The Good Tech Companies - SpyCloud Unveils Massive Scale Of Identity Exposure, Highlighting Need For Advanced Security Measure
Episode Date: September 18, 2024This story was originally published on HackerNoon at: https://hackernoon.com/spycloud-unveils-massive-scale-of-identity-exposure-highlighting-need-for-advanced-security-measure. ... These stolen credentials are then sold in criminal communities for use in further attacks. Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #cyberwire, #press-release, #cyberthreats, #cybercrime, #good-company, and more. This story was written by: @cyberwire. Learn more about this writer by checking @cyberwire's about page, and for more stories, please visit hackernoon.com. Infostealers are a type of malware designed to exfiltrate digital identity data, login credentials, and session cookies from infected devices. 61% of all data breaches in the past year were malware-related. One in five individuals has been a victim of an infostealer infection. Each infection exposes 10-25 third-party business application credentials.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
SpyCloud unveils massive scale of identity exposure,
highlighting need for advanced security measure, by CyberWire.
Austin, Texas, September 18, 2024, CyberNewsWire,
research indicates that an infastealer malware infection isofen a precursor to a ransomware
attack SpyCloud, the leader in cybercrime analytics,
today announced new cybersecurity research highlighting the growing and alarming threat
of InfoStealers, a type of malware designed to exfiltrate digital identity data,
login credentials, and session cookies from infected devices.
SpyCloud's latest findings reveal the staggering scale of identity exposure caused by InfoStealers,
the influence this type
of malware has had on the Surgeon ransomware incidents, and the profound implications for
businesses worldwide. Massive scale of identity exposure creates new risks according to SpyCloud,
61% of all data breaches in the past year were malware-related, with InfoStealers responsible
for the theft of 343.78 million credentials.
These stolen credentials are then sold in criminal communities for use in further attacks.
The research also found that one in five individuals has been a victim of an InfoStealer
infection. Each infection, on average, exposes 10 to 25 third-party business application credentials,
creating fertile ground for further access and exploitation, particularly by ransomware operators. Greater than, our latest findings reveal a
critical shift in the cybersecurity landscape, greater than said Damon Fleury, Chief Product
Officer at SpyCloud. Greater than, greater than, greater than, infasteelers have become the go-to
tool for cyber criminals, with their greater than ability to exfiltrate valuable data in a matter of seconds, creating a runway greater-than-for-cyber attacks like
ransomware off the vast amounts of stolen access to SSO, greater-than-VPN, admin panels,
and other critical applications. INFOSTELERS. The precursor to ransomware attacks the link
between InfoStealers and ransomware is becoming
increasingly evident. Through deep analysis of recaptured InfoStealer logs, SpyCloud discovered
a worrying trend. Companies with employees and contractors who are infected with InfoStealer
malware are significantly more likely to experience a ransomware attack. In fact,
nearly one-third of companies that suffered a ransomware attack last year had previously experienced an infastealer infection. According to the report, this is based on
publicly known incidents and confirmed ransomware events. The true exposure is potentially even
higher as not all ransomware incidents are made publicly available.
Greater than, the correlation between infastealer infections and subsequent ransomware greater than
attacks is a wake-up call for businesses, said Trevor Hillegoss, vice-greater-than-president of
SpyCloud Labs, SpyCloud.
Greater-than-greater-than, greater-than, however, this field is incredibly complex
and fast-moving.
This year, we're greater-than-seeing new Infostealers families that make use of expanded
capabilities such greater-than-as-ad as advanced encryption to stay stealthy or the ability to restore expired greater than authentication cookies for more
persistent access. The rise of malware as a service and account takeover attacks the
Infostealer threat is further exacerbated by the rise of malware as a service, MOSS.
This off-the-shelf model allows even low-skilled cyber criminals to purchase and deploy
sophisticated malware,
including InfoStealers, with ease. Through MOS, these criminals can acquire fresh and accurate identity data in bulk, fueling the cycle of cybercrime. SpyCloud's findings also
shed light on the evolution of account takeover, auto, attacks, powered by InfoStealers.
