The Microsoft Threat Intelligence Center (MSTIC) just published a lengthy report providing an overview of the Ransomware-as-a-service (RaaS) threat and detailing what organizations can do to better defend against this activity. Microsoft has termed the RaaS gig economy as human-operated ransomware, where human threat actors make decisions at every stage of the attack. Despite the rising threat, there are many preventative steps organization can implement to harden their defenses. First, it’s important that companies practice credential hygiene. In almost all ransomware cases, threat actors exploit stolen credentials or abuse porous system privileges to compromise accounts. Additionally, defenders should prioritize deployment of Active Directory updates and work to harden their cloud infrastructure. For specific steps on increasing your organization’s security posture read the detailed actions at Microsoft. Access the full post here.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!