語系:
勒索軟體是我們現今所面臨最具破壞性的全球網路威脅。這種威脅幾乎影響了每個產業,且基於各種根本原因,安全團隊必須在防禦者原則中考量所有原因。
此安全措施為最近新增的項目,因此檢查作業不會要求網域啟用。不過,若此措施存在但已停用,則會使基礎架構曝險,且 IoE 會將其報告為異常情況。
Which Protective Measures Will Help You Really Disrupt Ransomware Attacks?
Secure Active Directory and Stop the Spread of Ransomware
Active Directory is Now in the Ransomware Crosshairs
Anatomy of a modern ransomware attack
5 Ways to Strengthen Active Directory Security and Prevent Ransomware Attacks
名稱: 針對勒索軟體的強化措施不足
代碼名稱: C-RANSOMWARE-HARDENING
嚴重性: Medium
不明: WannaCry
Unknown: Ryuk
Unknown: DarkSide (hacking group)