A Microsoft report found that ransomware is the leading issue for chief information security officers for the second year running, with the problem expected to persist as more cybercriminals engage in network encryption and seek ransom demands, according to ZDNet.
Threat actors have also gained access to ransomware tools through ransomware-as-a-service schemes.
“No longer do individual cybercriminals have to develop their own tools. Today, they can simply buy proven cybercrime kits and services to incorporate into their campaigns. ... As a result, attacks of all types are on the rise, with the economics behind successful ransomware attacks fueling a rapid trajectory,“ said Microsoft Corporate Vice President for Security, Identity and Compliance Vasu Jakkal.
Meanwhile, cloud security has been named as the second most important concern by CISOs amid the growing prevalence of hybrid working. Cloud security has also been cited as the top investment priority of CISOs, followed by vulnerability management and application security, the report showed.
Cloud environments are being compromised by APT29 not only through previously breached access service account credentials but also via old employee accounts that were not disconnected by organizations.