Security News > 2020 > March > Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week.
REvil, Samas, Bitpaymer, and Ryuk are some of the most infamous human-operated ransomware campaigns, but other prolific threat actors have emerged recently, demonstrating a need for comprehensive defenses that can stop the attacks in their infancy, Microsoft says.
The company, which has been tracking several adversaries that deploy ransomware in such a manner, has observed similarities in the techniques employed by three adversaries behind active human-operated ransomware campaigns.
Another ransomware family deployed by human operators through stolen credentials for privileged accounts is Doppelpaymer.
"The use of numerous attack methods reflects how attackers freely operate without disruption - even when available endpoint detection and response and endpoint protection platform sensors already detect their activities," Microsoft notes.
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware (source)
- Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- US Government, Microsoft Aim to Disrupt Russian threat actor ‘Star Blizzard’ (source)
- Microsoft says more ransomware stopped before reaching encryption (source)
- Volkswagen monitoring data dump threat from 8Base ransomware crew (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)