In response to today’s evolving threat landscape, many security experts advise a layered security approach. Organizations that implement effective strategies and tools to prevent, detect, and respond to cyberattacks are well positioned to survive ransomware and malware attacks.
While preventing AD attacks is ideal, the fact is that many attacks on Active Directory (AD) succeed. In a survey report from Enterprise Management Associates, 50% of organizations reported an AD attack within the past 1-2 years, and 40% of those attacks were successful. Gartner analyst Nik Simpson said in a report about protecting backup systems from ransomware attacks that “ … attackers are penetrating critical systems such as backup and Active Directory, dropping malware on any server they breach. …. Organizations without a useful backup system will be left with few options but to pay the ransom.”
Deploying defense in depth—applying multiple types of protection at multiple points of the environment—provides additional protection. Protecting endpoints and other entry points into your environment is an important step in any effective cybersecurity plan. But increasingly savvy attackers continue to find new ways to sidestep such efforts.
Attackers who gain access to Active Directory (AD) and Azure AD hold the keys to your kingdom, so solutions built specifically to protect and quickly recover AD are vital.