Express Computer
Home  »  News  »  Microsoft releases its second edition of Cyber Signals tracking ransomware’s new business model

Microsoft releases its second edition of Cyber Signals tracking ransomware’s new business model

0 89

Microsoft released its second edition of Cyber Signals, a regular cyber threat intelligence brief, spotlighting security trends and insights gathered from Microsoft’s global security signals and experts. The specialization and consolidation of the cybercrime economy have fueled ransomware-as-a-service (RaaS), becoming a dominant business model, enabling a wider range of criminals, regardless of their technical expertise, to deploy ransomware. This edition of Cyber Signals provides insights on the evolving factors shaping the extortion segment of the cybercrime economy, and the influential rise of RaaS powering ransomware attacks.

Key findings from the report:

  • Over 80% of ransomware attacks can be traced to common configuration errors in software and devices
  • The median time for an attacker to access a person’s private data if they fall victim to a phishing email is one hour, 12 minutes
  • For endpoint threats, the median time for an attacker to begin moving laterally within a corporate network if a device is compromised is one hour, 42 minutes
  • Microsoft’s Digital Crimes Unit directed the removal of more than 531,000 unique phishing URLs and 5,400 phish kits between July 2021 and June 2022, leading to the identification and closure of over 1,400 malicious email accounts used to collect stolen customer credentials
  • Guidance on how businesses can better pre-empt and disrupt extortion threats, by building their credential hygiene, auditing credential exposure, reducing the attack surface, securing their cloud resources and identities, better preventing initial access, and closing security blind spots.

The RaaS economy allows cybercriminals to purchase access to ransomware payloads and data leakage as well as payment infrastructure. Ransomware “gangs” are in reality RaaS programs like Conti or REvil, used by many different actors who switch between RaaS programs and payloads. This industrialization of cybercrime has created specialized roles, like access brokers who sell access to networks. A single compromise often involves multiple cybercriminals in different stages of the intrusion.

Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management at Microsoft said: “It takes new levels of collaboration to meet the ransomware challenge. The best defenses begin with clarity and prioritization, which means more sharing of information across and between the public and private sectors and a collective resolve to help each other make the world safer for all. At Microsoft, we take that responsibility to heart because we believe security is a team sport.”

Microsoft’s threat intelligence provides visibility into threat actors’ actions. With a broad view of the threat landscape – informed by 43 trillion threat signals analyzed daily, combined with the human intelligence of more than 8,500 Microsoft experts – threat hunters, forensics investigators, malware engineers, and researchers – Microsoft is able to see first-hand what organizations are facing, and is committed to helping businesses put that information into action to pre-empt and disrupt extortion threats.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image