Skip to main content
close search
site logo

Teenagers, young adults pose prevalent cyberthreat to US, Mandiant says

The brains behind high-profile attacks last year, teenagers and young adults use sophisticated social engineering techniques for intrusions.

Published April 25, 2023
Matt Kapko's headshot
Senior Reporter
Brain icon symbolizing AI in center of photo surrounded by other icons representing the potential widespread use of AI in technology
bymuratdeniz via Getty Images

SAN FRANCISCO — A group of teenagers and individuals in their 20s from the U.S. and United Kingdom are among the most prevalent threat actors today, Mandiant Consulting CTO Charles Carmakal said Monday at an off-site media briefing during the RSA Conference.

This congregation of malicious actors typically speak English as their first language and are incredibly effective social engineers, Carmakal said.

Teenagers and young adults were responsible for some of the most high-profile attacks during the last year, including intrusions at Twilio, Uber, and Okta. The attack against Twilio led to at least 163 downstream victims, magnifying the potential damage caused by these sophisticated phishing attacks.

“We've seen very young individuals break into some of the biggest organizations by leveraging these techniques that are so hard to defend against,” Carmakal said.

These threat actors are crafting personalized phishing lures to goad unsuspecting victims into visiting malicious websites, sharing sensitive credentials and multifactor authentication codes via mobile devices.

“It's all traversing through the cellular network so enterprises aren't able to even monitor this and detect it,” Carmakal said.

One campaign run by a threat actor Group-IB dubbed Oktapus compromised more than 10,000 user credentials across 136 organizations last summer.

Lapsus$, another prolific ransomware group that has targeted a wide range of global companies and government agencies, sometimes with ruthless digital extortion, is currently the target of the Cyber Safety Review Board’s second-ever review.

Lapsus$ and Oktapus are among threat groups conducting extortion in a highly personalized manner by harassing employees and sometimes family members of employees.

“It's a very different story if you're an executive of the company, and your daughter is being harassed by a threat actor,” Carmakal said.

One of Mandiant Consulting’s clients, which is currently being extorted, received flowers from the threat actor with a very polite but intimidating message, Carmakal said.

“Your desire to pay or your willingness to pay shoots up tenfold when you're dealing with personal attacks,” Carmakal said.

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell