FBI.
There are a few common threat vectors against executives as well as threats against employees that involve the impersonation of executives.
In a credential-stuffing attack, cybercriminals attempt to gain access to several accounts at once. The effectiveness of the threat vector relies on the widespread re-use of passwords, which more than half (52%) of all employees reported doing in a recent survey from Google and Harrison Poll.
Publicly available information, like social media posts, interviews and public appearances, can provide hints about possible credentials — making credential stuffing an effective method of attack against those with a recognizable digital footprint.
In just a few minutes, a credential-stuffing attack can enter stolen credentials into thousands of websites and apps, potentially compromising information from social media accounts and sensitive company records.
Whaling is a common threat vector similar to spear-phishing. In a spear-phishing attack, cybercriminals leverage relevant information, such as personal interests or relationships, to coax the victim into giving them access to sensitive accounts or information. In the case of whaling, a bad actor compels company executives to give up critical records or payment information, often by way of a highly personalized request.
In one notable instance of whaling, the co-founders of a hedge fund received a malicious Zoom link from what appeared to be a known contact. The link actually contained malware.
Cybercriminals then gained access to the fund’s email accounts, sent invoices to prospective clients and bank account transfers. Although the hedge fund ultimately recovered some of the transfers, the reputational and business damage forced it to shut down shortly after.
CEO fraud, or cyberattacks in which a bad actor purports to be a senior executive, is another type of phishing. It uses the likeness and influence of management to persuade direct reports and employees into granting access to sensitive information or accounts. The effectiveness of these attacks depends on highly researched attempts to urge specific employees to take immediate action, often via email or text.
Imposter attacks take advantage of organizational trust and the eagerness of employees to quickly address executive requests. For example, a CEO fraud attack may involve a text asking an employee to make a wire transfer immediately or risk the success of a business deal.
While cyberattacks that target executives or exploit their influence pose a serious threat, there are a number of ways to protect against them.
Senior executives often serve as spokespeople. Many leaders make their unique perspective central to their public platform, sharing anecdotes from work or their personal experiences. They may even disclose personal information.
But maintaining an engaging perspective shouldn’t involve oversharing on public forums, especially when doing so can provide context or content for login credentials to sensitive accounts.
Employees may feel pressure to meet requests from management without comment or delay. Whaling and imposter attacks depend on employees to unquestioningly follow through with demands. Many targeted attacks against executives have clear indicators of their malicious intent, but these are often blurred in the rush to address issues that appear urgent and important.
Guidelines on how management makes requests can help set expectations for employees. For instance, clarifying that executives will never ask for gift cards or make demands over text messages, can reduce the likelihood that employees fall prey to these attacks.
Executives have a crucial role to play in protecting their organization from cyberattacks, but they can only do so much. Remembering their passwords shouldn’t be one more task when it can be automated — to the benefit of executive productivity and organizational security.
A password manager generates high-strength passwords and safely stores them in a private, encrypted vault. All that executives have to remember is their Master Password. The password manager autofills their logins to critical accounts and integrates with multi-factor authentication and Single Sign-On (SSO), allowing executives to quickly verify and log into their accounts.
Multi-Factor Authentication (MFA) provides an additional layer of verification, and is another strong layer of security that can be used with or without a password manager. MFA verifies login attempts with user-specific information.
Authentication can take place with something that is unique to a user (like a fingerprint), something they have (like a physical security key or authentication code on another device) or something they know (like a security question that only they would know the answer to).
Executives are commonly targeted by cybercriminals because of their influence in an organization and access to valuable information. That access puts management at a heightened risk of attacks, but it also draws employees and direct reports into the firing line.
It’s not just executives who are at risk, but the organization as a whole. One way to protect an organization from these attacks against executives is with the enterprise-wide use of a password manager like Keeper.
Keeper creates, stores and allows users to securely share passwords across their organization — protecting critical data from unauthorized access and executives in their organizations from experiencing a cyberattack.