Detection Methods: Do You Know Where Your Credentials Are?

Do you feel as though you are constantly being asked for (and forgetting) your important credentials, like passwords and pins? It’s not surprising. Studies show that the average person has over 100 passwords. It’s too many to remember and too many to keep track of and update. 


This is particularly concerning for C-suite executives who have become lucrative targets for hackers. Not only do they have unrestricted access to company data, but have far more freedom than other employees when it comes to IT security policies. Their devices often have more access to more corporate systems and often either relegate access to assistants or circumnavigate controls to save time. Hackers and other nefarious parties are dedicated to finding weak spots and accessing their information to carry out attacks on the company or the individual. 


How Executives Are Being Attacked


There are several ways hackers can access company and personal information to target C-suite level employees and leaders, including: 


Data Broker Profiles


C-Suite attacks are often carried out because personal data is sold by data brokers on the dark web. These data broker profiles may contain privileged information that hackers can use to break into online accounts, impersonate executives through social engineering attacks, and steal corporate credentials. The result? Corporate breaches, financial theft, and even attempts to blackmail top executives. 


A study by Strategic CFO found that 40% of data brokers have sold access to executives’ home IP addresses and more than three personal email addresses for every executive record. 95% of the profiles sold contain personal information about their families, while 70% contain social media information and photos. 


Home Networks 


Home networks are perfect targets for hacker groups because they are rarely adequately protected and set up. Breaches can go unnoticed for a long time, giving hackers access to a wide range of critical devices. Once the hacker knows the IP address, they can scan the network for exposed devices, out-of-date firewalls, IoT devices, and WiFi routers to gain access to the network. After one device has been breached, the entire home system can become compromised. Moreover, any electronic device with a microphone or camera (such as CCTV, smart TVs and baby monitors) can be hacked and used for espionage or extortion. 


Personal Accounts


Hacker groups will target personal emails, social media, and even messaging apps in order to gain control of them. Once they have access, it becomes easy to impersonate the executive target and launch business email compromise attacks on employees. One compromised LinkedIn or Gmail account can snowball into a full-fledged corporate breach. Hackers will also actively look for passwords that can be reused elsewhere. A hijacked Netflix account can easily derail an entire corporate network if the same passwords are used for Slack, FTPs, Teams and Office 365. 


Document Extortion


Hackers use personal account takeovers to gain access to sensitive documents, files, and correspondence that could be embarrassing if made public. These materials typically include legal documents, tax records, medical files, personal photos, compromising email or text conversations, and sensitive account subscriptions. Executives should be aware that any personal email compromise has a high chance of leading to an extortion attempt.


Family Members


If an executive’s children or spouse are less cyber-aware, they may become a target in order to stage a secondary attack on an executive. This can occur through conversation hijacking, whereby the hacker injects themselves into a real conversation to spread malware or solicit information. They can also use gaming consoles, smart TVs or personal devices to gain a hold of the home network and scan for company devices. Sometimes, hackers are even more unscrupulous and secretly record or solicit compromising pictures of members of the household, e.g. teenage children, to extort money from their executive targets. 


Detection Methods: Why They Matter and How They Work


Knowing when a system has been breached, or an attack attempt has been made before it escalates is the key to preventing significant harm to the organisation and its employees. Detection methods refer to the cybersecurity techniques and tools used to identify suspicious activities and security breaches that indicate that a system may be compromised or targeted, including: 


  • Signature-based detection uses predefined patterns to identify known threats or malware.
  • Anomaly-based detection uses machine learning algorithms and statistical analysis to identify unusual behaviour or activities.
  • Behavioural-based detection focuses on the behaviour of users and systems to identify anomalies.
  • Network-based detection monitors network traffic to identify suspicious activities or anomalies.
  • Endpoint-based detection monitors endpoint devices such as servers, workstations, and mobile devices.
  • Heuristic-based detection uses rules and algorithms to identify suspicious activities or patterns.
  • Threat intelligence-based detection uses threat intelligence feeds to identify known threats and vulnerabilities in the system.


Cybersecurity professionals will use purpose-built tools and technologies, including intrusion detection systems, endpoint detection and response (EDR) tools and security information and event management (SIEM) systems to support early detection efforts. 


These detection methods can help professionals respond to security incidents quickly and effectively, minimising the impact of an attack and protecting the organisation’s assets, reputation and executive teams. 


Businesses can take an even more proactive approach through penetration testing, 

which helps companies find out where they are most likely to face an attack so that they can address weaknesses and flaws in their cybersecurity that may be exploited by hackers. 


Radiata can help you protect your business and employees with advanced detection methods and expert pen testing. Contact us today to learn how we can secure your digital assets and give your entire organisation the peace of mind they deserve.