Action1 Corporation announced that it has upgraded its service with AI-based
detection of abnormal user behavior and automated blocking of threat
actors. With this upgrade, the company aims to combat the growing threat
of scams and cyberattacks in which hackers misuse legitimate tools to
deploy ransomware in corporate environments or connect to individuals'
computers to steal money and data.
The Action1 enhancement helps ensure that any attempt at misuse is
identified and terminated before cybercriminals accomplish their goals.
It scans user activity for suspicious patterns of behavior,
automatically suspends potentially malicious accounts, and alerts
Action1's dedicated security team to investigate the issue.
Consequently, this upgrade will help assure that Action1 is used only
for good reasons. Meanwhile, thousands of IT professionals use the
platform to automate OS and third-party patching and endpoint
management.
In 2021, 23,903 people reported losing more than $347 million due to
tech support scams, many of which involved well-recognized remote access
tools, according to the FBI. In 2022, RMM tools have been abused by numerous ransomware groups, and even a single group of this kind can breach over 90 organizations.
The accessibility of remote access and remote monitoring tools
eliminates the need for malicious actors to invest their own time and
effort into developing tools for managing attacks, facilitating
cybercrime such as ransomware. We think that vendors should take more
action to prevent abuse of their solutions as a part of the common
struggle against this threat. - Mike Walters, VP of Vulnerability and Threat Research at Action1.