Danny Palmer at ZDNet wrote: "Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the public profiles of individuals working in the high-turnover industry to help conduct their phishing campaigns.
The August 2019 Threat Intelligence Bulletin from cybersecurity company Glasswall details the industries most targeted by phishing, with the technology sector accounting for almost half of malicious phishing campaigns.
For attackers targeting technology businesses, the goal is often stealing intellectual property and other data, which can be either be sold for profit, or in the cases of corporate or state-backed espionage, used to build knock-off versions of the same products.
According to the Glasswall report, software developer is the role most targeted by hackers going after the technology sector. A key reason for this is that devs do the groundwork on building software and will often have administrator privileges across various systems. That's something attackers can exploit to move laterally around networks and gain access to their end goal.
"As an attacker, if you can land on an administrator machine, they have privileged access and that's what the attackers are after. Software developers do have that privileged access to IP and that makes them interesting," Lewis Henderson, VP at Glasswall, told ZDNet.
With software developers being technically-savvy people, some might argue that they shouldn't easily fall victim to phishing campaigns. But attackers can use specially-crafted messages to target one individual in the organisation they want to gain access to.
With software developers often staying in jobs for relatively short periods of time, it's common for those in the profession to build a profile on professional social networks such as LinkedIn. Attackers can exploit that to find out the specific skills and interests of their would-be victim and tailor a spear-phishing email towards them.
In many cases, the attacker will create a phishing email which claims to be from a recruiter looking for someone with the skills or programming languages of the intended victim – skills which have been scraped from their public professional-networking profile.
"It could be a PDF job offer, saying they know you're in the industry and these are your skills because they've looked you up on LinkedIn. They're trying to entice people through social engineering and phishing in a pretty deadly combination," said Henderson." Continued at ZDNet
You should really step your developers through new-school security awareness training, they are a high-risk type of employee, just like your C-level, Sales, Marketing, HR and Legal.