Ransomware remains one of the more dreaded cyberthreats of the decade. But for a ransomware attack to be initiative, the attacker must first have your credentials. One such enabler of ransomware operations are infostealers.
According to Secureworks Counter Threat Unit researchers, on a single day in June 2022, over two million credentials obtained by infostealers were available for sale on just one underground marketplace. Check Point estimates that up to 21% of malware worldwide is made up of infostealers.
In today’s PodChats for FutureCISO, we are joined by Alex Tilley, head of intelligence research for Asia-Pacific at Secureworks, to shed light on how to counter the rise of infostealers.
1. What is an infostealer malware? How does it work?
2. Are infostealers prevalent in Asia? What are the motivations? Any difference between the types of infostealer malwares used in Asia compared to elsewhere?
3. How do infostealers work? In what situations (in Asia) are infostealers more successful in this region?
4. We’ve noted the rise in use of VPNs during the pandemic. Will the use of VPN lessen the threat of infostealers?
5. So the increase of MFA and VPNs aside, what are the misconceptions among CISOs, security professionals and users when it comes to combating infostealers?
6. Will the adoption of FIDO2 and passwordless or passkeys help in the fight against infostealers? Do you anticipate cybercriminals finding ways around these?
7. Coming into 2023, what strategies will work best against infostealers? How should CISOs work with CIOs and the rest of the organisation to better secure the business against infostealers?
8. Closing our PodChat, what are your expectations for 2023?