Levon Gasparian is CEO of Infopay, a data technology company, & founder of IDStrong, an identity monitoring & protection service provider.
An infostealer botnet is a grouping of malicious programs that are deployed on many corporate computers and technological networks. These networks of malicious software offer simple access points to otherwise protected business PCs and devices. Access to these malware entry points is occasionally abused by the same attackers that installed the virus, but it is often sold on the dark web to another attacker.
Constella’s internal research reveals that within the first three months of 2023, approximately 80% of big corporations were infected by an information-stealing (infostealer) malware. In addition, infostealers were responsible for the theft of approximately 400 million credentials in 2022, and the number of identified infostealer infections increased by 140% from 2021 to 2022, reaching over 11 million.
Personal equipment is a gateway for infostealers.
Due to global events such as Covid, more individuals are working from home than ever before. As a result, more personal equipment is being used than ever before. Today, personal phones and laptops are increasingly used as entry points into business networks. Intruders get access to the personal devices of company personnel to collect credentials that they may subsequently use to access corporate equipment.
Certain data points are exposed more than others.
According to an assessment by Constella, email addresses are involved in 51.8% of all data breaches. 30.6% of breaches include passwords, 29.5% include names, 28.4% include usernames and 27.5% include phone numbers. If a data breach occurs, you should anticipate these typical data elements to be at risk. Email, in combination with a password, can be enough to start a breach. Companies can face reputation damage, lost income and more from a compromised email.
The Ever-Growing Costs Of Data Breaches
Data breaches are a much more serious problem than most people realize. According to similar research done by IBM, data breaches cost businesses an average of $4.3 million annually. Ransomware is even more expensive, averaging $4.5 billion annually, not including any ransom payment. The costs must be made up somewhere; 60% of businesses admit they have raised their product and service costs to consumers as a result of the income lost to the breach.
How To Protect Yourself And Company From Infostealer Botnets
The Constella report showed that the first quarter of 2023 saw 1 in 3 mid-sized businesses and 4 in 5 large businesses facing data loss from botnets, making it highly likely that one of your systems will have an information-stealing application placed on it. To avoid a data breach from revealing sensitive information to attackers, you should keep your malware software up-to-date and run frequent malware protection scans.
Regularly conducting these scans will allow you to identify and eliminate malicious applications before they could trigger a data breach. You should also teach your employees to use robust passwords and to change them frequently. Employees should avoid installing strange applications and opening email attachments from unknown sources.
It’s also important to avoid giving away private information via email. Here are rules all companies should abide by.
• Avoid installing programs from strange emails.
• Don’t give private information away via email.
• Update security software and run regular malware scans.
• Utilize strong passwords and authentication services.
• Use 2FA (two-factor authentication) or MFA (multifactor authentication) on every device.
• Rely on a VPN when accessing the internet.
• Backup key company data.
Infostealer botnet attacks are becoming more prevalent with each passing year. Your company is likely already being targeted by attackers attempting to install malware on your devices, and it is your responsibility to take measures to protect the company. Follow these recommendations to prevent data breaches from harming your company.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here