Cyber espionage targeting business leaders and other individuals of interest

Cyber espionage targeting business leaders and other individuals of interest seeks to obtain critical confidential information and extort companies to monetize attacks

Emmanuel Macron, Pedro Sánchez, Charles Michel… You probably recall the scandal that erupted when it was revealed that the cell phones of political leaders had been compromised using Pegasus spyware. Although its creator, the NSO Group, can only sell it to governments to track down terrorists and criminals, its use has spiraled out of control.

In fact, this year, a US court ordered the company to pay Meta, the owner of WhatsApp, $167 million in compensation for spying on 1,200 politicians, journalists, and activists by hacking into the app.

Although media attention has focused on public officials, the truth is that in recent years, cyber espionage against business leaders has become a real threat to company executives and organizations themselves. Furthermore, a few months ago, it was revealed that Pegasus had been detected on 18,000 devices and that the spyware had also been used to cyber espionage on businesspeople and executives in sectors such as finance and logistics.

The truth is that the rise of spyware is undeniable at this point. Although some spyware is used to cyber-spy on businesspeople and other high-value targets through their computers, in recent months, we have seen several incidents in which spyware has been used to infect Android and iOS mobile phones.

What can be done to prevent and detect cyber espionage against business leaders? How do malicious actors manage to infect their victims’ devices? Beyond the use of spyware, what other risks should we be aware of in order to combat cyber espionage against businesspeople, political leaders, or celebrities?

1. Cyber espionage attacks against businesspeople and other targets are sophisticated

Unfortunately, in recent years, we have become increasingly familiar with fraud targeting citizens, and its mechanics generally combine social engineering techniques with the use of malware.

However, cyber espionage attacks on businesspeople are significantly more difficult to detect, and the malicious actors behind them must have advanced knowledge and considerable financial resources.

Apple has pointed this out, after it had to warn French citizens throughout 2025 that they were the target of spyware cyberattacks against their mobile phones. The company that manufactures iOS mobile phones highlights that in these attacks:

• Exceptional resources are used.
• The targets are a very small group of people and their devices.
• They cost millions of dollars.

In fact, in many cases, cyber espionage attacks on businesspeople or other targets are carried out using zero-click spyware. What does this mean? They can infiltrate devices by exploiting vulnerabilities without requiring users to take any action, such as downloading or installing an application or opening a file.

Similarly, campaigns in which social engineering plays a significant role have also been detected. For example, at the end of August, we learned that a criminal group was impersonating the Russian security services agency (FSB) and the Russian central bank to persuade businesspeople in that country to download software onto their cell phones that appeared legitimate but was actually used to infect their phones with spyware.

2. What are malicious actors looking for when they launch cyber espionage attacks on businesspeople?

The use of spyware aims to obtain maximum security permissions on devices in order to:

• Activate the microphone or camera to gain access to valuable conversations.
• Record the screen of their victims’ cell phones.
• Take screenshots of emails or conversations through applications such as Gmail or WhatsApp.
• Obtain documents and images stored on devices.
• Obtain passwords and access credentials to corporate software, etc.

The value for malicious actors of accessing this wealth of information from the executive of a large company or a public official is obvious.

With this data, they can:

• Extort their victims or the companies they work for.
• Sell their trade secrets to competing companies.
• If they are state-sponsored actors, provide them with critical information in a context of growing geopolitical tensions.

3. Exploiting zero-day vulnerabilities is a key entry point for this type of attack

As we noted earlier, a key element of many cyber espionage campaigns targeting business leaders, political leaders, and other prominent individuals is the exploitation of zero-day vulnerabilities.

Just this September, Samsung, one of the world’s leading manufacturers of digital devices, patched a vulnerability, CVE-2025-21043, that would allow malicious code to be executed and spyware to infect specific victims’ devices, enabling them to spy on their WhatsApp messages.

Similarly, Apple has also released security patches to address another vulnerability, CVE-2025-43300, which has also been exploited in highly sophisticated spyware attacks against specific citizens.

4. The security of smart homes is under threat

Cyber espionage against businesspeople, public officials, journalists, or other citizens relevant to the productive fabric of civil society does not revolve solely around the use of spyware.

