As cyberattacks on larger business increase, so are attacks on small to medium-size businesses, high-net worth individuals and their families.
Major corporations have hardened security, so threat actors are turning to softer targets that deliver the highest potential return. Executives and other high-profile individuals have access to vast financial resources, social influence or valuable information that can be compromised for profit.
High net worth individuals (HNWI) have always been at elevated risk for financial extortion. The increase in remote work as a result of COVID-19, however, heightened this threat. The knowledge that these individuals have the means to pay lures criminal organizations worldwide.
Digital extortion is often carried out through ransomware attacks, a type of malware that hijacks a device and restricts access to files or threatens to post compromising or confidential data until a ransom is paid. Usually delivered by phishing attacks, ransomware has become more sophisticated. Prospective hackers can even purchase RaaS (Ransomware as a Service) "kits" to get started. HNWIs are considered ideal targets because of their substantial assets and desire to protect their reputation, personal data, and financial accounts.
BEC & Fraud
One of the most damaging cyberattacks for HNWIs and businesses is Business Email Compromise (BEC). BEC messages are socially engineered to impersonate an HNWI in order to trick an associate, employee or family member into transferring funds to a spoofed account, which the criminals quickly drain and close, vanishing into cyberspace. BEC fraudsters study their targets carefully, often for months. They mimic the writing style of the individual and may even refer to events they learn about by hacking personal devices.
Threat actors may also try to gain access to the social media accounts of HNWIs to post false or libellous information or expose confidential correspondence. These individuals are often business or lifestyle influencers, closely followed by millions on a daily or even hourly basis. Their communications and insights can influence the value of their personal or shareholder investments and even impact the behaviour of the marketplace itself.
The digital revolution that enabled the Internet of Things (IoT)—the connectedness of digital devices through the internet—also made nearly everything in our lives a potential source of information.
IoT-enabled technologies in cars, yachts and private aircraft power, navigation and infotainment systems, remote locking, remote engine start and much more. Data flows freely among different vendors, and personal information such as travel plans, driving habits, current location, entertainment choices and schedules are available to skilled criminals, which they can use for a physical or cyberattack.
The homes of many HNW families are also equipped with smart devices that are linked together and constantly connected to the internet, increasing the opportunity for intrusion. Threats include everything from embarrassing leaks of private information and images to physical intrusion and attack.
Without strong cybersecurity across all devices, threat actors can abuse confidential data to harass, manipulate and deceive, steal financial resources or threaten the safety and privacy of friends, family and associates.