He added, Agenda Ransomware exploits Home windows-centric assumptions, under-protected RMM instruments, and uncared for driver monitoring. Most organizations nonetheless underestimate how a lot management attackers acquire as soon as they compromise RMM brokers and backup credentials. So, they need to begin with identification, RMM, hypervisors, and backups as these management planes drive scale for attackers. Shut cross-platform detection gaps and implement kernel driver integrity to blunt BYOVD and lateral Linux/Home windows execution paths.
Additionally, contemplating manufacturing, healthcare, and tech are deeply reliant on RMM and file-transfer instruments, changing them isn’t practical. As a substitute, CIOs ought to consolidate to accepted platforms, implement JIT and session-based entry, and segregate administration visitors from manufacturing methods, famous Mehta
Lastly, deal with backups as a separate security area with remoted networks, unbiased credentials, immutable copies, and steady database monitoring for credential entry. The secret is to imagine the backup controller itself could possibly be compromised.
