From: thepipeline_xyz
Attackers typically target three core areas: funds, access, and data [00:00:02].
Primary Targets of Attackers
Funds
This refers to whatever assets are stored on-chain, on centralized exchanges (CEXs), or in digital wallets [00:00:04].
Access
Attackers seek access to use an individual as an interception point to others, including colleagues, friends, or family [00:00:12]. For example, if a public figure’s account is compromised, attackers could leverage that access in a spear-fishing campaign to target someone else, such as by sending a malicious meeting invite [00:00:27].
Data
This refers to sensitive credentials, which must be rigorously audited wherever they are stored [00:00:38]. Protecting data is essential for overall security.
Identifying and Mitigating Risks
It is crucial to have a strong understanding of all potential “points of failure” in one’s digital life [00:00:50]. This involves:
- Inventorying Points of Failure Starting an inventory of all potential vulnerabilities [00:00:55].
- Creating an Attack Surface Map Developing a map that outlines all points of concern [00:00:56].
Once identified, it is necessary to continuously tweak and mitigate these concerns as they arise [00:01:00].