Security News > 2020 > March > Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week.
REvil, Samas, Bitpaymer, and Ryuk are some of the most infamous human-operated ransomware campaigns, but other prolific threat actors have emerged recently, demonstrating a need for comprehensive defenses that can stop the attacks in their infancy, Microsoft says.
The company, which has been tracking several adversaries that deploy ransomware in such a manner, has observed similarities in the techniques employed by three adversaries behind active human-operated ransomware campaigns.
Another ransomware family deployed by human operators through stolen credentials for privileged accounts is Doppelpaymer.
"The use of numerous attack methods reflects how attackers freely operate without disruption - even when available endpoint detection and response and endpoint protection platform sensors already detect their activities," Microsoft notes.
News URL
Related news
- Threat actors are using legitimate Microsoft feature to compromise M365 accounts (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)