To combat cyber threats such as ransomware attacks, it is not enough to have detection measures to uncover malicious activity. Security teams need to make it harder for cybercriminals to target their networks by making them harder to break into.
Provided by: Getty/NoSystem
Ransomware is a major cybersecurity issue facing businesses around the world. Ransomware attacks are often associated with the act of stealing data and threatening to expose that data if the victim does not pay the ransom.
Microsoft explains 3 strategies to protect your organization against ransomwarepublished a blog post. According to this article, the popularity of ransomware as a service (RaaS, a service sold on the dark web to perform ransomware attacks with minimal technical knowledge) has led to the entry into ransomware attacks.
Cybercriminals often exploit common software and device misconfigurations to gain access to networks. Microsoft outlines what IT security teams need to do to make their networks more resilient to cyberattacks and less likely to be targeted by cybercriminals.
The first is to assume that the network will be compromised and apply a zero-trust approach to security. This means verifying identities each time network access is requested, assuming the identities are not trusted.
Zero Trust security components include user verification with multi-factor authentication, allowing only managed, security-compliant devices to connect to networks, and protecting private data centers, cloud infrastructure, and backup data offline.
The second measure is to prevent the compromise of credentials (usernames and passwords), minimizing the movements of the intruder within the network, and even if they are compromised, cybercriminals can still access accounts to gain privileges and access administrator accounts.
Account protection measures include securing and monitoring identity systems to prevent escalation of privilege, detecting and mitigating activity on compromised devices, and restricting accounts with access to sensitive data.
As a third measure, Microsoft cites the use of technologies such as SIEM and XDR to prevent, detect and respond to threats as needed.
This process includes understanding common attack vectors and taking steps to deter attackers, such as requiring multi-factor authentication for all users and protecting accounts with strong passwords, including socket.
Software should also be regularly patched with security patches to prevent cybercriminals from exploiting known vulnerabilities to infiltrate networks.
This article is from Red Ventures Overseasarticlewas published by Asahi Interactive for Japan.
Read ZDNet Japan’s articles every morning via email (free registration)
Leave a Reply