When you hear the term “Cyber Whaling Attack,” maybe your mind goes to Captain Ahab and his dogged pursuit of the giant white whale in the classic novel Moby Dick.
And you would be right.
Except, in this case, you – the manager or executive – are the whale that’s hunted.
Why?
Because you have high-level access to your company’s IT environment, personnel records, client files, financial information, and proprietary data.
You are the whale that the cybercriminals want to land — because you have unprecedented access.
Cyber Whaling attacks are a specialized area of the more common phishing attacks seen every day in nearly every company across the globe. Usually, the standard phishing attacks come by email. They are filtered out of your employee’s inboxes by your email security software.
Cyber Whaling is Different than Common Phishing Attacks
Phishing can be broken up into three categories.
Phishing – Emails with malicious links, attachments and social engineering ploys sent out en-masse to hundreds of thousands of email boxes
Spear Phishing – Targeted emails with malicious links, attachments and social engineering ploys sent out to one individual to gain a specific result.
Whale Phishing (Cyber Whaling) – Top-level company execs or managers with admin access are targeted individually (usually via email) to access their system credentials and company data.
Is Cyber Whaling Damaging for a Company?
Yes. Anytime a cybercriminal has access to a high-level manager’s credentials or an executive’s laptop, it’s time to worry. Some of the damage that has been done via Cyber Whaling attack is:
Deployment of ransomware and demand for money
Theft of proprietary data
Theft and criminal use of financial information (company and clients)
Theft of personal data and use of such for embarrassment/blackmail
Damage to company IT systems using stolen admin credentials
Which 3 Steps Should You Take Which Will Combat the Potential of Cyber Whaling Attacks?
Protocols and Policies
Company CEOs, CIOs, and CFOs, have to be on guard and realise that they cannot be immune to IT security best practices despite their position. Partnering with a professional cybersecurity management team like ours gives you the IT protocols and policies that everyone must follow – but especially those in the C-suite. Because of their wide-ranging IT system and company data access, executives and high-level management must take extreme care to follow established and proven policies and protocols.
Endpoint Security and Next-Gen Antivirus
Today’s criminals are finding ways around firewalls and traditional antivirus software. Your IT and data need to be protected with security measures that lockdown endpoints such as laptops, workstations, mobile devices, and IoT devices to combat this emerging threat. Anything connected to the internet needs to be individually secured. Umbrella security is a thing of the past. Next-Gen plays a role in this cutting-edge endpoint security protocol.
Cybersecurity Education for Managers and Executives
While learning about how cybercriminals are targeting you and avoiding falling into their traps is the last thing you want to add to your bucket list, it’s a critical step in becoming an IT security liability in your company. Our IT team works with managers and executives from companies like yours every day to help them be aware of cybercriminals’ tactics. We do this through email educational updates, online training, and in-person cybersecurity consultations.
Want to find out whether your cybersecurity precautions are up to industry standard? Book in a no obligation call with me using the form below.