Attackers Targeting Lower-Level Management, Proofpoint Reports

[InfoSec News <alerts () infosecnews org>]

http://www.eweek.com/security/attackers-targeting-lower-level-management-proofpoint-reports

By Sean Michael Kerner
eWeek.com
November 28, 2018

Cyber-attackers aren't continuously going after the same executive and 
high-level management, they are are actually shifting targets to other 
individuals within organizations, including lower management, according to 
a report from Proofpoint released on Nov. 28.

The Proofpoint third quarter 2018 Protecting People report found that a 
staggering 99 percent of the most targeted email addresses in the quarter, 
were not even ranked in the second quarter. Additionally, Proofpoint 
reported that 67 percent of highly targeted malware and phishing attacks 
are now aimed at lower-level management and individuals.

"While the speed at which cybercriminals move to lure new and unsuspecting 
victims has always been quick, we were surprised to see a 99 percent shift 
over the past quarter in the top targeted individuals within companies," 
Ryan Kalember, SVP of Cybersecurity Strategy at Proofpoint, told eWEEK. 
"By targeting primarily lower level employees with access and privilege 
rather than senior staff, attackers are also widening their pool of 
potential targets and increasing their chances at successfully 
infiltrating a company."

The shift toward lower level management and individuals for attacks 
doesn't necessarily mean that upper level management shouldn't be 
concerned. In some cases, attackers are simply looking for a way into an 
organization, so they can move laterally afterwards.

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_