• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

PodChats for FutureCISO: Combating the rise of infostealers

Allan Tan by Allan Tan
December 27, 2022

Ransomware remains one of the more dreaded cyber threats of the decade. But for a ransomware attack to be initiated, the attacker must first have your credentials. One such enabler of ransomware operations is infostealers.

Key developments in the ransomware landscape, June 2021 - June 2022.
Source: Secureworks

According to Secureworks Counter Threat Unit researchers, on a single day in June 2022, over two million credentials obtained by infostealers were available for sale on just one underground marketplace. Check Point estimates that up to 21% of malware worldwide is made up of infostealers.

Alex Tilley, head of intelligence research for Asia-Pacific at Secureworks, warns that infostealers are full-featured spying toolkits in as much as they can do anything that they want on your machine.

“Once they are installed, they are very insidious. And because they've been around since 2006, they are very mature and very good at what they do in taking your information,” he added.

He opined that Asia-Pacific appears to be a ‘testing bed’ for new types of attacks. He also observed that while the early infostealers were called banking trojans, these have since moved to other industries partly as banks and regulators have become more aggressive in protecting their processes.

Mining old stolen data

Accenture’s Cyber Threat Intelligence team (ACTI) noted a marked increase in the number of logs for sale from July to October 2022.

Infostealers cybercriminals used most to obtain the credentials for sale on Russian Market in July and October 2022
Source: Accenture 2022

ACTI reports that in 2022, the high-profile breaches of several large organisations illustrated the ease at which threat actors can breach network defences using stolen employee credentials and leveraging MFA fatigue attacks.

Tilley laments that there remains stolen data from the last 15 years ‘sitting out there.’ He argues that cybercriminals are revisiting these old stolen data, including passwords, to identify which can be used to infiltrate company networks.

“Unfortunately, oftentimes it works because that stolen credential hasn't been changed in 15 years, or five years or two years,” laments Tilley.

Situations when VPNs don’t work

Virtual private network (VPN) usage got a boost in 2020 as organisations instituted work-from-home processes in a bid to normalise operations following government-mandated lockdowns. Statista estimates the VPN market globally at US$44.6 billion, up 75% from 2019, and forecasts this to rise to US$77.1 billion in 2026.  

Change in observed initial access vector over time.
Source: Secureworks

Tilley opined that VPNs alone are not sufficient to protect an organisation’s network from hackers trying to get in, particularly if passwords are stolen. A stolen password can be used to access a network even if s VPN is being used to access the network. However, using multi-factor authentication can stop access to the corporate network even if a stolen password is being used to enter the network.

He believes that MFA should be on the top of a CISO or CIO’s priority list.

The job of security professionals

Asked whether the adoption of FIDO2, passwordless and passkeys help in the fight against Infostealers, Tilley concedes that it is inevitable that sometime in the future, criminals will find a way to circumvent these developments.

Alex Tilley

“That doesn't mean that we shouldn't move towards these more secure (solutions). Security is always a balancing game between functionality and security. Our job is to enable the business to operate. What we must never do, I think is, as part of this discussion is, we must never say, we're done."

Alex Tilley

Acknowledging that developments and threats will continue to evolve, he concedes that security is a never-ending game.

CISOs and CIOs working together in 2023

In the realm of security, visibility is important. “If you can’t see the threat, you can’t deal with it,” stated Tilley.

“Infostealers do not exist in a bubble. There is always something around them that you can see – be it the way it was delivered, be it the attack tool that was used to put it into your network, be it the abnormal user login activity – if you've got a user in Laos, and suddenly, they are logging in a German time zone,” he suggested.

He supports the deployment of endpoint protection solutions as these provide some visibility. However, he cautioned reminded that other things will occur at the same time as that Infostealers are being delivered and we can see those, and we just need to act on those.

What lies ahead in 2023

Ransomware attacks are moving beyond just preventing access to data and networks and have moved into the realm of extortion using the content of the data – corporate secrets that need to be kept secret.

“It is still using those same techniques of access into networks, using infostealers and other penetration tools, to get access to your network to find those juicy bits of data to steal, and then holding you to your feet, to the fire, as it were. I think that might be big,” concluded Tilley.

Click on the PodChat player more about how organisations can combat the rise of infostealers.
  1. What is infostealer malware? How does it work?
  2. Are infostealers prevalent in Asia? What are the motivations? Any difference between the types of infostealer malware used in Asia compared to elsewhere?
  3. How do infostealers work? In what situations (in Asia) are infostealers more successful in this region?
  4. We’ve noted the rise in the use of VPNs during the pandemic. Will the use of VPN lessen the threat of infostealers?
  5. The increase of MFA and VPNs aside, what are the misconceptions among CISOs, security professionals and users when it comes to combating infostealers?
  6. Will the adoption of FIDO2 and passwordless or passkeys help in the fight against infostealers? Do you anticipate cybercriminals finding ways around these?
  7. Coming into 2023, what strategies will work best against infostealers? How should CISOs work with CIOs and the rest of the organisation to better secure the business against infostealers?
  8. Closing our PodChat, what are your expectations for 2023?
Related:  Business brains plus IT intelligence equals business success
Tags: multifactor authenticationnfostealersPodchatsransomwareSecureworksStatistavpn
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe