Language:
Ransomware is the most disruptive global cyberthreat we face today. This threat affects virtually every industry and stems from a variety of root causes, which security teams must consider in their defender strategies.
This security measure is a recent addition, so the check will not mandate that the domain enable it. However, if the measure exists but is disabled, it poses a risk to the infrastructure and the IoE reports it as a deviance.
Active Directory is Now in the Ransomware Crosshairs
Anatomy of a modern ransomware attack
Which Protective Measures Will Help You Really Disrupt Ransomware Attacks?
Secure Active Directory and Stop the Spread of Ransomware
5 Ways to Strengthen Active Directory Security and Prevent Ransomware Attacks
Name: Insufficient Hardening Against Ransomware
Codename: C-RANSOMWARE-HARDENING
Severity: Medium
Unknown: WannaCry
Unknown: Ryuk
Unknown: DarkSide (hacking group)