The costs to resolve cyberattacks is growing. Time spent searching through hundreds up to thousands of files and activities to find the culprit adds up to the costs for any business that has little to no protection of its cyber assets. If the time spent dealing with a cyber-attack wasn’t enough, the costs to solve them only increases with the more time spent. To help prevent this never-ending rabbit hole of problems caused by cyberattacks, Microsoft Security has published two recent articles, “Extortion Economics - Ransomware’s New Business Model” by Emily Hacker in their publication Cyber Signals – August 2022 and “Microsoft Announces New Solutions for Threat Intelligence and Attack Surface Management” by Vasu Jakkal on their blog. These recent articles not only aim to help customers gain more knowledge about the growing threat of ransomware, but also reinforce the importance of defending against initial cyberattack infiltrations by helping identify the vulnerabilities your company might currently have.
Ransomware as a Service
One of the most prominent time-consuming and mentally straining types of cyber breaches can arrive in the form of ransomware and destructive malware. Intended to completely stall or wipeout comput-er systems, these attacks aim to destroy everything that isn’t backed up elsewhere if the company doesn’t pay the demanded ransom. Recent trends in Ransomware research indicate that the past culprits of the crime are more active than they have ever been, but instead of committing to the criminal act they are suspected to be selling the tools of the illegal trade to like-minded individuals1. Microsoft’s second Cyber Signals publication by Emily Hacker investigates the recent developments of Ransomware as a Service and its recently observed growth in popularity. This structure of attacks releases more attackers into the large expanse that is the internet and for those that navigate the internet often, it should serve as a sign to be more cautious when approaching any website or person asking for any type of login credentials/personal data, or even asking for you to check out a seemingly safe link that, with one or two mistakes, could actually be an attempt to steal credentials or gain access into your business.
Microsoft Defender Developments – One Year Later
Last year Microsoft acquired the RiskIQ development team and has utilized their skillset in strengthening the potential and active powers of their new program Microsoft Defend-er Threat Intelligence2. This acquisi-tion has led to Microsoft Defender becoming a stronger protector against attempts to compromise the credentials of employees from sources that may not be so easily identifiable as malicious hackers. The changes from Threat Intelligence aim to recognize, openly identify, and disrupt malware activity that targets specific sectors of a user’s comput-er3 . Preventing problems from ever occurring at the start can help mitigate the initial breach factor which plays a notable role in deter-mining the success or failure of a cyber-attack.
The second portion of these developments also provide curious users with a chance to gain an attacker’s perspective with Microsoft Defender External Attack Surface Management. The goals of this program aim to allow companies to see what attackers can see and identify the weak, easy to infiltrate resources and doors that lead into their private/company information.
With this knowledge in hand, the security team at Microsoft seems to encourage companies to start inquiring and taking proactive measures to the question of “what can be done”.
Well, What Can Be Done?
Intrigued Organizations should contact our team at CloudFirst to learn how they can become even more informed about the growing risk factors and security measures in place to contest growing cyber-threats. CloudFirst specializes in implementing tactics to help readers improve their security. Some exam-ples include a managed security risk assessment, an endpoint security or device security test, and securely implementing a hybrid workplace. Overall, our goal is to help inform our readers into the real costs of insufficient IT security and provide you all with the knowledge that CloudFirst is here to help. Contact CloudFirst today to learn more.
Sources:
Microsoft Security Team (2022, August 22). Cyber Signals: Defend against the new ransomware landscape - Microsoft Security Blog
Vasu Jakkal (2022, August 2). Microsoft announces new solutions for threat intelligence and attack surface management - Microsoft Security Blog
