Passwords protect our identity in the digital space, allowing for safe and secure interactions. Despite the strength and efficacy of any given sophisticated password, private data is at risk when credentials are compromised. To combat these online attacks, Microsoft is implementing a new Windows 11 security default that aims to suppress these ransomware attacks on compromised credentials.
The Recent Growth of Attacks via Compromised Credentials
A recurring cause of data breaches in recent years, the 2022 Verizon Data Breach Report attributes compromised credentials to 80% of patterns in web attack breaches, a 30% increase since 2017. We saw this case recently on July 22, 2022 when a Twitter data breach was leaked onto Breach Forums, releasing the personal data of 5.4 million Twitter users, including personal information such as emails and phone numbers with a ransom of $30,000.
Attackers typically utilize the remote desktop protocol (which enables computers to connect to other computers and networks without direct contact) to control host computers and install ransomware. This is extremely common with Human Operated Ransomware attacks, where hackers gain entry through outdated web servers, exploiting poor security controls, or disabling security controls. The new Windows 11 security update reimagines the cybersecurity landscape by mitigating brute forcing access to remote desktop protocol endpoints exposed online.
How the Windows 11 Security Lockout Policy Protects You
A default account lockout policy will be built in, creating account lockout durations and thresholds. The new policy will be effective against brute force attacks seeing that these attacks work by trial and error. Attackers will continuously attempt to crack login credentials with the use of bots and scripts until they have access to sensitive data. With the new durations and thresholds in place, bots and scripts become extremely limited seeing that the system automatically locks after ten unsuccessful login attempts.
When Will New Windows 11 Security Feature Be Available?
David Weston, the Vice President of OS Security announced on Twitter that the new security features will arrive in Windows 11 22H2 in the fall. He also adds that in addition to updating Windows 11, the RDP brute force fix will be backported to older Windows 10 desktops. The current version of Windows 10 already contains these protective measures, along with others such as OneDrive data recovery and controlled folder access, all accessible by manually configuring the Ransomware Security app by going to “Settings” > “Privacy & Security” > “Windows Security” > “Virus and threat protection” > “Manage ransomware protection”.
Click HERE to more about our Ransomware Prevention and Recovery Services! We are available 24×7 to assist you with any of your ransomware needs.
Latest Ransomware Related Blogs
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.