Business executives are facing an increase in cyberattacks based on spoofing intended to gain access to home networks and put individuals and their families at risk of personal harm, security researchers and other experts warn.
The rise in threat activity is linked to the increasing sophistication of voice cloning and deepfalk technology, allowing attackers to send false videos and messages they claim from trustworthy contacts, such as senior executives at the target company. After violating the target, the attacker uses privileged access to further due the victim’s colleagues and engages in corporate spy or fear tor.
An increase in spoofing attacks on executives will happen as the fatal shooting of United Healthcare CEO Brian Thompson in 2024 raises personal safety and fears for family business leaders.
In a survey by the Ponemon Institute, sponsored by BlackCloak, a security company specializing in digital protection, more than half of security experts said hackers have personally targeted executives at this year’s organization, starting from 43% two years ago.
Approximately 40% of respondents said executives have been targeting deepfake attacks this year, from about a third of 2023. In this investigation, trusted contact spoofing is a common attack vector, with hackers requesting payment or confidential information under the guise of a security incident.
“As AI technology progresses, attackers are shifting their focus from technical exploits to human emotions using personal, well-structured social engineering tactics,” said Chris Pierson, founder and CEO of BlackCloak, in an email.
Hackers are increasingly creating fake video or audio files for executives or their families, using those techniques to steal money, steal targets, release sensitive data, and perform other actions that could potentially harm the company.
The attackers are also bolstering the targeting of executive home networks as many business leaders work remotely or frequently access corporate networks from home.
“When you look at the intelligence situation, including protecting the individuals of the wealthy, protecting them, their families and their assets is challenging to say the least,” said Anthony Carter, senior adviser at Alphamile, corporate advisor. May 15th Meeting Sponsored by the Digital Evolution Institute.
Carter said 41% of the 5.5 million high-net individuals in the US reported being victims of digital or physical crimes.
According to security company Flashpoint, cyberattacks on executives grew in the aftermath of Thompson’s killing. April, researchers Identified a website that says “Luigi is correct” This included detailed personal and business information about approximately 1,000 executives.
The site appeared to be offline on May 29th, but a new site called the CEO Database appeared on the same day. The website contained more information, including phone numbers and LinkedIn account information.
Researchers at Flashpoint told Cybersecurity Dive that the attacker likely developed the website to develop support and interest in the ongoing anti-execution movement in the US. And given their wealth of data, the site could help hackers get additional information about these executives.
“Based on the possibility that personal contact information exists on these websites, threat actors may use the information provided to perform additional searches on open source platforms or paid data aggregator sites, and may access additional PIIs, such as residential addresses.
