Kaspersky warns against data leakage from corporate devices
Kaspersky reported that the share of corporate devices compromised by data-stealing malware has increased by 34% since 2020
Cybersecurity company Kaspersky has revealed an ongoing trend of information thieves targeting corporate devices.
According to data from data-stealing malware session files found on the dark web, the share of corporate users compromised by such malware has increased by 34% since 2020. Twenty-one percent of employees whose devices were infected ran the malware repeatedly.
Based on data analysis, experts suggest that in 2023, 53% of every two devices infected with identity-stealing software will be corporate devices. The data also indicates that the highest number of infostealer infections were found on Windows 10 Enterprise edition.
After infecting a single device, cybercriminals can gain access to all accounts, both personal and corporate.
According to Kaspersky statistics, on average, a session file contains 1.85 corporate web applications with logins and corporate email addresses. These applications include webmail applications, customer data processing systems, internal portals, and more.
Kaspersky Digital Footprint Intelligence Expert Sergey Shcherbel stated that they examined a sample of session files containing data about 50 different banking organizations in various regions to investigate the issue.
Shcherbel, noting that 21% of employees reopened the malware, stated: "We were curious to see if corporate users were reopening malware so that cybercriminals could regain access to data collected from a previously infected device without the need to re-infect the device. As a result, we found that 35% of renewed infections occurred within three days of the initial infection. This could indicate a variety of underlying issues, including inadequate employee awareness, ineffective incident detection and response measures, a belief that changing the password is sufficient if the account has been compromised, and a reluctance to investigate the incident."
Recommendations to minimize impact of data leakage
Kaspersky Digital Footprint Intelligence experts offer the following recommendations to minimize the impact of data leakage caused by information theft activities:
"Immediately change passwords for compromised accounts and monitor them for suspicious activity. Advise potentially infected users to run antivirus scans on all devices and remove malware. Monitor dark web marketplaces for compromised accounts to detect compromised accounts before they impact the cybersecurity of customers or employees. Use Kaspersky Digital Footprint Intelligence to detect potential threats and take immediate action. For further protection against information theft infections, develop an employee security awareness program and offer regular training and assessments."
Source: Anadolu Agency
