WHAT IS A STEALER LOG?
Stealer logs (also known as infostealers) are bits of malware or malicious code that literally steals information from your PC or laptop. They are small, unobtrusive but can be highly damaging.
The main objective is to acquire high value information about you as the user. Most commonly is usernames and passwords, banking information e.g. your credit card, and website session cookies (the remarkable way you do not have to log back into a website if you have already been there).
All this information is the target of a stealer log.
What’s worst is that, as a user you can accidentally install infostealer malware via a website containing illegitimate ads, targeted emails or downloading and installing cracked software.
Infostealers or the information gleaned from their operation is big business.
Organised cyber criminals utilise commercially available infostealer infrastructures. These ‘as a service’ platforms mean cyber gangs no longer need the technical know-how to build this capability, just a pay a monthly fee for its use at surprisingly low prices!
WHAT ARE THE RISKS TO YOU?
The primary risk to anyone unfortunate enough to be targeted
by infostealer malware is data loss. The level of data stolen by an infostealer is and of itself not overly valuable but, particularly for corporate victims, the real risk lies in what that data is used for after.
Corporate credentials and data can be used to target a company to establish access to a corporate network. In turn, this opens the network to exploitation by a threat actor, with intrusions resulting in deployment of ransomware and other malware tools to extract data and disrupt business activities.
This threat can have significant risk to a business:
Operationally – your business systems not functioning,
Financially – loss of income and cost to recover,
Reputationally – failure to maintain the confidentiality of customer and staff data,
Regulatory – fines because of data loss.
HOW DO I PROTECT MYSELF AND MY BUSINESS?
Defence in depth is your solution – putting multiple controls in place to identify, stop and remediate instances of infostealer malware.
Relying on traditional Anti-virus and a view that ‘we are not big enough’ are no longer viable.
For SME’s, 2tela recommend a 2-prong approach. For day-to-day protection, Microsoft Business Premium with all the controls correctly configured to provide a good layer of protection to disrupt infostealer malware from making its way onto a corporate resource.
In addition, using Threat Intelligence to provide an early
warning that resources have been compromised. This is especially the case where technology resources used in your business are not under your direct control.
2tela utilise Skurio DRP capabilities to ‘see’ into places of the Internet where stolen credentials and other stolen corporate information is sold or traded.
In this digitally connected world, quickly identifying threats to your business is the critical factor in stopping a cyber incident from turning into a costly cyber breach.
Please contact 2tela via email (email@example.com) or phone (01903 947780)
to discuss how we can help getting then best out of your Microsoft Subscription
and how our Threat Intelligence services can protect your business.