53% Of Corporate Devices Infected With Data-stealing Malware

53% Of Corporate Devices Infected With Data-stealing Malware

The share of corporate devices compromised with data-stealing malware has increased by one third since 2020, according to Kaspersky Digital Footprint Intelligence. 21% of employees whose devices were infected ran the offending malware repeatedly. In response to the escalating threat of infostealers targeting corporate users, the Kaspersky Digital Footprint Intelligence team is raising awareness of the issue and offering strategies to mitigate the associated risks.

Kaspersky has revealed a concerning trend: corporate devices are facing a growing threat from infostealers. According to data extracted from data-stealing malware log-files available on the dark web, the share of corporate users compromised with such malware has increased by 34 percentage points since 2020.

In 2023, experts concluded that every second device (53%) infected with credential-stealing malware was corporate, based on data indicating that the biggest share of infostealer infections was found in the Windows 10 Enterprise version. The diagram below illustrates the distribution of infections among various editions of Windows 10, spanning from 2020 to 2023.

Distribution of infections across affected Windows 10 versions, 2020–2023

After infecting a single device, cybercriminals can gain access to all accounts – both personal and corporate. According to Kaspersky statistics, one log file contains credentials with a corporate email as a login to an average of 1.85 corporate web applications, including web mail applications, customer data processing systems, internal portals, and more.

“We were curious to know if corporate users re-open malware, thereby allowing cybercriminals to again access data collected from a previously infected device without needing to infect it again,” comments Sergey Shcherbel, expert at Kaspersky Digital Footprint Intelligence. “To investigate this, we examined a sample of log-files containing data likely related to 50 banking organizations across various regions. We found 21% of employees reopened the malware again, and 35% of these reinfections occurred more than three days after the initial infection. This may indicate several underlying issues, including insufficient employee awareness, ineffective incident detection and response measures, a belief that changing the password is sufficient if the account has been compromised, and a reluctance to investigate the incident.”

Vertiv Outlines Best Practices of High-Density Cooling for Data Centers

Vertiv Outlines Best Practices of High-Density Cooling for Data Centers

Mahmoud Abdelmoneim, Sales Director for Middle East, Turkey & Central…
How Generative AI Accelerates Digital Transformation

How Generative AI Accelerates Digital Transformation

Lori MacVittie, F5 Distinguished Engineer discusses the impact of…
Maintaining Balance Between Performance and User Experience

Maintaining Balance Between Performance and User Experience

Gaurav Mohan, VP, SAARC & Middle East, NETSCOUT, discusses that…
Microsoft reveals Top Three teams for Imagine Cup!

Microsoft reveals Top Three teams for Imagine Cup!

Today marks a pivotal moment in the 2024 Imagine Cup as Microsoft reveal…
OPPO collaborates with startups for tech advancements

OPPO collaborates with startups for tech advancements

Today, with 150 million startups worldwide and another 50…
TikTok awards women entrepreneurs in Riyadh

TikTok awards women entrepreneurs in Riyadh

TikTok MENA celebrated the conclusion of the second edition of…