Cybersecurity company Glasswall’s August 2019 Threat Intelligence Bulletin stated that the technology sector accounts for nearly half of phishing campaigns. Software developers appear to be the most common target. Hackers are often looking to steal intellectual property or copy products. A key reason they target developers is the administrator privileges across multiple systems that are a usual part of software development.
“Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry with the hackers taking advantage of the public profiles of individuals working in the high-turnover industry to help conduct their phishing campaigns,” wrote Danny Palmer at ZDNet. Social networking sites such as LinkedIn allow attackers to gain insight into their victim’s life and specially tailor a spear-phishing campaign toward their interests.
“As an attacker, if you can land on an administrator machine, they have privileged access and that’s what the attackers are after,” said Lewis Henderson, VP at Glasswall to ZFNet. “Software developers do have that privileged access to IP and that makes them interesting.”
Glasswall’s bulletin suggests that even though your software developers are technically-savvy people, they are just as at risk to fall for phishing as anyone else. Beefing up developers’ defenses via Security Awareness Training can go a long way toward attack prevention.