Fighting new Ransomware Techniques with McAfee’s Latest Innovations

In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprized to see that McAfee’s June 2021 Threat report is primarily focused on this topic.


This report provides a large range of statistics using the McAfee data lake behind MVISION Insights, including the Top MITRE ATT&CK Techniques. In this report I highlight the following MITRE techniques:


Spear phishing links (Initial Access)
Exploit public-facing applications (Initial Access)
Windows Command Shell (Execution)
User execution (Execution)
Process Injection (Privilege escalation)
Credentials from Web Browsers (Credential Access)
Exfiltration to Cloud Storage (Exfiltration)

I also want to highlight one obvious technique which remains common across all ransomware attacks at the end of the attack lifecycle:


Data encrypted for impact (Impact)

Traditional defences based on anti-malware signatures and web protection against known malicious domains and IP addresses can be insufficient to protect against these techniques. Therefore, for the rest of this article, I want to cover a few recent McAfee innovations which can make a big difference in the fight against ransomware.


Unified Cloud Edge with Remote Browser Isolation


The following three ransomware techniques are linked to web access:


Spear phishing links
User execution
Exfiltration to Cloud Storage

Moreover, most ransomware attacks require some form of access to a command-and-control server to be fully operational.


McAfee Remote Browser Isolation (RBI) ensures no malicious web content ever even reaches enterprise endpoints’ web browsers by isolating all ..

Support the originator by clicking the read the rest link below.