Louis Blackburn, operations director at world moral hacker and pink group cybersecurity options supplier CovertSwarm, commented: “With a purpose to fight this [RMM abuse] tactic, organizations have to deal with endpoint hardening and decreasing their assault floor.”
“Implementing utility management measures, comparable to Home windows Defender Utility Management (WDAC) or AppLocker, will act as a main line of defence towards these assaults by stopping unauthorized functions from operating, guaranteeing that end-users can’t unknowingly present entry to an attacker utilizing a sound RMM software,” Blackburn stated.
Jake Moore, world cybersecurity advisor at ESET, added: “Enterprises may also help uncover and mitigate assaults on RMM instruments by implementing strong multifactor authentication to safe entry, usually monitoring RMM exercise for any suspicious behaviour and frequently guaranteeing that each one software program is saved updated with the most recent security patches.”