Skip to content
Search AI Powered

Latest Stories

newsworthy

Verizon: hackers are targeting C-level executives with social engineering attacks

Cybercrime endangers supply chain information, cloud-based solutions, customer data, report says.

Corporate computer attacks are on the rise as hackers increasingly target the C-level executives who have easy access to sensitive information, according to a report from technology provider Verizon released today.

The trend poses an escalating risk for supply chains as companies increasingly digitalize their operations and conduct e-commerce sales through online payments, placing vast amounts of personal data on computer databases.


C-level executives are now the major focus for social engineering attacks, where hackers pretend to befriend their targets through fraudulent business emails, winning their trust to convince victims to click on links or reveal passwords, according to the Verizon 2019 Data Breach Investigations Report (DBIR).

Also known as "pretexting," these attacks can reap large dividends because of senior executives' often unchallenged approval authority, and their privileged access into critical systems, Verizon said. One reason for the growing trend is that top execs are typically time-starved and under pressure to deliver, so they tend to quickly review and click on emails prior to moving on to the next, or even have assistants manage that email on their behalf.

Statistically, senior executives are now 12 times more likely to be the target of social incidents—and 9 times more likely to be the target of social breaches—than in previous years, the report found. Now in its 12th edition, the Verizon report analyzed 41,686 security incidents, and 2,013 confirmed breaches, from 86 countries.

Cyberattacks in the logistics sector have received growing attention in recent years, following supply chain incidents like a 2013 hack that stole millions of shoppers' credit card data from retailer Target Corp., and the 2017 "Petya" and "Wannacry" ransomware attacks that hobbled container shipper Maersk A/S and food supplier Mondelez International Inc.

The report also highlighted how the growing trend to share and store information within cost-effective cloud based solutions is exposing companies to additional security risks. Analysis found that there was a substantial shift towards compromise of cloud-based email accounts via the use of stolen credentials.

"Enterprises are increasingly using edge-based applications to deliver credible insights and experience. Supply chain data, video, and other critical - often personal - data WILL be assembled and analyzed at eye-blink speed, changing how applications utilize secure network capabilities," George Fischer, president of Verizon Global Enterprise, said in a release. "Security must remain front and center when implementing these new applications and architectures."

Other trends identified in the report showed that:

  • human resources personnel have seen attacks decrease six-fold from last year, as W-2 tax form scams have almost disappeared from the study's dataset,
  • credit card chip and pin payment technology has started delivering security dividends, pushing the number of physical terminal compromises in payment card-related breaches to decrease compared to web application-based compromises,
  • ransomware attacks are still going strong, accounting for nearly 24 percent of incidents where malware was used,
  • crypto-mining attacks were hardly existent, despite receiving much attention in media reports, accounting for roughly 2 percent of incidents,
  • outsider threats remain dominant, with external threat actors remaining as the primary force behind attacks (69 percent of breaches) with insiders accounting for just 34 percent.

To build up defenses against these changing risks, enterprise businesses should see technical IT hygiene and network security as "table stakes" to help employees at every level to understand their risk posture and the threat landscape, Verizon said.

"As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed," Bryan Sartin, executive director of security professional services at Verizon, said in a release. "They really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line."

The Latest

More Stories

Trucking industry experiences record-high congestion costs

Trucking industry experiences record-high congestion costs

Congestion on U.S. highways is costing the trucking industry big, according to research from the American Transportation Research Institute (ATRI), released today.

The group found that traffic congestion on U.S. highways added $108.8 billion in costs to the trucking industry in 2022, a record high. The information comes from ATRI’s Cost of Congestion study, which is part of the organization’s ongoing highway performance measurement research.

Keep ReadingShow less

Featured

From pingpong diplomacy to supply chain diplomacy?

There’s a photo from 1971 that John Kent, professor of supply chain management at the University of Arkansas, likes to show. It’s of a shaggy-haired 18-year-old named Glenn Cowan grinning at three-time world table tennis champion Zhuang Zedong, while holding a silk tapestry Zhuang had just given him. Cowan was a member of the U.S. table tennis team who participated in the 1971 World Table Tennis Championships in Nagoya, Japan. Story has it that one morning, he overslept and missed his bus to the tournament and had to hitch a ride with the Chinese national team and met and connected with Zhuang.

Cowan and Zhuang’s interaction led to an invitation for the U.S. team to visit China. At the time, the two countries were just beginning to emerge from a 20-year period of decidedly frosty relations, strict travel bans, and trade restrictions. The highly publicized trip signaled a willingness on both sides to renew relations and launched the term “pingpong diplomacy.”

Keep ReadingShow less
forklift driving through warehouse

Hyster-Yale to expand domestic manufacturing

Hyster-Yale Materials Handling today announced its plans to fulfill the domestic manufacturing requirements of the Build America, Buy America (BABA) Act for certain portions of its lineup of forklift trucks and container handling equipment.

That means the Greenville, North Carolina-based company now plans to expand its existing American manufacturing with a targeted set of high-capacity models, including electric options, that align with the needs of infrastructure projects subject to BABA requirements. The company’s plans include determining the optimal production location in the United States, strategically expanding sourcing agreements to meet local material requirements, and further developing electric power options for high-capacity equipment.

Keep ReadingShow less
map of truck routes in US

California moves a step closer to requiring EV sales only by 2035

Federal regulators today gave California a green light to tackle the remaining steps to finalize its plan to gradually shift new car sales in the state by 2035 to only zero-emissions models — meaning battery-electric, hydrogen fuel cell, and plug-in hybrid cars — known as the Advanced Clean Cars II Rule.

In a separate move, the U.S. Environmental Protection Agency (EPA) also gave its approval for the state to advance its Heavy-Duty Omnibus Rule, which is crafted to significantly reduce smog-forming nitrogen oxide (NOx) emissions from new heavy-duty, diesel-powered trucks.

Keep ReadingShow less
screenshots for starboard trade software

Canadian startup gains $5.5 million for AI-based global trade platform

A Canadian startup that provides AI-powered logistics solutions has gained $5.5 million in seed funding to support its concept of creating a digital platform for global trade, according to Toronto-based Starboard.

The round was led by Eclipse, with participation from previous backers Garuda Ventures and Everywhere Ventures. The firm says it will use its new backing to expand its engineering team in Toronto and accelerate its AI-driven product development to simplify supply chain complexities.

Keep ReadingShow less