Stop Locky ransomware with Mimecast

The dangers of the Locky virus.

Locky is a type of ransom virus that was initially released in 2016. It is transmitted through an email message that contains an attachment with malicious macros. When the attachment (which resembles an invoice for payment) is opened, the document is unreadable and the user is instructed enable a macro in order to read the document. If the user follows these instructions, the macro runs a binary file that downloads a Trojan that encrypts all files with certain extensions. To decrypt files and regain access to the data they contain, users must download a new browser and visit the specific websites where they are instructed to pay up to one bitcoin in ransom.

The repercussions of a Locky ransomware attack range from inconvenience and loss of productivity to loss of data and a negative impact on the bottom line. As attacks like Locky become more frequent, organizations everywhere are looking for ways to prevent ransomware and to recover quickly from a successful attack.

Stop Locky ransomware with Mimecast.

Mimecast provides an all-in-one solution for email security and archiving that can mitigate the risks of a Locky ransomware attack. As a cloud-based solution, Mimecast is easy to implement and manage, with tools and solutions available via a subscription service.

Mimecast Targeted Threat Protection provides a suite of services that can help protect from ransomware like Locky. URL Protect prevents users from clicking on malicious URLs that could launch an attack by scanning every link in incoming and archived email. Using advanced threat intelligence, Mimecast blocks access to any website determined to be suspicious. Attachment Protect defends against malicious code in email attachments by preemptively sandboxing suspicious attachments or transcribing them to a safe format. Mimecast also provides ransomware prevention awareness services that help users avoid ransomware by better understanding the telltale signs of threats like Locky and other sophisticated attacks.

Minimize the damage of a Locky attack.

When a Locky attack is successful, Mimecast helps to neutralize its impact by giving users access to copies of the files that the virus holds hostage. Mimecast Enterprise Information Archiving is a powerful cloud archive for email, files and IM conversations. With Mimecast, multiple copies of each email or file are encrypted and stored in geographically dispersed data centers. In the event of a successful Locky ransomware attack, administrators can quickly regain access to versions of files before the attack. Mimecast also enables users to continue working with email during an attack or outage, even when the primary email server is down.

Learn more about preventing a Locky attack with Mimecast.