Microsoft On Ransomware – Expert Comments

Cybersecurity experts from Lucy Security and Red Canary reacted to Microsoft’s blog post Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk.

Experts Comments

April 30, 2020
Keith McCammon
Co-founder and Chief Security Officer
Red Canary
Ransomware actors continue to leverage some textbook breach tactics--service and account discovery, lateral movement, and widespread infection of endpoints--to maximize the impact and profitability of their operations. This underscores the need not just for better preventative controls, but for robust detection coverage, careful investigation, and proactive hunting for threats that others controls have missed. Microsoft's dedication to preventing and stopping these everyday ransomware.....Read More
Ransomware actors continue to leverage some textbook breach tactics--service and account discovery, lateral movement, and widespread infection of endpoints--to maximize the impact and profitability of their operations. This underscores the need not just for better preventative controls, but for robust detection coverage, careful investigation, and proactive hunting for threats that others controls have missed. Microsoft's dedication to preventing and stopping these everyday ransomware attacks is refreshing in a world where many security vendors focus their attention primarily on splashy detection of nation-state actors.  Read Less
April 30, 2020
Colin Bastable
CEO
Lucy Security
Microsoft is telling its customers how to use (Microsoft) technology to mitigate the attack after it has happened, and this is very sensible for a technology company. Preventing what they define as "human-operated ransomware campaigns" in the first place requires a different, holistic approach, aimed at humans, because the attacks are designed and carried out using psychology and understanding human behavior. Train people how to identify the socially-engineered attacks that lead to the delivery .....Read More
Microsoft is telling its customers how to use (Microsoft) technology to mitigate the attack after it has happened, and this is very sensible for a technology company. Preventing what they define as "human-operated ransomware campaigns" in the first place requires a different, holistic approach, aimed at humans, because the attacks are designed and carried out using psychology and understanding human behavior. Train people how to identify the socially-engineered attacks that lead to the delivery of ransomware. Over 90% of these attacks are initiated by email and often as part of a carefully thought out social engineering attack. A strategy of patching people by simulating ransomware attacks on staff, and running “what if” system tests to identify systemic vulnerabilities, would be far more effective in reducing damage from ransomware attacks than solely focusing on plugging holes below the IT waterline after a hit. They say that threats are opportunities in disguise. Many IT security people regard non-IT folks as part of the problem; CISOs need to treat their colleagues as potential allies in the fight against cybercrime, engage HR, departmental heads and make the whole organization defense-ready.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.