Microsoft says more ransomware stopped before reaching encryption

Microsoft's Digital Defense Report indicates a significant increase in ransomware attacks, with incidents rising 2.75 times compared to the previous year. However, the report highlights that the number of attacks reaching the encryption stage has decreased threefold over the last two years, suggesting that security measures are becoming more effective. Automatic detection and disruption of attacks are credited for this improvement. Despite the rise in attacks, social engineering remains a prevalent method for initial access, with adversary-in-the-middle attacks increasing by 146%. Ransomware variants like Akira and LockBit are among the most common, with attackers often exploiting unmanaged devices and vulnerabilities in software and cloud environments. Microsoft recommends implementing multi-factor authentication (MFA) and moving towards passwordless solutions to enhance security. The report also emphasizes the importance of operational security for individuals to mitigate risks associated with social engineering tactics. Overall, while ransomware attacks are on the rise, advancements in cybersecurity defenses are proving effective in preventing severe damage.

- Ransomware attacks have increased 2.75 times, but encryption phase incidents have decreased threefold.

- Social engineering techniques remain a significant threat, with a 146% rise in adversary-in-the-middle attacks.

- Akira and LockBit are the leading ransomware variants currently in use.

- Microsoft recommends multi-factor authentication and passwordless solutions to improve security.

- Operational security awareness is crucial for individuals to prevent social engineering attacks.