Prevent ransomware

Prevent ransomware with Mimecast

To prevent ransomware attacks, you need sophisticated solutions.

As ransomware attacks continue to plague companies worldwide, organizations are looking for the most effective ways to prevent ransomware from disrupting business.

Ransomware like Cryptolocker or Locky are usually initiated through email. The message usually contains a malicious URL that launches the ransomware virus when clicked, or an attachment that contains malicious macros to execute the virus when opened by an unsuspecting user.

Once the virus has infected a machine or system, it prevents access to or encrypts files and data. Individuals or organizations must pay a ransom in order to get access to their data again.

To prevent ransomware, you need a sophisticated security solution that provides multiple tools to detect and block ransomware before it can cause damage. And to truly protect your organization from ransomware, you also need the ability to backup and recover data quickly in the event of a ransomware attack. Mimecast can help on both fronts.

Prevent ransomware with Mimecast.

Mimecast's cloud-based subscription service provides solutions for email security, continuity and archiving that help to minimize the risk, cost and complexity of managing business email.

Mimecast helps both to prevent ransomware by identifying and blocking potential attacks, and to bounce back from ransomware attacks quickly through continuous data protection that enables users to access email during and after an attack.

As a comprehensive SaaS-based solution, Mimecast eliminates the need to deploy and manage multiple point solutions from a variety of vendors in order to prevent ransomware. And with easy-to-use tools for managing security and archiving, Mimecast reduces the burden on administrators while increasing their control over email management.

Mimecast solutions to prevent ransomware and speed recovery.

To prevent ransomware, Mimecast provides a suite of tools within its Targeted Threat Protection solution for superior ransomware and Cryptolocker prevention.

  • URL Protect helps to prevent ransomware by blocking access to suspicious links in all incoming and archived email. Mimecast rewrites all URLs and provides dynamic user communication to help improve user awareness of potential threats.
  • Attachment Protect blocks access to suspicious attachments that may contain Locky ransomware or other ransomware viruses. Mimecast sandboxes the attachments until they can be cleared of suspicious content, or transcribes the content of an attachment to a safe format so users can access it immediately.
  • Impersonation Protect detects and blocks email that may be impersonating a trusted source. Mimecast scans all incoming email for the telltale signs of impersonation: anomalies in the header, domain names that are similar to trusted sources, or email body content that may be suspect. Suspicious emails are blocked or sent to users with a warning.
  • Email Archiving. Mimecast's multipurpose archive provide secure and continuous storage of email data, enabling continuous access to data during attack and fast recovery after the threat has been neutralized.

Learn more about Mimecast solutions to prevent ransomware.

FAQs: Prevent Ransomware

FAQs: Prevent Ransomware

What is ransomware?

Ransomware is a form of cybercrime where attackers install malicious software on a computer to prevent users from accessing their files and systems, holding the data hostage until a ransom is paid. Ransomware is usually spread through phishing attacks that convince unsuspecting users to share login information, to open a malicious attachment, or to visit a website where ransomware software is surreptitiously downloaded to their computer.

How does ransomware prevent users from accessing files?

Ransomware prevents victims from accessing their data by installing software on a user’s computer that encrypts files with strong encryption algorithms that can only be unlocked with a decryption key delivered after ransom is paid. Ransomware may also threaten to leak or expose sensitive or embarrassing files on the user’s computer unless a ransom is paid. Other forms of ransomware use a lock screen technique that encrypts the master boot record of a drive and prevents the computer from being booted up in a live OS environment.

Why should I prevent ransomware?

Failing to prevent ransomware can cause significant damages to an organization. Businesses may experience significant losses in productivity and operations as well as access to critical information. Business may be disrupted for days or weeks as IT teams struggle to recover data. And the loss of revenue and reputation can be devastating to the profitability of an organization.

How to prevent ransomware attacks?

To prevent ransomware attacks, it’s important to adopt a comprehensive approach to security.

  • To prevent ransomware variants that have already been identified or that are well-known, you can deploy antivirus, antispam and anti-malware services to prevent ransomware emails from entering your network.
  • To prevent new and emerging types of attacks, use anti-ransomware technology that scans and filters email and web traffic to identify typical indicators of attacks and to prevent ransomware messages from reaching user inboxes.
  • DNS authentication services that use DKIM, SPF and DMARC protocols can help to prevent emails that use spoofing and impersonation to launch ransomware attacks.
  • Use email scanning and filtering technology to prevent users from clicking on potentially malicious URLs and opening dangerous attachments in email.
  • You can prevent ransomware attacks caused by human error by providing employees with security awareness training that helps them to spot potential phishing emails.

What to do if I can’t prevent ransomware?

It’s likely impossible to prevent ransomware 100% of the time, so having a plan in place to respond to a successful attack is critical to protecting data and users. The first item on your task list should be disconnecting all infected computers from the network to prevent ransomware from spreading to other servers or shared storage. You will also want to report the attack to authorities to help prevent ransomware from infecting other businesses. You can report attacks to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at www.us-cert.gov/report, and to the FBI at a local field office. An effective data backup plan can help to recover files quickly if you’re unable to prevent ransomware attacks. And technology that enables continuous access to email during and after attacks can help to ensure business continuity.