The Expanding Threat Landscape for Executives

Published by:
Sam Collard
Published on:
October 8, 2025

Executives today face a complex and growing array of threats, both online and physical. From ideologically motivated attacks and politically backed assassination plans to home invasions, activist targeting, and even kidnapping, the danger spectrum is wide.  

This blog outlines these threats and why they matter.

Terrorism

Executives are increasingly being targeted by extremist actors who see high-profile business leaders as symbolic representations of the systems they oppose.

A stark example is the assassination of UnitedHealthcare CEO Brian Thompson in New York City in December 2024, carried out by Luigi Mangione. Mangione’s attack is alleged to have been motivated by his belief that large healthcare corporations exploit ordinary people and contribute to systemic inequality. Investigations revealed that Mangione combined physical surveillance with research using publicly available information, such as Thompson’s conference schedule and professional background, to identify his location and plan the attack. This demonstrates how easily online data can be leveraged by attackers.

The threat did not end with Mangione’s arrest. Supporters have amplified his influence online, glorifying the violence and spreading his ideology. Campaigns such as “Luigi Was Right” and activist platforms like The CEO Database, which publishes the personal details of senior business leaders, have increased the threat by exposing sensitive data and inciting further hostility. Prosecutors have warned that Mangione’s rhetoric continues to inspire copycat threats, creating a cycle in which online extremism fuels real-world violence.

Luigi Mangione shot and killed UnitedHealthcare CEO Brian Thompson outside a hotel inmidtown Manhattan.
Supporters of Luigi Mangione’s actions have shown their support online.

State-sponsored attacks & influence operations

Executives at the helm of companies with significant influence over global markets, critical infrastructure, or defence capabilities may face threats not just from terrorists, but also from state or state-backed actors. Targeting senior business leaders can be a method to disrupt supply chains, gain leverage in geopolitical disputes, or weaken confidence in industries vital to national and international security.

A notable example is the foiled Russian plot to assassinate Armin Papperger, CEO of German defence company Rheinmetall. U.S. and German intelligence reportedly uncovered the plot, linked to Rheinmetall’s role supplying Ukraine with critical weapons and ammunition.  

Beyond direct attacks, nation-states also conduct influence and intimidation operations. Executives may be subjected to harassment, disinformation campaigns, or other tactics aimed at damaging credibility, discouraging investment, or pressuring their organisations into political compliance.

Theft & burglary

High-profile individuals are frequently targeted for theft or burglary, with criminals sometimes leveraging publicly available information to plan their attacks. Sophisticated thieves may monitor social media to track when a property is unoccupied or exploit online property listings that reveal layouts, security features, and valuable possessions, giving them a blueprint for entry and exit.  

Former football manager Harry Redknapp’s home was burgled in July 2025 while it was listed for sale on Rightmove, with police believing the listing may have given criminals valuable insights into the property’s layout and security. Kim Kardashian lost millions in valuables in the 2017 Paris robbery after thieves tracked her online activity, monitoring her social media posts to confirm when she was alone and vulnerable. Similarly, footballer, Jack Grealish, had £1m stolen from his Cheshire home while he was playing a match in December 2024, with reports suggesting burglars used fixture timetables to track his absence and social media to identify items of value.

These cases highlight how residential exposure, from property listings to social media posts about travel and lifestyle, can be exploited by criminals.

Kidnapping & ransom threats

Kidnap-for-ransom remains a serious threat, especially for high-net-worth individuals and executives.  

On 13 May 2025, a masked gang attempted to abduct the daughter of Pierre Noizat, CEO of the French cryptocurrency exchange Paymium, on a busy Paris street. The attackers tried to force the victims into a van but were stopped by the child’s father and a passerby using a fire extinguisher. French authorities have since arrested over 20 individuals linked to this and similar crimes targeting wealthy figures in the crypto sector.  

Historical cases include the 1992 kidnapping of Sidney Reso, President of Exxon International, who was murdered despite a ransom demand of USD 18 million, and the 1971 abduction of Theo Albrecht, co-founder of Aldi, who was held for 17 days in Düsseldorf before being released after a partial ransom payment.

