Support
November 11, 2024 9 mins
Mounted Guest EDR Bypass
The Mounted Guest EDR Bypass is a tactic used in cyber attacks to evade Endpoint Detection and Response (EDR) protections. This method involves removing EDR program files from a defenseless guest system on a hypervisor, enabling the deployment of ransomware without detection.
Summary
Aon's Stroz Friedberg Incident Response Services ("Stroz Friedberg") recently discovered a previously undocumented method used in the wild to bypass Endpoint Detection and Response ("EDR") products and eventually deploy ransomware. This method does not exploit any flaws in the EDR itself, but rather the inherent host-guest relationship of hypervisor servers and the virtual machines that they host. The technique involves mounting a virtual machine’s hard disk file on the host hypervisor server and deleting the EDR program files from the mounted volume. After the virtual machine is rebooted, the EDR is no longer present, leaving the virtual machine unprotected against malicious programs. This method is a simple yet effective way for threat actors to disable EDR from virtual machines hosted on a hypervisor.
Background
In the incident observed by Stroz Friedberg, threat actors escalated privileges and moved laterally to access a Windows 2012 Hyper-V server. At the time of the incident, an EDR solution was installed both on the Hyper-V server and its guest virtual machines. Even though the threat actor had administrative access to the network, the EDR in place likely acted as an obstacle to executing the ransomware binary.
Hyper-V is a virtualization technology, debuted on Windows Server 2008, that allows users to create and manage virtual machines within the Windows operating system. The host machine, or hypervisor, can host one or more virtual machines of various operating systems. The guest machine’s data is stored in a virtual hard disk file (.vhd or .vhdx). This setup requires less physical hardware and reduces operational costs, making it popular in many corporate networks.
CyberCX previously documented1 an EDR bypass technique that involved abusing administrative access to a hypervisor to create a new virtual machine without EDR installed. Malware was then deployed from this new, clean virtual machine. In the incident observed by Stroz Friedberg, the threat actor faced the same obstacle of EDR on hypervisor guest systems but used a different technique to circumvent it.
EDR Bypass
After logging into the hypervisor with administrative access, the threat actor turned off one of the guest virtual machines and mounted the associated vhdx file, attaching the guest virtual machine’s operating system drive as the data drive (H:) on the hypervisor. Subsequently, the threat actor recursively deleted the H:\Program Files\{EDR TOOL} folder from the virtual disk. If a user attempted to delete that folder from within the virtual machine when it was powered on, the operation would have failed due to the protections offered by the EDR and the operating system. Since the virtual machine was off, and there was no running operating system or EDR protecting those EDR program files, the folder deletion operation was successful. After removing the files, the virtual machine was restarted and booted without any EDR program files, allowing the threat actor to regain the same network access as before, but now without any EDR protection to mitigate potential threats.
In this instance, the threat actor logged into this virtual machine and executed a ransomware executable from this host, targeting every other host on the network for remote encryption. This is an example of how just one host on a network without EDR can compromise other systems that do have EDR. To execute this type of ransomware, the threat actor needed a system with SMB access to the network where they could run their malicious code. The EDR on the target systems alerted that a ransom event was occurring but did not prevent the encryption from happening.
Although the incident described above occurred in a Hyper-V environment, the technique is not exclusive to Hyper-V or the Windows operating system. The primary requirement for this method is the ability to mount virtual disk files on a hypervisor, which can be accomplished through many ways across hypervisors.
Incident Detection and Prevention
Once a threat actor has administrative access to a hypervisor, protecting the hosted virtual machines becomes a challenge. It is critical to take preventative measures to restrict unauthorized access. Consider the following methods to harden access to the hypervisor in your environment:
- Implement Principle of Least Privilege (PoLP) for Access Control:
- Restrict Administrative Access: Limit hypervisor access to only the necessary subset of administrators, following the principle of least privilege. Avoid granting hypervisor access to all domain administrators, and consider creating separate, hypervisor-specific administrative accounts.
- Use Role-Based Access Control (RBAC): Implement RBAC policies to ensure that only specific roles have access to critical hypervisor management functions. This can further reduce the risk of unauthorized actions.
