VIPs and executives who are critical to your company and brand can be targeted by threat actors or groups who exploit their personal information to cause financial, brand or reputational damage – or even physical harm. Law firms are among the targets for this type of criminal activity as they possess sensitive data that threat actors can monetize, including: intellectual property (IP), merger and acquisition (M&A) details, as well as strategy and financial insights about their corporate clients.

A regional law firm recently discovered key employee details exposed online for its Chief Counsel. A closer look revealed information that left the top attorney’s family vulnerable.

Data Loss Can Leave VIPs Exposed

Social media spoofing, over-sharing or personally identifiable information (PII) exposed in data breaches can leave corporate executives, board members, key technical employees and public figures exposed with damaging consequences. The exposed data is used for profit by the attackers or sold on the open, deep, and dark web for others to use as they wish. Below are just a few examples of how this data is obtained and used.

VIP Exposure attack techniques

Figure 1: Some examples of the attack techniques and risks associated with VIP Exposure.

Detecting and Mitigating VIP Exposure

In the case of this law firm, the sensitive information found online would have been extremely useful for attackers performing spear phishing or doxing campaigns.

Upon further investigation, the information found in Pastebin – including family names and home addresses – was confirmed to be valid. The law firm took swift action and removed the content, thereby mitigating the risk. They also used the experience to update employee training and provided tips for how best to reduce the risk.

See how Digital Shadows SearchLight (now ReliaQuest GreyMatter DRP)™ helps clients monitor for, investigate and mitigate digital risks, including VIP Exposure: Test drive SearchLight™ free here.

 

To stay up to date with the latest digital risk and threat intelligence news, subscribe to our threat intelligence emails here.