In its Cyber Signals Report of August 2022, entitled Extortion Economics, Microsoft outlines steps that organizations can take to protect their systems from Ransomware-as-a-service attacks. As ready-made RaaS kits are available, launching an attack no longer requires technical know-how and organizations must prepare for possible attacks.
Security measures that organizations can take include preventing initial access, segmenting networks, auditing account credentials, reducing the attack surface, enforcing multi-factor authentication, checking for blind spots in security, hardening internet facing assets, hardening cloud assets, and updating systems.
While it is important for organizations to manage macros and scripts, it is also vital that they segment networks based on account privileges in order to prevent lateral movements by attackers.
Organizations are recommended to review the exposure of account credentials and ensure that their staff and security services work together to reduce the level of administrative privilege and understand where they are most at risk.
There is also the need to establish rules to reduce the attack surface used in ransomware incidents.
The sources for this piece include an article in TechRepublic.