More than 50 new types of malware used in ransomware attacks were released in the first half of 2016 alone. The pace of ransomware attacks is escalating. Nearly 40% of companies have been hit with ransomware attacks this year, and the Federal Bureau of Investigation estimates that the cost per incident is $330,000 when factoring ransomware, downtime, and data recovery. A viable cyber resilience strategy must take a layered approach to combat the realities of a much more complex malware environment.
It's not enough to focus on prevention. As new tools come on the market that allow non-technical criminals to enter the ransomware game for less than $40, businesses need to think about continuity planning before an attack occurs. Companies must think strategically about integrating a layered approach that defends on multiple fronts through targeted threat protection, data archiving and business continuity planning.
Email Ransomware Attack Prevention:
The Wall Street Journal estimates that 99% of ransomware attacks begin with an email. Users download a file or click on a link that infects computers, servers or networks with malware. Data is then locked down or encrypted until a payment is made; then, hopefully, the criminals behind the attack provide an encryption key.
Protecting your email is the frontline defense system against ransomware attacks. Companies can focus on a handful of interrelated solutions to help decrease the chances of emails compromising their system:
- Employ real-time scanning of all emails to help identify phishing and suspicious emails and links from questionable domains across email platforms and devices.
- Intelligent sandboxing solutions scan all attachments before they are delivered to recipients, minimizing the chances of ransomware attacks.
- Dynamic feedback alerts employees to potentially threatening emails, raising awareness and informing better decision-making.
- Email policies, employee training and running tests ensure that team members make smart decisions and complying with company IT procedures.
Ensure Employees Can Continue to Work During an Attack:
When a ransomware attack freezes your network and restricts access to data, productivity grinds to a halt. The losses can be staggering. One report from the Aberdeen Group estimates hourly losses ranging from $8,581 for small businesses to $686,250 for enterprises. Business continuity planning can keep your workers online and connected to email; with the right systems, employees and customers may be unaware that an attack is underway. Email continuity systems provide access to live and archived mail across devices, as well as contacts and calendars. Regular business operations can continue, while your IT team works behind the scenes to solve the problem.
Data Replication Capabilities:
When criminals want to take your data hostage, one of the best strategies you have to defeat them is your data replication strategy. Consider developing an archiving strategy that backs up your data from local drives – as well as third-party providers – in completely separate and unreachable files. Use systems and policies that disconnect backups from the main network after they occur.
Not only does this ensure that your data isn't lost or damaged during a ransomware attack, but it gives your organization a broader range of choices when dealing with the perpetrators.
The statistics for ransomware today can be daunting – and it quickly becomes apparent that no single solution can help companies prevent these malware attacks. However, cyber resilience is built on a layered strategy that prioritizes protecting your email, educating employees, creating viable data replication strategies, and keeping your business online during and after attacks. Mimecast's layered solution brings together email protection, business continuity and data replication capabilities into a single cloud solution that helps you protect against the threat of ransomware.
Contact us today to learn more.