- Segregate Network Traffic: Place the hypervisor management network in a separate, isolated VLAN. Only allow access from designated IP ranges or machines and ensure that these connections are highly restricted and monitored.
- Restrict Access Points: Ensure that only dedicated, hardened systems can access the hypervisor management interface. These systems should be isolated from general-purpose workstations to reduce the risk of lateral movement from compromised endpoints.
Isolate the Hypervisor Management Network:
For additional Hyper-V specific security recommendations, please refer to Microsoft's official guidance on hypervisor hardening and best practices.
Additionally, organizations can make efforts to detect this EDR bypass technique by alerting on or implementing an automated response when one of the following events is detected.
- Non-C Drive mounting events on the hypervisor:
- Microsoft-Windows-Ntfs/Operational: Event ID 142
- An NTFS-formatted drive was attached to the system. Monitor for unusual mounting events, particularly those that are non-C drives, as these could indicate an attempt to mount virtual disks.
- System: Event ID 7000
- The {EDR Tool} service failed to start due to the following error: The system cannot find the file specified.
- Hyper-V server
- Microsoft-Windows-Hyper-V-Worker-Admin: Event ID 18502
- A virtual machine was turned off.
- Guest system
- System: Event ID 6006
- The event log service was stopped, potentially indicating a clean shutdown by the guest machine. If the machine is turned off from the hypervisor, then this event may not be generated.
Errors related to EDR not being able to run on guest machine startup:
Shutdown of a virtual machine or an unresponsive host in the EDR console:
The fidelity of these indicators can vary depending on the baseline activity within an environment. Fine-tuning thresholds, excluding known maintenance periods, and aligning alerts with typical activity can help reduce false positives.
Contact
If you suspect you are compromised or need assistance in assessing compromise, please call our Incident Response hotline. If you are from a Law Enforcement Agency or Endpoint Detection and Response vendor and wish for more details, please contact Aon Cyber Solutions.
About Cyber Solutions:
Aon’s Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.
General Disclaimer
This document is not intended to address any specific situation or to provide legal, regulatory, financial, or other advice. While care has been taken in the production of this document, Aon does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the document or any part of it and can accept no liability for any loss incurred in any way by any person who may rely on it. Any recipient shall be responsible for the use to which it puts this document. This document has been compiled using information available to us up to its date of publication and is subject to any qualifications made in the document. While care has been taken in the preparation of this material and some of the information contained within it has been obtained from sources that Stroz Friedberg believes to be reliable (including third-party sources), Stroz Friedberg does not warrant, represent, or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the article and accepts no liability for any loss incurred in any way whatsoever by any person or organization who may rely upon it. It is for informational purposes only. You should consult with your own professional advisors or IT specialists before implementing any recommendation or following the guidance provided herein. Further, we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. Further, this article has been compiled using information available to us up to 11/11/2024.
Terms of Use
The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.
Aon's Better Being Podcast
Our Better Being podcast series, hosted by Aon Chief Wellbeing Officer Rachel Fellowes, explores wellbeing strategies and resilience. This season we cover human sustainability, kindness in the workplace, how to measure wellbeing, managing grief and more.
