Given the spate of corporate cyber attacks within recent years, the conversation around cybersecurity has shifted increasingly to employee education and training. However, one factor that has often been left out of this dialogue is the growing vulnerability of executives. C-level officers are inherently more desirable targets than most other personnel for hackers due to their greater access to sensitive data.
Cybercriminals often launch many of the same penetration attacks against executives as they do for other employees yet will also commit more time and resources to these targets since there is a bigger potential payoff. Conversely, they are often the least likely to follow established cybersecurity procedures, making them even more of a risk to a company’s confidential information.
Phishing attacks are still a popular method of network breaching attempts, and this is still true for executive-level personnel. “Whaling,” or phishing aimed specifically at high profile targets, is being more carefully tailored to elicit responses from these particular types of victims. Whaling messages often appear more sophisticated or legitimate than normal phishing attempts. They are closer to spear phishing since they are crafted with one specific individual in mind, yet they are uniquely dangerous in the type of information they seek. Whaling attacks usually try to gain access to confidential company information or even attempt to request wire transfers from company accounts. Successful whaling breaches will often lead to more attempts being made.
The danger can be aggravated by several other factors, including proclivity of travel for an executive and the access others in their department have to their credentials and information. Executive assistants are also targets due to their proximity to the c-suite, as is anyone else who supports boardroom functions. Additionally, officers in certain industries may be even more vulnerable than usual to attacks.
The need for executives to be protected will only grow as both hacking becomes more widespread and technology allows for greater interconnectivity. There is a lack of organizational knowledge on the subject for many businesses, and that is one of the key factors that hackers rely on.
Protection against whaling attacks must be twofold: executives need to be better educated about how they are at risk, and companies need the tools to safeguard their accounts. Some of our services can help you on both counts.
SWK Network Services provides an email hosting program with professional-level filtering to keep out viruses and encryption to better protect your confidential messages. We also offer Phishing Defender, a comprehensive employee awareness training to detect phishing attempts. If you would like to learn more, feel free to contact us online or call 856-956-5800.