Ransomware Can Seize Networks In As Little As 45 Min, Msoft Reports – Expert Perspective

Microsoft has released its new annual Digital Defense Report (link is below), underscoring that that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to spot and that threaten even the savviest targets. Among key finding:  ransomware continues to grow as a major threat – in some instances, cybercriminals went from initial entry to ransoming the entire network in under 45 minutes. In response, a Stealthbits expert offers perspective.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Gerrit Lansing
Gerrit Lansing , Field CTO
InfoSec Expert
September 30, 2020 11:06 am

The speed at which a targeted ransomware attack can happen is really determined by one thing: how quickly an adversary can compromise administrative privileges in Microsoft Active Directory. Going from initial infiltration to total ownership of Active Directory can be a matter of seconds. Once these privileges are compromised, an adversary’s ability to deploy ransomware to all machines joined to Active Directory is unfettered, which explains how an adversary can go from initial infiltration to total ransomware infection in such a short period of time.

Last edited 1 year ago by Gerrit Lansing
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x