-
Podcast 23 mins
Better Being Series: Understanding Burnout in the Workplace -
Podcast 14 mins
Better Being Series: Why Nutrition Matters -
Podcast 10 mins
Better Being Series: Discover the ‘Blue Zones’ Where People Live Longer -
Podcast 20 mins
Better Being Series: Improving Your Financial Wellbeing -
Podcast 17 mins
Better Being Series: Are You Taking Care of Your Digital Wellbeing? -
Podcast 19 mins
On Aon Podcast: Better Being Series Dives into Women’s Health -
Podcast 29 mins
On Aon’s Better Being Series: The World Wellbeing Movement -
Podcast 28 mins
On Aon’s Better Being Series: Mental Health and Creating Kinder Cultures -
Podcast 25 mins
On Aon’s Better Being Series: Managing Loss and Grief -
Podcast 24 mins
On Aon’s Better Being Series: Measuring Wellbeing -
Podcast 25 mins
On Aon’s Better Being Series: Physical Wellbeing and Resilience -
Podcast 23 mins
On Aon’s Better Being Series: Human Sustainability
Aon Insights Series UK
Expert Views on Today's Risk Capital and Human Capital Issues
-
Article 2 mins
Introduction: Clarity and Confidence to Make Better Decisions -
Article 2 mins
The Age of Rising Resilience – An Economic Outlook -
Article 3 mins
Building Resilience Against the Constant Cyber Threat -
Article 2 mins
Making Better Decisions – A Treasurer’s Perspective -
Article 2 mins
How to Balance the Conflicting Forces of Efficiency, Performance and Wellbeing -
Article 3 mins
Seizing the Opportunity: Building a Comprehensive Approach to Risk Transfer -
Article 2 mins
Tapping New Markets to Unlock Deal Value -
Article 5 mins
The Rise of the Skills-Based Organisation -
Article 2 mins
Creating a Fair and Equitable Workforce for Everyone -
Article 3 mins
The Year of the Vote: How Geopolitical Volatility Will Impact Businesses -
Article 2 mins
The Aon Difference
Construction and Infrastructure
The construction industry is under pressure from interconnected risks and notable macroeconomic developments. Learn how your organization can benefit from construction insurance and risk management.
-
Article 8 mins
How North American Construction Contractors Can Mitigate Emerging Risks -
Article 7 mins
Managing Construction Risks: 7 Risk Advisory Steps -
Article 7 mins
Unlocking Capacity and Capital in a Challenging Construction Risk Market -
Article 7 mins
Protecting North American Contractors from Extreme Heat Risks with Parametric -
Article 5 mins
How Climate Modeling Can Mitigate Risks and Improve Resilience in the Construction Industry -
Report 1 mins
Construction Risk Management Europe Report 2023 -
Article 8 mins
Parametric Can Help Mitigate Extreme Heat Risks for Contractors in EMEA -
Article 9 mins
How the Construction Industry is Navigating Climate Change -
Article 11 mins
Top Risks Facing Construction and Real Estate Organizations
Cyber Labs
Stay in the loop on today's most pressing cyber security matters.
-
Cyber Labs 6 mins
Optimizing Your Cyber Resilience Strategy Through CISO and CRO Connectivity -
Cyber Labs 9 mins
Bypassing EDR through Retrosigned Drivers and System Time Manipulation -
Cyber Labs 10 mins
DNSForge – Responding with Force -
Cyber Labs 7 mins
Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules -
Cyber Labs 3 mins
Command Injection and Path Traversal in StoneFly Storage Concentrator -
Cyber Labs 7 mins
Adopt an AI Approach with Confidence, for CISOs and CIOs -
Cyber Labs 3 mins
Responding to the CrowdStrike Outage: Implications for Cyber and Technology Professionals -
Cyber Labs 10 mins
DUALITY Part II - Initial Access and Tradecraft Improvements -
Cyber Labs 17 mins
Cracking Into Password Requirements -
Cyber Labs 57 mins
DUALITY: Advanced Red Team Persistence through Self-Reinfecting DLL Backdoors for Unyielding Control -
Cyber Labs 7 mins
Restricted Admin Mode – Circumventing MFA On RDP Logons -
Cyber Labs 9 mins
Detecting “Effluence”, An Unauthenticated Confluence Web Shell -
Cyber Labs 10 mins
Flash Loan Attacks: A Case Study -
Cyber Labs 7 mins
Financially Motivated Criminal Group Targets Telecom, Technology & Manufacturing -
Cyber Labs 16 mins
New Burp Suite Extension: BlazorTrafficProcessor -
Cyber Labs 3 mins
Command Injection and Buffer Overflow in Multiple Sharp NEC Displays -
Cyber Labs 3 mins
Command Injection in Multiple Snap One Araknis Networks Products -
Cyber Labs 10 mins
CVE-2021-1825: Inadequate Input Encoding in WebKit -
Cyber Labs 3 mins
Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems -
Cyber Labs 12 mins
Finding more IDORs – Tips and Tricks
Cyber Resilience
Our Cyber Resilience collection gives you access to Aon’s latest insights on the evolving landscape of cyber threats and risk mitigation measures. Reach out to our experts to discuss how to make the right decisions to strengthen your organization’s cyber resilience.
