Shulou(Shulou.com)11/24 Report--

CTOnews.com, August 26, the latest "Cyber Signals" report released by the Microsoft Security blog points out that the vast majority of ransomware attacks begin when cyber criminals take advantage of common cyber security errors, which, if properly managed, can prevent most victims from becoming victims of attacks.

CTOnews.com learned that Microsoft analyzed anonymous data on real threat activity, and according to the report, Microsoft found that more than 80 per cent of blackmail software attacks can be traced back to common configuration errors in software and devices. These errors include: applications are in the default state, allowing access to users across the network; security tools are untested or improperly configured; cloud applications are set up in a way that makes it easy for unauthorized intruders to gain access; and organizations do not apply Microsoft's attack surface reduction rules, which allow attackers to run malicious code using macros and scripts.

Ransomware attackers are looking for these misconfigurations because they are looking for vulnerable targets for blackmail software attacks, and there is often the threat of double blackmail attacks, in which cybercriminals steal sensitive data. and threatened to publish the data if they didn't pay.

Microsoft warns that attacks have been exacerbated by the growth of the ransomsoftware-as-a-service (RaaS) ecosystem, which allows attackers who lack technical expertise to create and develop their own ransomware to conduct attacks and extort ransoms. Finding RaaS toolkits on underground forums is relatively easy, and some include customer support to provide criminals with all the help they need. Some of these ransomware kits are sold through the subscription model, while others are based on the federation model, where developers take a portion of the profit from the ransom payment for each decryption key.

In order to prevent cyber criminals from taking advantage of common errors and misconfigurations, Microsoft detailed several suggestions to improve network security. These recommendations include closing security blind spots by verifying that cyber security tools and programs are properly configured to protect the system, while disabling macros and other scripts commonly used by cyber criminals to execute malicious code.

The report also recommends the use of multi-factor authentication to improve the security of people, networks, and cloud services, which can prevent cyber criminals from using stolen usernames and passwords to attack. Organizations should also apply security patches and updates as soon as possible to prevent attackers from being able to exploit known vulnerabilities.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.