From tenable.com
Ransomware attacks every type of organization from every angle and Active Directory remains the common target. Stop privilege escalation by fixing these key AD and group policy misconfigurations.
Ransomware has struck every type of organization around the world. It’s changed dramatically, too, entering the enterprise from nearly every angle, with attackers leveraging stolen data by posting it on the internet to force victims to pay. In most cases (see SolarWinds and XingLocker), Active Directory (AD) is targeted so the attacker can easily distribute the ransomware after obtaining domain privileges. There are, however, ways to help secure Active Directory to prevent ransomware from succeeding.