Microsoft urges companies to prepare to defend against new types of ransomware

In a new edition of Cyber Signals, the Microsoft Security Team warned customers about emerging cybersecurity threats. The results of the report are aggregated from analysis of 43 trillion signals and the work of 8500 cybersecurity team members.

Increasingly, cybercriminal gangs are providing Ransomware-as-a-Service. In this attack model, an operator develops and continuously maintains ransomware, with affiliates accessing this malware and distributing it to victims. Today, affiliates will often purchase access to brokers of stolen information to plan a malware launch.

“The endless list of stolen credentials available online means that without basic defenses like multifactor authentication (MFA), organizations are at a disadvantage in combating ransomware’s infiltration routes before the malware deployment stage,” a member of the team wrote. Microsoft encouraged customers to undertake security hardening as a reliable way to save on costs over the long-term.

The 2021 Internet Crime Report found that cybercrime costs US based businesses alone $6.9 billion. Similarly, the EU Agency for Cybersecurity found that 10 terabytes of data are stolen each month in ransomware attacks. This data commonly includes personally identifiable information about employees.

“It takes new levels of collaboration to meet the ransomware challenge. The best defenses begin with clarity and prioritization, which means more sharing of information across and between the public and private sectors and a collective resolve to help each other make the world safer for all,” a member of the team stated.