Cyber security is a topic that, even in 2023, far too few individuals, influencers and companies are addressing. Often, the problem is that the added value of the expenditure is not seen and thus budget flows into something that is considered “not mandatory” in the first instance. Looking at a study conducted by KPMG in 2022, this approach is simply wrong. 67% of the Austrian companies surveyed were victims of a cyberattack in the last 12 months. This led to financial damage for some, which can also be existentially threatening. Influencers are unfortunately not protected from this and are equally affected as companies. But why are social media personalities at risk and how can they effectively be protected?

Consider influencers as a normal business

Influencers, or public figures in general, shouldn’t be viewed any differently than a company. Because although it often seems like only one person is acting, that’s usually only the case with nano and micro influencers. All other groups usually have support in pretty much all areas, as they simply have a too large follower base. If you compare a company and their size with the amount of followers of an influencer, you can very quickly see a correlation when it comes to the attack surface. The more users follow, the more staff is needed and the risk increases. In addition to this, there is also the generated interest. While a classic company, individually considered, is not in the public eye, they are more likely to be selected by hackers based on sales/profit or by accident. While this is also true for public figures, individual individuals might additionally have a personal interest. This poses great dangers, because it is still possible to infiltrate any system. The only question is how great the interest is and how much time it takes.

Major impact

What happens in a cyber attack on a traditional company is seen every day. But you can also find enough information about influencers, streamers and general social media personalities. For example, in April 2022, the Youtuber Julien Bam was successfully hacked and his YouTube and Instagram channels were taken over. The consequences in this case? The sustained loss of followers, a significant loss of trust and financial damage. None of this would have been necessary, considering the attack path. At that time, it seems that a classic phishing email was responsible for the infection of a single PC. Any password or authentication with MFA, no matter how strong, is irrelevant here because the user was already logged on to the PC. But a simple EDR solution with monitoring, for around 150€ a year, could have prevented this. To expand this, we would also suggest phishing tests with suitable software to sufficiently sensibilize the employees.

Read more ……