-
Article 9 mins
Building Resilience in a Buyer-Friendly Cyber and E&O Market -
Article 11 mins
A Middle Market Roadmap for Cyber Resilience -
Article 8 mins
Lessons Learned from the CrowdStrike Outage: 5 Strategies to Build Cyber Resilience -
Article 8 mins
Responding to Cyber Attacks: How Directors and Officers and Cyber Policies Differ -
Article 7 mins
Why Now is the Right Time to Customize Cyber and E&O Contracts -
Article 6 mins
8 Steps Toward Building Better Resilience Against Rising Ransomware Attacks -
Article 7 mins
Mitigating Insider Threats: Managing Cyber Perils While Traveling Globally -
Article 5 mins
Managing Cyber Risk through Return on Security Investment -
Article 10 mins
Mitigating Insider Threats: Your Worst Cyber Threats Could be Coming from Inside -
Article 9 mins
Why HR Leaders Must Help Drive Cyber Security Agenda -
Article 10 mins
Escalating Cyber Security Risks Mean Businesses Need to Build Resilience
Employee Wellbeing
Our Employee Wellbeing collection gives you access to the latest insights from Aon's human capital team. You can also reach out to the team at any time for assistance with your employee wellbeing needs.
-
Article 9 mins
The Next Evolution of Wellbeing is About Performance -
Article 6 mins
Three Ways Collective Retirement Plans Support HR Priorities -
Article 9 mins
How the Right Employee Wellbeing Strategy Impacts Microstress and Burnout at Work -
Podcast 19 mins
On Aon Podcast: Better Being Series Dives into Women’s Health -
Article 7 mins
Making Wellbeing Part of a Company’s DNA -
Podcast 24 mins
On Aon’s Better Being Series: Measuring Wellbeing -
Podcast 25 mins
On Aon’s Better Being Series: Physical Wellbeing and Resilience -
Article 7 mins
Why Workforce Wellbeing is Vital to Company Performance -
Article 7 mins
COVID-19 has Permanently Changed the Way We Think About Wellbeing
Environmental, Social and Governance Insights
Explore Aon's latest environmental social and governance (ESG) insights.
-
Article 8 mins
Why ESG Is Even More Important In A Crisis Like COVID-19 -
Podcast 16 mins
On Aon Podcast: Approach to DE&I in the Workplace
Q4 2023 Global Insurance Market Insights
Our Global Insurance Market Insights highlight insurance market trends across pricing, capacity, underwriting, limits, deductibles and coverages.
-
Article 12 mins
Q4 2023: Global Insurance Market Overview -
Article 13 mins
Top Risk Trends to Watch in 2024
Regional Results
How do the top risks on business leaders’ minds differ by region and how can these risks be mitigated? Explore the regional results to learn more.
-
Article 12 mins
Top Risks Facing Organizations in Asia Pacific -
Article 12 mins
Top Risks Facing Organizations in North America -
Article 10 mins
Top Risks Facing Organizations in Europe -
Article 8 mins
Top Risks Facing Organizations in Latin America -
Article 8 mins
Top Risks Facing Organizations in the Middle East and Africa -
Article 9 mins
Top Risks Facing Organizations in the United Kingdom
Human Capital Analytics
Our Human Capital Analytics collection gives you access to the latest insights from Aon's human capital team. Contact us to learn how Aon’s analytics capabilities helps organizations make better workforce decisions.
-
Article 14 mins
How Technology Will Transform Employee Benefits in the Next Five Years -
Podcast 18 mins
On Aon Podcast: Technology Impacting the Future of Health and Benefits -
Article 8 mins
Integrating Workforce Data to Uncover Hidden Insights -
Article 9 mins
How Employers Can Use Data to Improve Their Health Plans -
Podcast 24 mins
On Aon’s Better Being Series: Measuring Wellbeing -
Article 11 mins
Designing Tomorrow: Personalizing EVP, Benefits and Total Rewards -
Article 9 mins
How to Balance Cost with Growth in a Shifting Talent Market -
Article 8 mins
How Companies are Mitigating Rising Medical Costs -
Article 10 mins
How Data and Analytics Can Optimize HR Programs
Insights for HR
Explore our hand-picked insights for human resources professionals.
