Security News > 2020 > April > How to thwart human-operated ransomware campaigns?

"Using an attack pattern typical of human-operated ransomware campaigns, attackers have compromised target networks for several months beginning earlier this year and have been waiting to monetize their attacks by deploying ransomware when they would see the most financial gain," says the Microsoft Threat Protection Intelligence Team.

"Human-operated ransomware attacks represent a different level of threat because adversaries are adept at systems administration and security misconfigurations and can therefore adapt to any path of least resistance they find in a compromised network," the team explained.

Of course, attackers are not adverse to simultaneously try to deliver the ransomware via phishing emails or downloader Trojans that may already present on enterprise systems.

"As ransomware operators continue to compromise new targets, defenders should proactively assess risk using all available tools. You should continue to enforce proven preventive solutions-credential hygiene, minimal privileges, and host firewalls-to stymie these attacks, which have been consistently observed taking advantage of security hygiene issues and over-privileged credentials," they noted.

"Microsoft's dedication to preventing and stopping these everyday ransomware attacks is refreshing in a world where many security vendors focus their attention primarily on splashy detection of nation-state actors," he added.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/BkciClrWCCc/