Cryptoexchange CEO's daughter escapes kidnap attempt in Paris, May 2025.

Activism and public protests

Activist groups increasingly target executives and high-profile individuals for perceived ethical, environmental, or social failings. Such actions can range from property damage to reputational attacks.  

For example, in 2012 Occupy activists gathered outside Wells Fargo CEO John Stumpf’s residence in San Fransico to protest the bank's role in the housing crisis. Demonstrators delivered a symbolic "foreclosure notice" and displayed signs criticising the bank's practices. More recently in 2023, in Perth, Australia, climate activists from Disrupt Burrup Hub trespassed at Woodside Energy CEO Meg O'Neill’s home, planning to vandalise the property as part of a protest against the company's gas projects. The activists were arrested before any damage occurred.

High-profile athletes are not immune to such action either: members of the Spanish climate activist group Futuro Vegetal vandalised Lionel Messi's mansion in Ibiza in 2024. The activists spray-painted the property's façade with red and black paint and displayed a banner reading: "Help the planet – Eat the rich – Abolish the police." They justified the act by labelling the mansion an "illegal construction" highlighting the wealth disparity and its environmental impact.

Futuro Vegetal climate activist group members stand in front of vandalised Lionel Messi's mansion, Ibiza, Spain, August 2024.

Fraud & financial exploitation

Executives’ public profiles and visible presence can be weaponised in attempts to deceive investors, customers, and even their own organisations. Increasingly, attackers are turning to sophisticated methods, from impersonation scams and fake social media accounts to manipulated audio and deepfake video, to exploit trust in senior leaders. Advances in AI are making these tactics not only more accessible to wider range of attackers but also increasingly difficult to detect, amplifying the risk to organisations.  

For example, in 2024 India’s National Stock Exchange issued an official warning after deepfake videos surfaced showing its CEO, Ashishkumar Chauhan, offering stock recommendations. The NSE clarified that its executives do not provide such investment advice, highlighting how manipulated content can easily mislead and exploit retail investors.

Viral video from 2024 of Mukesh Ambani endorsing stock market forum was a deepfake.

Harassment, stalking and intimidation

Executives, particularly those in visible or controversial roles, sometimes become targets of personal harassment or surveillance. Campaigns that may begin online can quickly escalate into real-world threats.

Swatting incidents have emerged as a particularly dangerous form of harassment. Swatting is when someone makes a false report of a serious emergency, such as a hostage situation or active shooter, so that armed police or a SWAT team is dispatched to the target’s home. In 2019, Instagram executive Adam Mosseri was twice targeted at his home by such false emergency calls, prompting armed police responses. Investigations suggested the hoaxes were linked to online retaliation against his company’s moderation policies.

In 2024, executives at Boohoo were subject to surveillance and stalking in Manchester, UK, with unregistered devices discovered near company offices. Authorities investigated the incidents as potential corporate espionage, highlighting how business leaders can be targeted beyond the online space.

Swatting incidents targeting executives have been increasing across America.

Why use Executive Vulnerability Assessments?

The above examples emphasise how executives and high-profile individuals face an increasingly complex threat landscape, with their visibility, high-profile status, and access to sensitive corporate assets making them attractive targets, in turn creating significant organisational risk.

An Executive Vulnerability Assessment (EVA) provides a proactive, structured approach to identifying these risks before they are exploited. By assessing both online and physical vulnerabilities, an EVA highlights where sensitive information or personal exposure could be used against executives or the organisation and provides actionable recommendations to mitigate threats.

Investing in EVAs helps organisations safeguard their leaders, protect critical business operations, and reduce the likelihood of financial, reputational, or operational damage. In a world where threats evolve rapidly and can originate from anywhere, an EVA is an essential component of a robust security strategy.

Contact us today at info@secalliance.com to request an EVA for your organisation or to find out more on our executive monitoring services.