5 Key Quotes from the New Cyber Security Centre Report on Infostealers

1. "The use of info stealers by cybercriminals presents a threat to the security and wellbeing of Australian organisations."

Infostealers are often underestimated, perhaps because they are relatively new. However, the ACSC stresses that they pose a direct threat to the security and wellbeing of Australian organisations. This warning is equally applicable to organisations in Europe.

‍

2. "The Australian Signals Directorate’s Australian Cyber Security Centre has identified corporate network breaches that originated in employees accessing work resources from compromised personal devices."

This finding underscores why infostealers are so dangerous: successful cyberattacks often begin when employees log in from compromised personal devices. Attackers use legitimate login credentials obtained from these infected devices, proving that infostealers are a very real risk.

‍

3. "The increasing volume of stolen data for sale on dark web marketplaces, and an increase in initial access broker activity leveraging this data, is reflective of this rising trend, which has accelerated into 2024."

The final five words are crucial: the risk from infostealers has accelerated further in 2024. This applies to both the rise in stolen data being sold and the increase in activities by initial access brokers exploiting this data.

‍

4. "Organisations that facilitate employees, contractors, managed service providers, or other entities to access their network remotely, including with Bring Your Own Device (BYOD) hardware, need to be aware of the risks of info stealers and protect themselves from this threat."

Organisations enabling remote access, especially through BYOD, must be aware of the risks posed by infostealers. Despite the growing threat, adequate measures are often still lacking.Organisations enabling remote access, especially through BYOD, must be aware of the risks posed by infostealers. Despite the growing threat, adequate measures are often still lacking.

‍

5. "Organisations may not be able to enforce controls on devices that connect to their corporate network, particularly on personal devices used by employees working remotely."

The Australians warn that organisations often have little control over personal devices connecting to their network, particularly with remote work – something we also see with our clients. 

This highlights the importance of infostealer monitoring. As an organisation, you're responsible for what your employees do with your data on your internal systems, but you lack control over the devices where infections originate. Monitoring new infections helps bridge this gap and provides better control over risks that would otherwise be beyond your reach.