View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 4, 2022

Ransomware “too difficult” for police to stop – Microsoft executive

Law enforcement agencies are unable to make an impact against cybercriminals without government help.

By Claudia Glover

The ransomware epidemic is “too difficult” for police to stop, a Microsoft security expert has said.

Police will need help in fighting ransomware if they are going to stop it altogether, Microsoft says (Pic by IB Photography/Shutterstock)

Tom Burt, the company’s corporate vice president of customer security, said that the cross-border nature of criminal gangs means that without the intervention of national governments, law enforcement agencies will struggle to have a meaningful impact.

Police need help to fight ransomware

Speaking at an event to mark the launch of Microsoft’s new Digital Defence report, Burt said: “The problem with the efforts by law enforcement globally to try to address ransomware is that the challenges of conducting traditional law enforcement investigations and prosecutions against ransomware actors are just too difficult given the cross-border nature of that activity, the fact that a lot of the actors are beyond the reach of law enforcement that care about the issue. It’s just too difficult.”

The report itself highlights the complex nature of ransomware gangs and threat they pose. “While law enforcement activities likely slowed the frequency of attacks in 2022, threat actors might well develop new strategies to avoid being caught in the future,” it says

Burt is in agreement. “The groups that are most active in providing ransomware-as-a-service are very sophisticated and well-resourced, and as we [tech companies], law enforcement and others seek to detect what they are doing and disrupt their activity, we will certainly see them continuing to evolve their approaches to try to avoid detection and to avoid disruption,” he said.

Microsoft says the onus is on national governments to stop these gangs operating on their soil. “Will governments take action to prevent ransomware criminals from operating within their borders, or seek to disrupt actors operating from foreign soil?,” the report asks. It highlights countries like Russia, which reportedly allows cybercriminals to operate from within its borders.

Ransomware: victims must protect themselves

The Microsoft Digital Defence report also highlights that organisations must do more to protect themselves. “The vast majority of successful cyberattacks could be prevented by using basic security hygiene,” it says. This includes multi-factor authentication and applying zero trust principles, which Microsoft said could help foil 98% of attacks.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Extended detection and response anti-malware, where attacks are automatically blocked is “essential to being able to respond to threats in a timely fashion,” continues the report. Staying up to date with patching is a must, and a “key reason many organisations fall victim to an attack.” 

Finally, protecting data will help tremendously with defending a system against a cyber attack, “Knowing your important data, where it is located and whether the right systems are implemented is crucial to implementing the appropriate protection,” Microsoft said.

Read more: Fake Microsoft zero day exploits on sale

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.