You are reading a single comment by @Dammit and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported almost exclusively by donations. Please consider donating a small amount regularly.
@Dammit
We're tracking numerous Initial Access Brokers (IAB's) these days who compromise a users account (generally but not always starting with some sort of credential phishing attack) then package the account up and sell it to the TA who wants to exploit the organisation.
That does give you a window - if you can detect the compromise then you can lock out the account/s that have been used, and if you've taken steps to arrest lateral movement before you get compromised, segmented your network, identified and removed un-needed privileges etc etc, then your ability to withstand ransomware is significantly increased.
But - anyone who thinks that they've made their organisation ransomware proof is a dangerous fantasist who is actively endangering said organisation.