Ransomware and extortion are a high profit, low-cost business which has a debilitating impact on targeted organizations, national security, economic security, and public health and safety. What started as simple single-PC ransomware has grown to include a variety of extortion techniques directed at all types of corporate networks and cloud platforms.
This combination of real-time intelligence and broader criminal tactics, techniques and procedures has maximized the impact of these attacks and driven the level of profits from these attacks to levels that were hard to imagine a few years ago. To put it in perspective, the publicly reported profits from ransomware/extortion attacks gives these attackers a budget that would likely rival the budgets of nation state attack organizations (without even counting the profits from attacks that never made the headlines).
To ensure customers using Microsoft products are protected against ransomware attacks, this white paper addresses strategies to maximize ransomware resiliency using Microsoft security solutions. It includes recommended defensive best practices that when implemented ensures an organization maximizes both preventive and defensive capabilities to defeat ransomware attacks.
Microsoft offers a unique approach that empowers security professionals with both security information event management and extended detection and response (XDR) tools from a single vendor with an emphasis on integration so that defenders get the best of both worlds – end-to-end visibility across all your resources, and intelligent alerts built with a deep understanding of individual resources and filtered with artificial intelligence.