Research: – 46% of C-Suite executives attacked by spyware!

Research: – 46% of C-Suite executives attacked by spyware!

Data put together by Atlas VPN now reveals that nearly half ‘C-level’ officers underwent a spyware attack in 2019!

IT experts at Atlas VPN have produced data that shows that snr. management & C-suite executives are the most likely to be the subject of a malicious attack within a company.

C-suite executives can disable mobile security protocols for their employees or themselves, usually, because they do not have the correct tools to be productive. Sometimes, bypassing certain security measures enables employees to do some tasks quicker.


Rachel Welsh, COO of Atlas VPN, commented “Organisations should not be prioritising productivity over security: saving an hour of work can cost thousands of dollars.

“Companies need an in-house IT professional to maintain high productivity & protect themselves from spyware attacks, which would ensure systems are running on the most advanced security solutions. “The number of spyware attacks increased by 35% in 2019.

Over half (54%) phishing attacks were most common, with spyware the 2nd most common threat – 46% of C-level executives were targeted by spyware in 2019.

Awareness Training

Sarb Sembhi, CTO & CISO, from Virtually Informed, observed “While the attackers collect & trade in contact information on the C level executives, we cannot change that, we can change & adapt what we do to not be affected by attacks covered in this report.

“We must respond with better more relevant awareness training, better tools for wherever we work, & no circumvention of security controls for the C suite.

“It is important for C-suite to realise that being a club member does mean greater responsibilities including better protection against such attacks.”

Data analysed by Atlas VPN has shown:-

  • 84% of C-level executives were cyber threat victims last year, with 46% of them being subject to a spyware attack
  • Spyware & other attacks occur due to lack of resources that ensure productivity: C-level executives request disabling security protocols to have some tasks performed faster.
  • In 2019, the Russian Federation had the highest rate of spyware activity: this region accounts for 25.6% potentially affected users.
  • The number of spyware attacks increased by 35% in 2019. In 2018, 27,000 Kaspersky antivirus software users experienced a spyware attack, and the number increased to 35,000 last year.


Jake Moore, a Cyber-security Specialist at ESET outlined “The C suite is still seen as an easy target due to their assumed heavier workload, higher levels of management access & lesser knowledge in cyber-security – a recipe for disaster.

“When bad actors target C suite staff they are clever with the tactics employed & use manipulation techniques to force them into clicking where they shouldn’t.

“Users are reminded to update their operating systems as well their browsers to remain safe from spyware, & to be vigilant against targeted phishing emails with attachments.”

Spearphishing E-mails

Javvad Malik, Security Awareness Advocate at KnowBe4 said that criminals do their homework & will specifically target executives with legitimate looking spearphishing emails which can result in all forms of malware being delivered.

“Therefore, it is important that all users within an organisation, including C-level executives, their personal assistants are provided with regular & relevant security awareness training.

“Not only can security awareness help executives & all users identify potentially malicious emails, but they are more likely to report to IT if they feel like they may have inadvertently clicked on an email, therefore minimising any potential damage.”


Brian Higgins, Security Specialist at explained the research findings are ‘hardly surprising.’

“The Cyber Security community have been debating how best to impress upon Board-level, C-Suite business professionals the vital importance of effective Cyber Security training & business practices for years.

“Back in the 90’s fraud & money laundering were endemic across the economy until European Regulations forced businesses to act & mandated Board-level responsibilities.

“The European General Data Protection Regulation (GDPR) went some way to elevating information security to similar levels of importance; mandating consideration at board-level again in the form of Data Protection Officers (DPO) or Chief Information Security Officers (CISO) & introducing considerable fines for data breaches.

Board Toolkit

“Unfortunately, these measures do not extend to the wider issue of Cyber Security &, as this research suggests, senior board members will often circumvent policy over profit leaving themselves and their business vulnerable to infiltration or manipulation by cyber-criminals.

He added that the UK National Cyber Security Centre has developed a freely downloadable ‘Board Toolkit’ which “should not only be required reading” for every board member & can also be very useful in convincing them “quite how devastating the consequences can be if they fail to take their wider security responsibilities seriously.”


Full report here.

Dr Francis Gaffney, Director of Threat Intelligence at Mimecast explained that threat actors regularly use social media posts to identify & target key individuals within organisations.

Gaffney further added, “They use sophisticated pattern-of-life analysis to identify working & social networks to see who may have access to key systems & information, who is most likely to work directly for, or are able to influence executives.

“Once the threat actors have a target to exploit, they may choose from a number of different attack methodologies; & often spyware is a key weapon in their arsenal.”

He went on to say that installing spyware via the compromised target allows the bad actor to ‘customise’ their attack to the specific executive to ensure maximum value.

“Spyware can help the threat actor monitor who the executive works with most, what data they access, & their entire C-suite network,” Gaffney warned.


“Once this process is complete, other malware such as ransomware, sophisticated impersonation attacks (including Deepfake), or exfiltration of PII can now be deployed to obtain financial benefits. Indeed, findings from our latest State of Email Security report found 65% of IT leaders reported an increase in the volume of impersonation fraud over the last 12 months.

“From our analysis, CEOs are currently the most targeted candidates for impersonation in these ‘project-related’ impersonation attacks & this is likely to remain so.


“Our research has shown that 36.4% of IT professionals surveyed in the UK say their organisation’s CEO is the most targeted exec within their organisation.”

He mentioned that variations of further development of this type of tactic is also likely to include impersonation of other key & senior personnel within organisations, in an effort to induce compliance with the instructions given.

Layered security

Gaffney concluded “This level of threat shows that C-level executives cannot afford to prioritise speed over security. Layered security which includes dedicated protection from impersonation attacks is key, along with other proactive measures such as employee training.

“Likewise, when downloading new software, it is recommended to use reputable sites & research the reviews of other customers. The cost of products on these sites may cost more but will save you problems in the long run. Only then will businesses & individuals be resilient & be better equipped to prevent fraud.”