Ransomware attacks: Microsoft reveals 3 biggest security mistakes

tech.hindustantimes.com:

Ransomware attacks are increasing year by year! Every other day, there is some piece of news warning the public about the threat to their personal data which often leads to financial loss. However, several cyber security firms and researchers are coming up with security protocols to improve cyber defence. However, the threat of ransomware and extortion is becoming more audacious with attacks targeting governments, businesses, and critical infrastructure too. Ransomware is basically a type of malware that locks the user out of their files or their device and the hackers demand payment to restore access to information.

Microsoft conducted an investigation during ransomware recovery engagements which revealed that 93 percent of those who have been attacked have insufficient privilege access and lateral movement controls. The cyber criminals take advantage of these security weaknesses and share common attack patterns and techniques. Hence, to combat and prevent attacks of these ransomware techniques, Microsoft Security has identified three main problems that led to ransomware attacks.

Human-operated ransomware continues to evolve and employ credential theft and lateral movement methods traditionally associated with targeted attacks. In 88 percent of engagements identified by Microsoft, MFA was not implemented for sensitive and highly privileged accounts, leaving a security gap for attackers to compromise credentials and pivot further attacks using legitimate credentials.

Organizations which suffered ransomware attacks have significant gaps in their security operations, tooling, and information technology asset lifecycle management. 68 percent of impacted organizations did not have an effective vulnerability and patch management