Some food for thought from a report by SpyCloud:
MASSIVE SCALE OF IDENTITY EXPOSURES CREATES NEW RISKS
The scale of identity exposure due to infostealers is massive: 61% of breaches last year were malware-related and responsible for 343.78 million stolen credentials.
Our recaptured data also shows that as many as 1 in 5 people are the victim of an infostealer infection, with each infection exposing anywhere from 10 to 25+ third-party business application credentials, on average.
INFOSTEALERS LEAD TO FUTURE RANSOMWARE ATTACKS
Through a deep analysis of recaptured infostealer logs, we discovered that the presence of infostealer malware correlates to the likelihood that a company will experience a ransomware attack in the near future.
Nearly one-third of companies that experienced a ransomware event last year had at least one infostealer infection in the 16 weeks prior to being attacked.
ANTIVIRUS, MFA, AND TRADITIONAL DEFENSES AREN’T ENOUGH
According to our recent research, for the first six months of 2024, at least 54% of devices infected with infostealer malware had an antivirus or EDR solution installed at the time of successful malware infection.2
With infostealers and session hijacking at play, traditional solutions like antivirus and multifactor authentication (MFA) don’t mean you’re fully protected.
2 54% is likely low, as not all infostealers collect sufficient data to determine whether an antivirus/endpoint
detection & response (EDR) solution was installed and running on the infected device.
Access the full Spycloud report: THE 2024 MALWARE AND RANSOMWARE DEFENSE REPORT