Passguard: No-nonsense solutions against infostealers at Royal FloraHolland

What are infostealers and why are they dangerous?

Bas Wevers: “Information security is becoming increasingly stringent. As a result, we see a waterbed effect: attackers search for the most accessible point. Nowadays, this is no longer in corporate networks but at people’s homes. It’s easier for attackers to start there. They simply look for a lock that can still be opened.”

“Infostealers are so inventive. That’s what makes them so troubling. You can’t blame people for falling victim to an infostealer. As a result, people unknowingly expose a lot of information they are completely unaware of. This includes both private and business-related information.”

“The tricky part is: if you’re dealing with an infostealer, you don’t know whether your information has been stolen, let alone whether attackers can misuse that data. As a result, attackers can gain access to your systems without you realizing it. Meanwhile, sensitive business sessions can also be accessed. Essentially, the end user facilitates the attackers in this.”

How do you use Passguard in the fight against infostealers?

Bas Wevers: “It’s actually quite simple. First and foremost, we use it to directly resolve infostealer infections. When a new infostealer infection is reported, we consult the information in Passguard. All we need to know is which endpoint is affected. This is determined based on the hostname, local username, and associated account. We then take action to mitigate the risk.”

“But Passguard also helps us shape our policies regarding infostealers, depending on the level of risk. For example, we ask ourselves: what investment is necessary to reduce the risk of infostealers? What can we do in terms of technical measures or awareness? This involves decisions about Mobile Device Management or securing specific portals.”

What other measures are you exploring?

‍Bas Wevers: “The tricky thing about infostealers is that they often occur on unmanaged and undermanaged devices. We are now exploring whether we can use compliance tooling to verify whether devices logging into our internal environments can be trusted. This means we’re not just talking about Device Management but also Device Compliance. We don’t take over the management of these devices, but we do set minimum requirements for them.”

Why do you work with Passguard?

‍Bas Wevers: “I have thoroughly enjoyed working with Passguard since the beginning. Why? Because it’s no-nonsense. Clear. Factual. The data tells the story.” 

“What I especially appreciate is that Passguard makes clear what’s really happening. It removes the ambiguity from the topic of infostealers. That makes it interesting and turns it into something I can deal with. That’s why I see its value.”

What advice would you give other organizations?

Bas Wevers: “It’s important to understand your risk so that you can reduce it step by step. But it all starts with awareness. Being conscious of what you don’t see. Then you can assess whether measures are necessary. It’s also a considerate approach toward your employees.”

Three tips from Bas to protect your organization against infostealers:
1. Create awareness: Ensure employees know what infostealers are and how to avoid them, especially when working from home.
2. Implement monitoring tools: Use tools like Passguard to detect infostealer infections early and take immediate action.
3. Set minimum requirements for devices: Consider using Device Compliance to make access to business environments more secure.

Infostealers are a growing problem, but with the right approach, you can make this threat manageable. As Bas states: “It starts small, but it starts with awareness. And that makes all the difference.”