2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Avoid ransomware with Mimecast
All ransom virus attacks follow a similar script. A user receives an email or spam message containing malicious links or attachments that appear to be legitimate. The attachment may look like an invoice, Word document, a package notice or some other document the user receives frequently. When the attachment is opened or the URL is clicked, the ransomware virus is launched, encrypting files on the user's computer or on the corporate server. A message appears on the user's screen with instructions for how to pay a ransom to regain access to files held hostage.
To avoid ransomware attacks, organizations need anti ransomware technology that can warn users about suspicious emails or, even better, block access to malicious links and attachments. And to avoid ransomware damages to data and files, organizations need solutions that can provide easy backup and archiving of email messages and data.
That's where Mimecast comes in.
Mimecast offers email security, archiving and continuity services that can help to avoid ransomware attacks and the damage they can cause. Delivered as a cloud-based, subscription service, Mimecast helps to significantly reduce the cost and complexity of managing and securing business email.
To protect against ransomware attacks, Mimecast provides email security tools that block access to malicious URLs and neutralize malicious attachments. Mimecast scans every incoming and archived email and attachment, rewriting links and scanning destination websites on every click. When a website is deemed suspicious, Mimecast prevents users from clicking on the link or visiting the site.
To avoid ransomware in attachments, Mimecast preemptively sandboxes any attachments that may contain ransomware code until it is determined to be safe and can be sent on to the user. Alternately, if users need access to their attachments immediately, Mimecast can safely transcribe the content and attachment to a new format and deliver it to users right away.
Despite every effort to avoid ransomware and other threats, it is almost inevitable that some attacks will be successful. That's why Mimecast recommends a focus on cyber resilience to both avoid ransomware and to limit the damage it can wreak if an attack successfully breaches security defenses.
To protect against data loss from ransomware attacks, Mimecast provides a multipurpose cloud archive for email, files and IM conversations. With triplicate copies of each email stored in geographically dispersed data centers, Mimecast ensures that users will always have access to archived email even when ransomware attacks are successful.
Additionally, Mimecast Mailbox Continuity services allow users to continue using email during an attack, an outage or a natural disaster, so that business may continue without disruption.
Learn more about how to avoid ransomware attacks with Mimecast.
What is ransomware?
Ransomware is a form of cybercrime that uses malicious software to deny access to a computer system or the data on it until a ransom is paid. Often, ransomware will use encryption to lock the files on a computer, which can be unlocked only by paying the ransom and receiving a decryption key. Ransomware is most often spread through phishing email, where the recipient clicks a link, opens an attachment or unknowingly shares login credentials that allow cyber criminals to download malware to a computer. Criminals may also exploit vulnerabilities in networks and software systems to install ransomware.
How to avoid ransomware attacks?
Organizations and users can avoid ransomware by using comprehensive security measures. A secure email gateway with technology for inspecting and filtering email can help to avoid ransomware by blocking messages that appear to be phishing attempts. Advanced solutions that inspect email content in real time can help to avoid ransomware by preventing users from clicking on malicious links or opening dangerous attachments. DNS authentication services using DKIM, SPF and DMARC protocols may help to avoid ransomware emails sent from a spoofed address. And strong antispam and anti-malware technology can block many known ransomware threats.
How to get employees to avoid ransomware attacks?
Because human error is one of the most significant contributors to security breaches and ransomware attacks, security awareness training is critical to helping organizations avoid ransomware. Security awareness training, when administered effectively, can help employees to understand the indicators and telltale signs of a ransomware email, better enabling them to avoid ransomware messages and to know what to do when they encounter or inadvertently open one.
How to recognize ransomware emails?
One of the best ways to avoid ransomware is to recognize the signs of a potential ransomware email and to report it to appropriate teams within the organization and to authorities outside the organization. A ransomware or phishing email will often have indicators that include:
What happens when organizations can’t avoid ransomware attacks?
When organizations fail to avoid ransomware attacks, the results can be significant and adverse. With data on computers unavailable for days or weeks, organizations may experience significant slowdowns or impasses in their ability to conduct business as usual. Productivity may suffer, revenue may decline and business reputation can be irreparably damaged.
Organizations can take steps to mitigate the effects of a failure to avoid ransomware by frequently backing up data. Continuity services can provide continuous access to email and files during an attack, even when email servers are down and files are locked. And requiring employees to use two-factor authentication protocols can prevent criminals from using stolen credentials to access computer systems and download ransomware.