Security News > 2021 > September > The biggest problem with ransomware is not encryption, but credentials

At the heart of all this, credential compromise is the leading cause of ransomware attacks, because credentials give hackers the access they need to hold your systems hostage.

To understand the issue of credentials in ransomware attacks, one must understand what credentials really are.

Finding and using credentials has become easy; hackersuse legitimate tools such as Mimikatz and Microsoft's PsExec to dump credentials from a system's memory and execute processes on remote systems.

Threat actors can purchase low-level credentials for as little as $20, though credentials for admin-level accounts can be on offer at anywhere from $500 to $120,000.

In the context of ransomware, this means organizations can drastically reduce even an experienced ransomware threat actor's access to their credentials.

The credentials problem cannot be solved by simply eliminating passwords and usernames.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/lRqpEeti1TY/