-
Article 7 mins
COVID-19 has Permanently Changed the Way We Think About Wellbeing -
Article 7 mins
DE&I in Benefits Plans: A Global Perspective -
Article 10 mins
How Data and Analytics Can Optimize HR Programs -
Article 9 mins
Why HR Leaders Must Help Drive Cyber Security Agenda -
Article 7 mins
Case Study: The LPGA Unlocks Talent Potential with Data -
Article 11 mins
Navigating the New EU Directive on Pay Transparency -
Article 4 mins
How to Design Better Talent Assessment to Promote DE&I -
Article 6 mins
Training and Transforming Managers for the Future of Work -
Article 7 mins
Rethinking Your Total Rewards Programs During Mergers and Acquisitions -
Article 14 mins
Building a Resilient Workforce That Steers Organizational Success | An Outlook Across Industries
Workforce
Our Workforce Collection provides access to the latest insights from Aon’s Human Capital team on topics ranging from health and benefits, retirement and talent practices. You can reach out to our team at any time to learn how we can help address emerging workforce challenges.
-
Report 14 mins
A Workforce in Transition Prepares to Meet a Host of Challenges -
Article 17 mins
3 Strategies to Improve Career Outcomes for Older Employees -
Article 7 mins
Companies Need a Global Benefits Identity in an Era of Cost Containment -
Article 8 mins
Driving Inclusion and Diversity with Employee Benefits -
Article 17 mins
Five Big Human Resources Trends to Watch in 2024 -
Article 8 mins
How Companies are Mitigating Rising Medical Costs -
Report 1 mins
The Global Medical Trend Rates Report 2025 -
Podcast 25 mins
On Aon’s Better Being Series: Physical Wellbeing and Resilience -
Article 9 mins
How the Right Employee Wellbeing Strategy Impacts Microstress and Burnout at Work -
Article 11 mins
Advancing Women’s Health and Equity Through Benefits and Support -
Podcast 18 mins
On Aon Podcast: Technology Impacting the Future of Health and Benefits -
Article 7 mins
How Collective Retirement Plans Help Support Financial Sustainability
Mergers and Acquisitions
Our Mergers and Acquisitions (M&A) collection gives you access to the latest insights from Aon's thought leaders to help dealmakers make better decisions. Explore our latest insights and reach out to the team at any time for assistance with transaction challenges and opportunities.
-
Article 8 mins
Exit Strategy Value Creation Opportunities Exist as Economic Pressures Persist -
Article 5 mins
Future Trends for Financial Sponsors: Secondary Transactions -
Article 7 mins
3 Ways to Unlock M&A Value in a Challenging Credit Environment -
Article 7 mins
Rethinking Your Total Rewards Programs During Mergers and Acquisitions -
Article 9 mins
Organizational Design and Talent Planning are Key to M&A Success -
Article 7 mins
An Ever-Complex Global Tax Environment Requires Strong M&A Risk Solutions -
Article 6 mins
Project Management for HR: The Secret Behind a Successful M&A Deal -
Article 9 mins
Cultural Alignment Planning Drives M&A Success -
Report 1 mins
A Guide to Maximizing Value in Post-Merger Integrations -
Report 2 mins
The ABC's of Private Equity M&A: Deal Flow Impacts of Al, Big Tech and Climate Change -
Article 11 mins
The Silver Lining on M&A Deal Clouds: M&A Insurance Insights from 2023
Navigating Volatility
How do businesses navigate their way through new forms of volatility and make decisions that protect and grow their organizations?
Parametric Insurance
Our Parametric Insurance Collection provides ways your organization can benefit from this simple, straightforward and fast-paying risk transfer solution. Reach out to learn how we can help you make better decisions to manage your catastrophe exposures and near-term volatility.
