Security News > 2023 > February > Microsoft announces automatic BEC, ransomware attack disruption capabilities
Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite.
On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: BEC and human-operated ransomware attacks.
A fast defensive response to initiated cyber attacks is becoming increasingly crucial for organizations: According to IBM Security's X-Force team, the average time to complete a ransomware attack dropped from 2 months down to less than 4 days and the rate at which attackers target employees via compromised email accounts and by exploiting existing email threads has doubled.
In an ideal world, all organizations would have the right technology deployed and a well-staffed security operations center capable of spotting the very first signs of an attack in progress.
The signals on which Microsoft 365 Defender takes automated disruption actions are gathered from endpoints, identities, email, collaboration and SaaS apps.
Security teams can customize the configuration for automatic attack disruption.
News URL
https://www.helpnetsecurity.com/2023/02/24/bec-ransomware-attack-disruption/
Related news
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)