Malware Stole 1.2TB Private Data From 3 Mil PCs

<p><span class=\"il\">The</span> <span class=\"il\">abrupt</span> <span class=\"il\">shift</span> to remote work due to COVID-19 during <span class=\"il\">the</span> past year also coincidentally corresponds to a 72% increase in ransomware attacks during <span class=\"il\">the</span> same time period. This suggests that several home computers in use for work-from-home purposes, may in fact have already been infected by malware for quite some time but are now being increasingly triggered by bad actors as they carry interesting corporate data traffic. <span class=\"il\">The</span> Nordlocker report highlights how keyloggers and other disciplined malware attacks can be conducted across a large surface area over an extended period of time. These can successfully harvest copious amounts of sensitive data including credential and biographic information which can then be sold on <span class=\"il\">the</span> black market. This data can also be misused for social engineering and lateral movement to facilitate secondary attacks on progressively higher-value targets such as financial accounts. These secondary attacks can take on many forms including a multi-modal fraud campaign encompassing online, mobile, and contact center channels even including branch fraud, with varying degrees of success. </p> <p> </p> <p>Unfortunately, <span class=\"il\">the</span> weakest link in <span class=\"il\">the</span> security landscape is still <span class=\"il\">the</span> password! Organizations and users need to accelerate their journey to passwordless authentication methods such as phone as a token and or FIDO2 security keys. These authenticators create an unphishable relationship with <span class=\"il\">the</span> user and eliminate <span class=\"il\">the</span> need for password-based credentials thereby improving <span class=\"il\">the</span> organization’s resilience against such cyber attacks.</p>