Financial crime
High net worth individuals are a lucrative target for cyber criminals looking to commit financial crimes. A heightened level of cyber protection is an important element in risk mitigation and prevention of financial crime. Example financial cybercrimes include:
Related information:
Wired: Cyber Crime and Financial Crime: The Two Become One
Interpol: Financial crimes are often committed via the Internet
Krebs on Security: Feds to Charge Alleged SpyEye Trojan Author
FBI: New eScams and Warnings
- Cyber criminals using malware to clandestinely gain access to family financial information stored in spreadsheets on personal computers
- Malicious actors acquiring access to on-line banking systems by stealing the credentials of high net worth individuals through malware, keystroke logging, and website impersonation
- Specifically targeted financial scams involving social engineering, one example we observed involved impersonation of a client’s friend that “lost his wallet in a foreign country” and required money
Related information:
Wired: Cyber Crime and Financial Crime: The Two Become One
Interpol: Financial crimes are often committed via the Internet
Krebs on Security: Feds to Charge Alleged SpyEye Trojan Author
FBI: New eScams and Warnings
Corporate espionage and intellectual property theft
Executives are increasingly vulnerable to espionage conducted through the Internet. We have observed numerous cases where the personal, family and work computers of executives have been compromised to steal information. These examples include:
Related information:
U.S. Office of the National Counterintelligence: Executive report on industrial espionage
Bloomberg: China Corporate Espionage Boom Knocks Wind Out of U.S. Companies
Symantec: Industrial espionage on the rise, SMBs a target
- Intellectual property theft through malware infection of an executive’s personal and work computers that enabled a malicious actor to download intellectual property data
- Theft of sensitive pricing information by potential customers or competitors through exploitation of vulnerabilities in an executives web browser
- Theft of sensitive username and password credentials through a spear phishing campaign targeted at an executive’s personal email address
Related information:
U.S. Office of the National Counterintelligence: Executive report on industrial espionage
Bloomberg: China Corporate Espionage Boom Knocks Wind Out of U.S. Companies
Symantec: Industrial espionage on the rise, SMBs a target
Privacy intrusion
Executives, celebrities, athletes and individuals exposed to the public are at heightened risk for cyber privacy intrusions. Unscrupulous media outlets, independent consultants, and troubled individuals have used hacking techniques to access to the private computers and internet connected devices of publically known individuals. Example privacy intrusions include:
Related information:
Teen Vogue: Miss Teen USA 2013 says sextortionist hacked webcam to snap bedroom photos
CNN: FBI makes arrest after Johansson, Aguilera e-mails and personal photos hacked
CBC News: Canadian man pleads guilty in celebrity hacking case
Security Week: Cyber-Extortion - Huge Profits, Low Risk
- Troubled individuals using custom malware to take control of computer web cams and microphones to record the activities of public figures
- The home Wi-Fi networks of public figures have been compromised, allowing hackers to view all their internet traffic and gain access to their access personal computers
- Emails, address books and personal photos have been stolen from the personal computers and internet connected devices of public figures and put up for sale on the Internet black market
Related information:
Teen Vogue: Miss Teen USA 2013 says sextortionist hacked webcam to snap bedroom photos
CNN: FBI makes arrest after Johansson, Aguilera e-mails and personal photos hacked
CBC News: Canadian man pleads guilty in celebrity hacking case
Security Week: Cyber-Extortion - Huge Profits, Low Risk
Cyberstalking
Public persons, corporate executives and even children have been victims of cyberstalking. The troubled individuals perpetrating this crime have compromised on-line profiles, personal computers and IT devices to harass and control their targets. Cyberstalking is now more common than physical harassment and recent examples include:
Related information:
National Conference of State Legislatures: State Cyberstalking Laws
CBS: Cyberstalking Are your children safe online?
FBI: A study on cyberstalking
- Motivated by professional jealousy, a subordinate employee initiates a cyber campaign to infiltrate IT devices, harass and threaten a corporate leader at their company. This causes the leader, their family, and fellow employees significant stress and anxiety
- A celebrity stalker uses malware to gain access to their target’s personal email and makes specific threats based on information obtained in the emails
- The teenage child of a high net worth individual has their computer compromised through malware and the stalker makes demands of the teenager to unlock the computer
Related information:
National Conference of State Legislatures: State Cyberstalking Laws
CBS: Cyberstalking Are your children safe online?
FBI: A study on cyberstalking