"Configuration Errors to Blame for 80% of Ransomware"

Security researchers at Microsoft found that the vast majority (80%) of ransomware attacks can be traced back to common configuration errors in software and devices.  The researchers stated that ransomware attacks involve decisions based on configurations of networks and differ for each victim even if the ransomware payload is the same.  Although each attack is different, the researchers pointed to missing or misconfigured security products and legacy configurations in enterprise apps as two key areas of risk exposure.  The researchers stated that another system regularly misconfigured and hijacked by ransomware actors is the remote desktop protocol (RDP), which often is not protected by a strong password or two-factor authentication.  The researchers stated that the median time for an attacker to begin moving laterally inside the network after device compromise is one hour, 42 minutes, and the median time for an attacker to access private data following a phishing email is one hour, 12 minutes.  

Infosecurity reports: "Configuration Errors to Blame for 80% of Ransomware"