Security News > 2023 > February > Microsoft announces automatic BEC, ransomware attack disruption capabilities
Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite.
On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: BEC and human-operated ransomware attacks.
A fast defensive response to initiated cyber attacks is becoming increasingly crucial for organizations: According to IBM Security's X-Force team, the average time to complete a ransomware attack dropped from 2 months down to less than 4 days and the rate at which attackers target employees via compromised email accounts and by exploiting existing email threads has doubled.
In an ideal world, all organizations would have the right technology deployed and a well-staffed security operations center capable of spotting the very first signs of an attack in progress.
The signals on which Microsoft 365 Defender takes automated disruption actions are gathered from endpoints, identities, email, collaboration and SaaS apps.
Security teams can customize the configuration for automatic attack disruption.
News URL
https://www.helpnetsecurity.com/2023/02/24/bec-ransomware-attack-disruption/
Related news
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- Microsoft says more ransomware stopped before reaching encryption (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)