-
Article 10 mins
How Public Entities and Businesses Can Use Parametric for Emergency Funding -
Article 6 mins
Parametric Insurance: A Complement to Traditional Property Coverage -
Article 8 mins
Using Parametric Insurance to Match Capital to Climate Risk -
Article 6 mins
Using Parametric Insurance to Close the Earthquake Protection Gap -
Article 5 mins
How Technology Enhancements are Boosting Parametric
Pay Transparency and Equity
Our Pay Transparency and Equity collection gives you access to the latest insights from Aon's human capital team on topics ranging from pay equity to diversity, equity and inclusion. Contact us to learn how we can help your organization address these issues.
-
Article 10 mins
How Financial Institutions can Prepare for Pay Transparency Legislation -
Article 8 mins
Pay Transparency Can Lead to Better Equity Across Benefits -
Article 12 mins
Understanding and Preparing for the Rise in Pay Transparency -
Podcast 14 mins
On Aon Podcast: Understanding Pay Transparency Regulations -
Article 11 mins
Navigating the New EU Directive on Pay Transparency -
Article 7 mins
To Disclose Pay or Not? How Companies are Approaching the Pay Transparency Movement -
Podcast 19 mins
On Aon Podcast: Better Being Series Dives into Women’s Health -
Article 11 mins
Advancing Women’s Health and Equity Through Benefits and Support -
Article 8 mins
Driving Inclusion and Diversity with Employee Benefits -
Article 7 mins
Belonging at Work: How Employers can Strengthen DE&I -
Article 7 mins
DE&I in Benefits Plans: A Global Perspective -
Podcast 16 mins
On Aon Podcast: Approach to DE&I in the Workplace
Property Risk Management
Forecasters are predicting an extremely active 2024 Atlantic hurricane season. Take measures to build resilience to mitigate risk for hurricane-prone properties.
-
Article 8 mins
Florida Hurricanes Not Expected to Adversely Affect Property Market -
Article 10 mins
Build Resilience for an Extremely Active Atlantic Hurricane Season -
Article 6 mins
Four Steps to Develop Strong Property Risk Coverage in a Hardening Market -
Podcast 16 mins
On Aon Podcast: Navigating and Preparing for Catastrophes -
Article 6 mins
Parametric Insurance: A Complement to Traditional Property Coverage -
Article 6 mins
Navigating Climate Risk Using Multiple Models and Data Sets -
Article 5 mins
Rising Losses From Severe Convection Storms Mostly Explained by Exposure Growth -
Article 6 mins
Using Parametric Insurance to Close the Earthquake Protection Gap
Technology
Our Technology Collection provides access to the latest insights from Aon's thought leaders on navigating the evolving risks and opportunities of technology. Reach out to the team to learn how we can help you use technology to make better decisions for the future.
-
Article 15 mins
How Artificial Intelligence is Transforming Human Resources and the Workforce -
Report 18 mins
Evolving Technologies Are Driving Firms to Harness Opportunities and Defend Against Threats -
Alert 3 mins
Better Decisions Brief: Perspectives on the CrowdStrike Outage -
Article 12 mins
5 Ways Artificial Intelligence can Boost Claims Management -
Article 6 mins
Artificial Intelligence and the Next Frontier for Financial Institutions -
Article 10 mins
Mitigating Insider Threats: Your Worst Cyber Threats Could be Coming from Inside -
Article 6 mins
8 Steps Toward Building Better Resilience Against Rising Ransomware Attacks -
Article 9 mins
Overcoming the Reputational Cost of Cyber Attacks: The 10-Day Plan -
Article 9 mins
Why HR Leaders Must Help Drive Cyber Security Agenda -
Article 5 mins
How Technology Enhancements are Boosting Parametric -
Article 9 mins
How to Futureproof Data and Analytics Capabilities for Reinsurers
Top 10 Global Risks
Trade, technology, weather and workforce stability are the central forces in today’s risk landscape.
-
Article 7 mins
Cyber Attack or Data Breach -
Article 4 mins
Business Interruption -
Article 4 mins
Economic Slowdown or Slow Recovery -
Article 5 mins
Failure to Attract or Retain Top Talent -
Article 5 mins
Regulatory or Legislative Changes -
Article 4 mins
Supply Chain or Distribution Failure -
Article 6 mins
Commodity Price Risk or Scarcity of Materials -
Article 4 mins
Damage to Brand or Reputation -
Article 5 mins
Failure to Innovate or Meet Customer Needs -
Article 4 mins
Increasing Competition -
Report 3 mins
Business Decision Maker Survey
Trade
Our Trade Collection gives you access to the latest insights from Aon's thought leaders on navigating the evolving risks and opportunities for international business. Reach out to our team to understand how to make better decisions around macro trends and why they matter to businesses.
