• #StopRansomware: Interlock Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domain name system (DNS) filtering and web access firewalls, and training users to spot social engineering attempts. • Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date. • Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization. • Implement identity, credential, and access management (ICAM) policies across the organization and then require multifactor authentication (MFA) for all services to the extent possible. • Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. • These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.
Article Summaries:
- #StopRansomware: Interlock Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domain name system (DNS) filtering and web access firewalls, and training users to spot social engineering attempts. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date. Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization. Implement identity, credential, and access management (ICAM) policies across
Sources: