“ Attackers can go to great lengths to understand a victim ’ s technology stack ”
DAVID HIGGINS SENIOR DIRECTOR , FEILD TECHNOLOGY OFFICE , CYBERARK
Best practices to prevent ransomware attacks As Higgins describes , organisations can make it more difficult for cybercriminals by restricting all network users to work under standard accounts with no admin rights . By cutting admin privileges and elevating certain users on an as-needed basis , security teams can shut off the ability for ransomware to run with escalated privileges and disrupt the attack .
“ This is just one of countless ways for attackers to launch ransomware attacks , exploit privileged credentials and start moving laterally towards sensitive IT systems to steal confidential data ,” Higgins comments . “ Additionally , threat actors can often retrieve cached credentials without ever needing admin privileges . Therefore , having the ability to automatically detect and block credential harvesting attempts is a crucial endpoint security layer .”
Additional supplementary steps include adding automated secrets and credentials management on critical targets , such as backup servers , to eliminate stolen tokens or keys as an entry method . “ You can also use a combination of application performance monitoring and security information and event management solutions to develop an audit trail for
cybermagazine . com 45