-
Article 8 mins
The Evolving Threat of Cargo Theft: 5 Key Mitigation Strategies -
Report 3 mins
Global Risk Management Survey -
Report 15 mins
Wide-Ranging Trade Issues Confront Global Businesses on Multiple Fronts -
Article 6 mins
Four Steps to Develop Strong Property Risk Coverage in a Hardening Market -
Article 14 mins
Cutting Supply Chains: How to Achieve More Reward with Less Risk -
Article 9 mins
Driving Private Equity Value Creation Through Credit Solutions -
Article 7 mins
4 Steps to Help Take Advantage of a Buyer-Friendly Directors' & Officers' Market -
Article 9 mins
Managing Reputational Risks in Global Supply Chains -
Article 6 mins
How an Outsourced Chief Investment Officer Can Help Improve Governance and Manage Complexity -
Article 8 mins
Decarbonizing Your Business: Finding the Right Insurance and Strategy -
Article 8 mins
Reputation Analytics as a Leading Indicator of ESG Risk
Weather
With a changing climate, organizations in all sectors will need to protect their people and physical assets, reduce their carbon footprint, and invest in new solutions to thrive. Our Weather Collection provides you with critical insights to be prepared.
-
Article 8 mins
Florida Hurricanes Not Expected to Adversely Affect Property Market -
Report 16 mins
Climate Analytics Unlock Capital to Protect People and Property -
Report 3 mins
Climate and Catastrophe Insight -
Article 10 mins
How Public Entities and Businesses Can Use Parametric for Emergency Funding -
Podcast 12 mins
On Aon Podcast: Tackling Climate Risk to Build Economic Resilience -
Article 8 mins
Understanding Freeze Risk in a Changing Climate -
Podcast 9 mins
On Aon Podcast: Climate Science Through Academic Collaboration -
Article 6 mins
How Companies Are Using Climate Modeling to Improve Risk Decisions -
Podcast 7 mins
On Aon Insights: Climate and Supply Chain -
Article 8 mins
Using Parametric Insurance to Match Capital to Climate Risk -
Article 9 mins
How the Construction Industry is Navigating Climate Change -
Article 9 mins
Record Heatwaves: Protecting Employee Health and Safety
Workforce Resilience
Our Workforce Resilience collection gives you access to the latest insights from Aon's Human Capital team. You can reach out to the team at any time for questions about how we can assess gaps and help build a more resilience workforce.
-
Article 7 mins
Using Data to Close Workforce Gaps in Financial Institutions -
Article 5 mins
Using Data to Close Workforce Gaps in Retail Companies -
Article 7 mins
Using Data to Close Workforce Gaps in Technology Companies -
Article 5 mins
Using Data to Close Workforce Gaps in Manufacturing Companies -
Article 6 mins
Using Data to Close Workforce Gaps in Life Sciences Companies -
Report 4 mins
Measure Workforce Resilience for Better Business Outcomes -
Podcast 18 mins
On Aon Podcast: Methodology to Predict Employee Performance for the LPGA -
Article 6 mins
Training and Transforming Managers for the Future of Work -
Article 14 mins
Building a Resilient Workforce That Steers Organizational Success | An Outlook Across Industries
More Like This
-
Cyber Labs 3 mins
Responding to the CrowdStrike Outage: Implications for Cyber and Technology Professionals
This client alert provides an overview of the current global IT outage that is related to a CrowdStrike update. We provide an overview of CrowdStrike's response and guidance, and Aon Cyber Solutions' recommendations for affected clients.
-
Cyber Labs 8 mins
A SIMple Attack: A Look Into Recent SIM Swap Attack Trends
Stroz Friedberg Digital Forensics and Incident Response has observed an uptick in SIM swapping across multiple industries, with several recent incidents targeting crypto and crypto-adjacent companies.
