Earlier this year, Microsoft warned that human-led ransomware attacks were on the rise. In a follow-up post, Microsoft explains the danger posed by the current popularity of ransomware as a service and how it facilitates human ransomware.
Hiring parties to carry out a cyberattack seems to be a new trend with an additional problem: multi-layered personally executed attacks. It starts with a ‘human ransomware attack’, a cyberattack where one person (or group of people) is behind every step of this type of attack. Typically, ransomware attacks consist of automated tricks and generalized tactics. But in human-led attacks, a unique attack is performed on a case-by-case basis.
This development goes hand in hand with the ransomware-as-a-service trend. Buying ransomware is not always effective as it is a generalized ransomware. When a side of experts launches a targeted attack, it becomes even more difficult for the victim to defend himself against it.
According to Microsoft, this is what a ransomware attack typically looks like when it comes to ransomware as a service (RaaS).
Such attacks will already be more difficult to repel due to the specific nature of a human-guided attack. What makes this even more frustrating is that, according to Microsoft, double-layered extortion is often exploited; In addition to blocking (hostage) the data of a person or company, there is also the threat of publishing the data online.
So what can be done against such attacks? In a blog post, Microsoft zero trust-model. A device or usage is never trusted by default and everyone needs to be able to authenticate at all times. The software giant also talks about a ‘clean’ login structure that prioritizes security updates, reduces the amount of potential attack points, and actively looks for security blind spots. Microsoft will hold a free online seminar on May 12 where all tactics will be discussed further.
Sources: Microsoft (1), (2), via Neowin
Source: Hardware Info
