Ransomware attacks pose a major cybersecurity threat, but there are actions that can be taken to stop the cybercriminals from making you their next victim. Cybersecurity teams need to ensure that the network is made unattractive to cybercriminals by making it difficult to break into in the first place.
In the vast majority of cases, cybercriminals are exploiting common configuration errors in software and devices to gain the required access to networks. Microsoft suggests there are several practices that IT security teams can implement to make networks more resilient to cyberattacks and less of a target for cybercriminals.
IT professionals must assume the network has been breached and adopt a Zero Trust approach to cybersecurity, a process which means that an identity is never trusted and always verified at each request to access part of the network. Elements of zero trust security include verifying users with multi-factor authentication (MFA), ensuring that only managed and compliant devices can connect to the network, and keeping private data centres, cloud infrastructure and offline backups secured.
Organisations must ensure that identities (usernames and passwords) are protected from compromise and that the potential for lateral movement is minimised so that if logins are compromised, it's not possible to use an account to escalate privileges and gain access to admin accounts that could be exploited to easily help facilitate ransomware attacks include protecting and monitoring identity systems to prevent escalation attacks, and detecting and mitigating activity on compromised devices, as well as limiting who can access sensitive data.