Hackers are targeting C-suite executives through their personal email | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Good morning.

As companies rely on CFOs to mitigate risk, cyberattacks (and the costs associated with them), are a major concern. Now, there’s also a growing trend of cybercriminals targeting C-suite executives in their personal lives, instead of targeting them through their companies, according to a new report.

“This is a significant change in tactics, as in the past, most hackers would try to breach a company directly by hacking into its corporate network or compromising employee email accounts,” Chris Pierson, CEO of BlackCloak, a digital executive protection company that consults for Fortune 500s, tells me. “Now, we’re seeing many cybercriminal groups flip the script, by bypassing the corporate network altogether and going after the executives at home and through personal online accounts, where it is a lot easier to pull off a breach.”

BlackCloak and the Ponemon Institute released a report on Monday that found 42% of companies have experienced cybercriminal attacks on their senior-level corporate executives, which can compromise sensitive business data. The findings are based on a survey of 553 U.S.-based cybersecurity leaders. 

“The purpose behind these attacks varies from hacker to hacker, but it usually boils down to financial theft or fraud, extortion, or reverse-breaches, where they try to gain access to corporate accounts, data and systems by sneaking in through the executive’s accounts, which are usually an open backdoor,” Pierson says. 

“Email account takeover is perhaps the most prevalent way to compromise an executive,” he says. “In these cases, cybercriminals take over the personal email account of an executive using breached passwords from the dark web in order to find corporate documents, intellectual property, or other personal information.”

The report highlighted several of the most prolific attacks on executives:

The survey also found that 58% of respondents said that cyberthreat prevention for executives and their digital assets are not covered in their cyber, IT, and physical securities strategies and budgets.

In May, Dragos Inc., a cybersecurity firm, said in a blog post it was a target of a cyber extortion scheme against its executives. “The criminal group gained access by compromising the personal email address of a new sales employee prior to their start date,” according to the company. The cybercriminal’s texts showed research into family details as they knew the names of family members of Dragos executives.

“In our digital executive protection work, we’ve seen almost every type of attack imaginable,” Pierson says. “We’ve seen hackers carry out complex social engineering attacks on executives and their spouses to pull off hundreds of thousands of dollars in financial fraud. ‘Document extortion’ is another increasingly popular tactic.” Hackers will steal documents like tax records, divorce papers, and other legal documents, and threaten to release them on the web unless they’re paid a ransom, he says.

Ransomware incidents

Cybersecurity is a topic of interest this week as Verizon released its 2023 Data Breach Investigations report on Tuesday. The research analyzed 16,312 security incidents and 5,199 breaches. The median cost per ransomware more than doubled over the past two years to $26,000, with 95% of incidents that experienced a loss costing between $1 and $2.25 million. 

“Globally, cyber threat actors continue their relentless efforts to acquire sensitive consumer and business data,” Craig Robinson, research vice president at IDC, said in a statement. “The revenue generated from that information is staggering, and it’s not lost on business leaders, as it is front and center at the board level.”

Sheryl Estrada
[email protected]

Big deal

The World Economic Forum’s (WEF) 2023 Future of Jobs Report analyzes job trends and directions for the 2023-2027 period. Technology adoption will remain a key driver of business transformation in the next five years. A macrotrend: Businesses identified increased adoption of new and frontier technologies and broadening digital access as the trends which are most likely to drive transformation in their organization. These are expected to drive trends in over 85% of the organizations surveyed, according to WEF.

Some of the top technologies respondents said they’re likely to adopt over the next five years include digital platform apps (86%), education and workforce development technologies (81%), big data analysis (80%), and 75% said artificial intelligence. Another macrotrend: broader application of Environmental, Social, and Governance (ESG) standards within their organizations will also have a significant impact.

The findings are based on a survey of 803 companies that collectively employ more than 11.3 million workers across 27 industry clusters and 45 economies from all world regions.

Going deeper

“The Looming Algorithmic Divide: Navigating the Ethics of A.I.,” a new report in Wharton’s business journal, explains that there’s an emerging “algorithmic divide,” fueled by technological disparities and A.I. biases, that needs to be front and center for business and political leaders. “Bringing these challenges to the forefront will allow us to openly manage them across industry, creators, and society,” write Wharton’s Scott Snyder and coauthor Hamilton Mann.


Salman Khan was named CFO at Marathon Digital Holdings, Inc. (Nasdaq: MARA), a digital asset technology company. Khan brings 25 years of finance and accounting experience. Before joining Marathon, he served as CFO for Verb Technology Company Inc., a provider of interactive video-based software-as-a-service applications. Khan previously served in various senior executive-level positions at Occidental Petroleum Corporation and its spinoff, California Resources Corporation, including director of renewable energy, director of corporate development, director of technical accounting and financial reporting, and business division controller and chief financial officer.

Dave Salverson was named CFO at DTEX Systems, an insider risk management provider. Salverson will support the company’s growth trajectory and advancement of its InTERCEPT Platform. Salverson brings more than 25 years of financial leadership experience, developing finance teams, systems, and processes in high-growth companies. Before joining DTEX, Salverson held the role of CFO at Hazelcast. He has also held leadership roles at Shape Security, Ruckus Networks, and Brocade.


“Our central case is there’s more shoes to drop, particularly—in addition to the asset markets—economically.”

—Stanley Druckenmiller, chairman and CEO of Duquesne Family Office, said during the Bloomberg Invest event in New York on Wednesday. The famed hedge funder said that despite the economy’s recent resilience—headlined by a low unemployment rate and positive first-quarter GDP growth—he believes a “hard landing” is inevitable, Fortune reported.


Click Here For The Original Story From This Source.

National Cyber Security