Security News > 2023 > February > Microsoft announces automatic BEC, ransomware attack disruption capabilities

Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite.

On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: BEC and human-operated ransomware attacks.

A fast defensive response to initiated cyber attacks is becoming increasingly crucial for organizations: According to IBM Security's X-Force team, the average time to complete a ransomware attack dropped from 2 months down to less than 4 days and the rate at which attackers target employees via compromised email accounts and by exploiting existing email threads has doubled.

In an ideal world, all organizations would have the right technology deployed and a well-staffed security operations center capable of spotting the very first signs of an attack in progress.

The signals on which Microsoft 365 Defender takes automated disruption actions are gathered from endpoints, identities, email, collaboration and SaaS apps.

Security teams can customize the configuration for automatic attack disruption.

News URL

https://www.helpnetsecurity.com/2023/02/24/bec-ransomware-attack-disruption/