Click here to learn how NEC XON can help you protect against human-operated ransomware.HOR attacks start long before the ransomware is deployed.
These operators target internet-facing authentication systems that lack multi-factor authentication and attempt to exploit these vulnerable systems. Attackers sometimes spend weeks or months within a network, conducting reconnaissance and positioning themselves for the final ransomware deployment. To defend against HOR, businesses must adopt a proactive stance, continually monitoring for signs of intrusion. Immediate action, such as changing passwords, limiting access, enforcing MFA on all internet-facing services and reducing the number of internet-facing systems can hinder the attacker’s opportunities.
Businesses can address these by implementing regular external reconnaissance of their perimeter, limiting internet-facing systems and implementing a comprehensive privileged access strategy with MFA.