As ransomware attacks continue to rise at an alarming rate, Microsoft has teamed up with the Microsoft Threat Intelligence Center (MSTIC) to announce Fusion detection for ransomware. The Fusion technology utilizes machine learning to detect possible ransomware attacks and notify security teams so they can mitigate threats right away.
Microsoft’s Sylvie Liu explains that once a significant threat is identified, “…a high severity incident titled ‘Multiple alerts possibly related to Ransomware activity detected’ will be triggered in your Azure Sentinel workspace.”¹
If you’re wondering how Fusion monitors questionable activity, it correlates signals from Microsoft products as well as the network and cloud to determine the existence and severity of a threat. This method allows your security team to fully understand the threat and proceed in the most effective direction. Azure Defender, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Cloud App Security, and Azure Sentinel scheduled analytics rules all connect to Fusion.
Many victims of ransomware aren’t aware of the situation until it’s too late. Fusion detection for ransomware reduces the chances of attackers completely compromising your system and taking millions of dollars from your business. Liu says that “preventing such attacks in the first place would be the ideal solution but with the new trend of ‘ransomware as a service’ and human-operated ransomware, the scope and the sophistication of attacks are increasing – attackers are using slow and stealth techniques to compromise network, which makes it harder to detect them in the first place.”
Azure Sentinel Fusion detection for ransomware is just one of the many preventative actions you can take to protect your business’s information. Opal Business Solutions is here to provide security for your entire business. Contact us today to implement Azure Sentinel or any of our security offerings!
¹ Microsoft, “What’s new: Fusion Detection for Ransomware,” Sylvie Liu, August 09 2021.