In mid-August, it was made public in Italy that a sexual video starring a presenter from Rai, the Italian public television station, was being marketed on a platform.

Malicious actors successfully accessed the video surveillance system in the presenter’s home.

This case highlights the importance of combating cyber espionage against businesspeople and public officials on all fronts, including in the domestic sphere.

The right to privacy is constitutionally protected in our country as a fundamental right, as it is in virtually all Western states.

However, cyber espionage against business leaders, politicians, and celebrities in their homes undermines this fundamental right by exploiting the widespread use of smart devices connected to the internet that are prevalent in our homes today.

Therefore, it is critical to consider the security of widely used technology today, such as smart speakers, video surveillance systems, and baby monitors. A vulnerability in these devices can be exploited to carry out cyber espionage on businesspeople and other targets that are particularly valuable to malicious actors.

5. The use of vulnerable Bluetooth devices can facilitate cyber espionage on businesspeople, politicians, or journalists

IoT devices not only have internet connections, but also use another global communications standard: Bluetooth.

Smartphones, laptops, smart speakers, wireless headphones, medical devices… They all use Bluetooth. And malicious actors know this.

The existence of vulnerabilities in Bluetooth discovery, pairing, authentication, or encryption processes can open the door to cyber espionage against specific targets, including businesspeople. This allows malicious actors, for example, to obtain sensitive medical information about a company’s CEO or eavesdrop on business conversations.

To enhance the protection of Bluetooth devices, Tarlogic developed BSAM, a methodology for Bluetooth security assessment that systematizes the security controls required to analyze the security of devices with Bluetooth communications.

6. How to deal with cyber espionage targeting business executives

Cyber espionage targeting business executives can be devastating for companies in terms of competition, economics, and even legal implications if personal data protection is compromised. Industrial cyber espionage and the theft of critical information can significantly undermine a company’s results and damage its market position.

What can organizations and managers do to address the threat of cyber espionage against businesses?

6.1. Basic tips for preventing cyber espionage against businesses

Some simple recommendations that companies and managers can take into account to combat cyber espionage against enterprises are:

• Assume that personal devices are part of the corporate security perimeter and include them in security policies.
• Continuously update device operating systems (especially mobile devices) and software. Updates incorporate security patches for recently discovered vulnerabilities.
• Follow basic cybersecurity best practices not only at work, but also at home. Change the default passwords on IoT devices, change passwords regularly, use multi-factor authentication mechanisms, check the security permissions of mobile applications, and review background data consumption.
• Implement security mechanisms and continuous monitoring to detect unusual activity on devices.

6.2. Cybersecurity services to combat cyber espionage against business owners

Given the serious consequences that cyber espionage against business owners and executives can have for companies, organizations must adapt their cybersecurity strategies to address this threat and have advanced cybersecurity services in place to help them manage it successfully:

• Vulnerability management to identify and prioritize the mitigation of weaknesses affecting companies’ IT infrastructure and the personal devices that executives use for business purposes, especially their mobile phones.
• IoT device audits to prevent attacks that exploit vulnerabilities in these devices and are used to carry out cyber espionage against business owners.
• Bluetooth security audits are conducted to ensure the security of devices, including mobile phones and wireless headphones.
• Proactive threat hunting. It is vitally important that threat hunters work by assuming compromise scenarios that allow them to anticipate malicious actors and detect sophisticated attacks that have not generated security events.
• Red Team. Many cyber espionage attacks on businesspeople or politicians are characterized by their high level of complexity. That is why Red Team services are essential for training those responsible for defensive security and improving the level of cyber resilience in the face of highly sophisticated attacks carried out by criminal groups with extensive knowledge and abundant financial resources.

In short, the use of spyware to infect the mobile phones of economically, socially, or politically important figures, as well as the exploitation of vulnerabilities in IoT devices, poses a major threat to companies.

Cyber espionage against business leaders can open the door to extortion, the sale of critical strategic information, or the theft of intellectual property. Companies must therefore strengthen their security strategies and effectively address this threat.