Human Operated Ransomware | Microsoft Docs

Human operated ransomware is a large and growing attack trend that represents a threat to most industries. Human operated ransomware is different than commodity ransomware. These “hands-on-keyboard” attacks leverage human attackers’ knowledge of common system and security misconfigurations to infiltrate a compromised network and to adapt to the network and its weak points as they go. Hallmarks of a human-operated ransomware attack typically include credential theft and lateral movement, resulting in deployment of a ransomware payload to any resource the attackers choose. — Lees op docs.microsoft.com/en-us/security/compass/human-operated-ransomware