Microsoft: Follow these 3 steps to protect your systems from ransomware

A cyber security team looks at a computer in an office

Photo: Getty/NoSystem

Defending against ransomware attacks and other cyber threats requires more than setting up detection procedures to identify potentially malicious activity. Cybersecurity teams need to ensure that the network becomes unattractive to cybercriminals by making it difficult to hack in the first place.

ransomware It is a major problem of cybersecurity facing organizations around the worldCybercriminals hack networks, encrypt files and servers, and then demand a ransom that can run into millions of dollars for a decryption key. This is often combined with data theft and the threat of its release if a ransom is not paid.

According to Microsoftrise of Ransomware as a Service (Raas) — groups developed and sold on dark web forums that allow people with minimal technical knowledge to launch ransomware attacks — lower the entry barrier and present challenges for network defenders.

We see: Ransomware: Why it’s still such a big threat, and where gangs are headed next

In the vast majority of cases, cybercriminals are too Exploit common software and hardware configuration errors To get the required access to the networks. Microsoft suggests that there are several practices that IT security teams can implement to make networks more resilient to cyberattacks and less of a target for cybercriminals.

This includes assuming that the network has been hacked and adopting a no confidence An approach to cybersecurity, a process that means identity is never trusted and is always verified at every request to access a part of the network.

Zero-trust security elements include verifying users with Multifactor authentication (MFA), ensuring that only managed and compliant devices can connect to the network, and maintain private data centers, cloud infrastructure Offline backups are secured.

By embracing a cybersecurity culture that operates as if cyber attacks are actively occurring, professionals can help prevent threats to the network – particularly if the environment is also monitored for suspicious activity.

Second, organizations must ensure that identities – usernames and passwords – are protected from hacking and the potential for lateral movement is reduced, so that if logins are compromised, an account cannot be used to escalate privileges and gain access to administrator accounts that could be exploited to help facilitate ransomware attacks easily .

We see: What is ransomware? Everything you need to know about one of the biggest threats on the web

Steps that can be taken to help secure accounts include protecting and monitoring identity systems to prevent escalation attacks, detecting and mitigating activity on vulnerable devices, as well as determining who can access sensitive data.

Third, Microsoft also recommends that IT security teams be appropriately equipped to prevent, detect, and respond to threats through the use of technologies such as security information and event management tools.

This process involves understanding typical attack vectors—such as remote access, email, collaboration, endpoints, and accounts—and taking steps to prevent attackers from entering, including enforcing Multi-Familial Approach (MFA) for all users and ensuring that accounts Secured with strong passwords.

Software should be too Updated regularly with the latest security patches To prevent cybercriminals from exploiting known vulnerabilities to gain access to networks.

“Ransomware representatives do not use any new and innovative technologies. The same guidelines on timely patching, cleanliness of credentials, and a thorough review of changes to software and system settings and configurations can make a difference in an organization’s resilience to these attacks,” Vasu said. Jakkal, Corporate Vice President of Security, Compliance, Identity and Management at Microsoft.

“Because cybercriminals rely on the vulnerabilities they can exploit, companies can help prevent attackers by investing in integrated threat protection across devices, identities, apps, email, data, and the cloud,” she added.

More about cyber security

Leave a Comment