Kaspersky uncovered short-lived spyware attack campaigns by major infamous malware familities, wherein criminals managed to steal over 7000 corporate credentials on ICS networks. Attackers also used the stolen data from corporate networks to perform financial fraud or sell the obtained RDP, SSH, VPN, and SMTP credentials online. Organizations can protect themselves by training employees to identify phishing emails, limiting access, and making 2FA mandatory.