Security News > 2021 > November > Microsoft adds AI-driven ransomware protection to Defender

Microsoft has introduced an AI-driven ransomware attack detection system for Microsoft Defender for Endpoint customers that complements existing cloud protection by evaluating risks and blocking actors at the perimeter.
As human-operated ransomware attacks are characterized by a specific set of methods and behaviors, Microsoft believes that they can use a data-driven AI approach to detect these types of attacks.
As Microsoft explains, adaptive protection can detect and block seemingly benign operations such as network enumeration, which ransomware actors use during the reconnaissance phase.
"Hypothetically, in attacks where early to mid-stage attack activities are not detected and blocked, AI-driven adaptive protection can still demonstrate huge value when it comes to the final ransomware payload." Microsoft explains.
"Given the device is already compromised, our AI-driven adaptive protection system can easily and automatically switch to the most aggressive mode and block the actual ransomware payloads, preventing important files and data from being encrypted so attackers won't be able to demand ransom for them."
Cloud protection is turned on by default, and the AI-driven enhancement is now automatically included in Microsoft Defender for Endpoints as an "Always-on" feature.
News URL
Related news
- Microsoft Edge update adds AI-powered Scareware Blocker (source)
- Microsoft raises rewards for Copilot AI bug bounty program (source)
- Microsoft names cybercriminals behind AI deepfake network (source)
- Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- AI will make ransomware even more dangerous (source)
- AI agents swarm Microsoft Security Copilot (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)