Microsoft’s cybersecurity researchers are warning that new ransomware variants will evade traditional detection methods and your IT team might not be equipped to handle new attacks.
While many recent ransomware headlines focus on the incredibly crippling downtime that a successful cyberattack has on an organization like yours, Microsoft is warning that ‘human operated’ ransomware—viruses that are just starting to hit your computer network—are adopting more sophisticated techniques, enabling them to move unobstructed throughout your network and computer systems.
What do they mean by ‘human operated’?
Instead of simply infecting a computer and hoping everything will work, attackers are being more strategic who they attack and where to look in your system for security misconfigurations and open doors.
Microsoft is reporting that new ransomware attacks coming out in 2020 are targeting individuals within your organization that are most likely to have elevated privileges (that means, the folks on your team that might have administrative access to areas on your network or more access to your computer systems than most).
These viruses are also becoming much more adaptive. Once having a foothold on machines within your network, they are adapting to how that particular system is running. This means these new viruses have much more capacity to observe how things are running and greater ability to mimic normal activity (much more than simply being named something commonly running on your Windows machine).
All of this extra work developing more virulent ransomware allows their viruses to continue undeterred from infiltrating your network.
What are these viruses doing while on your network?
These new attacks are exploiting configuration weaknesses and your network and are using any vulnerable issues to help infect more machines.
In addition to encrypting your data, these new viruses steal credentials (think about high value individuals within your organization that might access sensitive information, like health insurance records and bank accounts) and access and exfiltrate data from your network at a trickle’s pace, leaving most IT teams are none the wiser.
Other Common Attacks Today?
Microsoft reported that many attackers are opting for brute force attacks to get in. Similar to smashing a store window and grabbing armfuls of merchandise, these criminals try to hack into anything they can get their fingers on, immediately initiate their ransomware attack and steal as much sensitive information as they can find. Many successfully steal your important records within an hour of breaking in.
Who Are Being Targeting?
The attackers are not differentiating victims—at least not at this point. Companies large and small are being victimized by new human operated attacks. Manufacturing, legal and healthcare have all had big attacks in the past few weeks. If you’re not taking precautions to ensure your network isn’t an easy target, you are putting your organization at risk for a major attack.
What Steps Can You Take?
Preventing these newer ransomware attacks takes a complete mind shift change in how you are protecting yourself and your organization. Your IT team will need to focus on comprehensive protection, rather than focusing on one area of cybersecurity.
Microsoft is saying that these human-operated attacks will continue to wreak havoc on networks as long as organizations are not aggressively applying security best practices to their networks.
One of the easiest ways to address your network’s comprehensive cybersecurity issues?
Experts recommend getting a network security assessment and then devise a strategy to address your issues.
Microsoft is warning that if your IT team is not prioritizing and addressing security issues on your network—issues that continually pop up because new holes are being found at least weekly—you are putting your organization at risk of a severe ransomware attack or complete compromise of your network.