Unlike traditional auto, which relies on stolen credentials,
username and password combinations, next-generation auto leverages stolen session cookies to sidestep
traditional authentication methods in what is known as session hijacking. By taking over these
already authenticated sessions, cybercriminals can mimic legitimate users and infiltrate networks
undetected. This method significantly increases the success rate
of attacks and poses a severe threat to organizational security. Greater than,
the sheer volume of credentials and session cookies being siphoned by greater than info
stealers is staggering, said Hillegas. Greater than, in the last 90 days alone,
SpyCloud has recaptured over 5.4 billion stolen greater-than-cookie records,
with an average of nearly 2,000 exposed records per infected greater-than device.
This vast trove of data is increasingly used by ransomware operators greater than an initial
access brokers to facilitate their attacks, highlighting the need greater-than-for-advanced
defense strategies. Antivirus, MFA and traditional defenses are no longer enog at least 54% of
devices infected with InfoStealers in the first half of 2024 Hadandivirus are endpoint detection
and response. EDR, solutions installed, underscoring the limitations of traditional
cybersecurity measures in combating the techniques used by modern cyber criminals.
Furthermore, InfoStealers and session hijacking attacks render
multi-factor authentication, MFA, and passwordless authentication methods like passkeys ineffective.
By hijacking already authenticated sessions, cybercriminals can impersonate legitimate users
and sidestep even the most robust authentication methods. The call for next-generation cyber
security The findings from SpyCloud make it clear.
Traditional malware mitigation is no longer sufficient and ignoring the problem only
exacerbates the impact on businesses. Organizations must move beyond merely
removing infections and focus on remediating the long-term risks posed by exposed data.
This includes resetting compromised application credentials and invalidating session cookies siphoned by InfoStealers. By understanding the risks posed by InfoStealers and working
to mitigate the data that has been exfiltrated, organizations are able to limit the likelihood
of devastating cyberattacks such as ransomware that stem from this stolen data.
SpyCloud remains committed to helping organizations navigate these challenges
and safeguard their digital assets. Readers can download the full 2024 Malware and Ransomware Defense Report.
To learn more about how SpyCloud helps organizations defend against ransomware,
readers can visit https://spycloud.com. Use case, ransomware prevention.
About the SpyCloud 2024 Malware and Ransomware Defense
Report For this fourth annual report, SpyCloud surveyed 510 individuals in active cybersecurity
roles within organizations in the US and the UK with at least 500 employees. The report examines
the top concerns and real-life impacts of ransomware, including popular entry points,
ransom payments, and the cumulative costs of
these attacks to the business. It also highlights key cyber threat prevention strategies and future
security priorities identified by these experts. About SPY CloudSpy Cloud transforms recaptured
darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage
advanced analytics to proactively prevent ransomware and account takeover, safeguard employee and consumer
accounts, and accelerate cybercrime investigations. SpyCloud's data from breaches, malware-infected
devices, and successful phishis also powers many popular dark web monitoring and identity theft
protection offerings. Customers include more than half of the Fortune 10, along with
hundreds of global enterprises, mid-sized companies, and government agencies worldwide.
Headquartered in Austin, Texas, SpyCloud is home to more than 200 cybersecurity experts whose
mission is to protect businesses and consumers from the stolen identity data criminals are using
to target them now. To learn more and see insights on their company's exposed data,
readers can visit SpyCloud.com Contact EVP, Public Relations Katie Hanischick REQ on behalf
of SpyCloud SpyCloud at Rec. Co. Tip This story was distributed as a release by CyberWire under
HackerNoon's business blogging program. Learn more about the program here. Thank you for listening
to this Hackerernoon story read
by artificial intelligence visit hackernoon.com to read write learn and publish