The State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Stop ransomware attacks with Mimecast
Ransomware attacks are increasing at an alarming rate. The U.S. government estimates that companies are subject to more than 4,000 attacks each day, resulting in $1 billion in ransom paid each year.
While ransomware attacks come in many variants – Cryptowall, Locky and Cryptolocker are among the most common – they each follow a similar pattern. A user receives an email with an attachment that looks like a Word document, an invoice, a package notice or a fax report, along with a message that convinces the user the attachment is real. When the attachment is opened, the ransomware virus runs a file that encrypts files and documents on the user's computer. The user receives a message stating that they can get the encryption key and regain access to their files only by paying a ransom.
When trying to prevent ransomware attacks, the challenge is keeping pace with the ingenuity of attackers. And because most ransomware attacks are launched through email, any defensive measures must focus on email security. That's why so many companies around the world choose to combat ransomware attacks with help from Mimecast.
Mimecast provides cloud-based solutions for email security, archiving and continuity that can help to prevent most ransomware attacks, provide continuous access to email during an attack, and recover quickly after attack.
Mimecast is an all-in-one, SaaS-based subscription service that significantly simplifies the task of managing business email. With powerful, easy-to-use tools and centralized administration, Mimecast eliminates the need to deploy and manage multiple point solutions from various vendors. With Mimecast, your administrators can easily configure and manage tools to stop ransomware attacks like the crypto virus and safeguard email from a variety of routine and advanced threats.
To thwart attacks like Cryptolocker and Locky ransomware, Mimecast provides Targeted Threat Protection services that prevent users from accessing malicious attachments. Mimecast scans all incoming and archived email and, using advanced threat intelligence, identifies attachments deemed to be suspicious. Attachments can either be preemptively sandboxed until they can be examined for ransomware attacks, or immediately transcribed to a safe format that allows users to have instant access to the content in the attachment.
Mimecast also prevents users from clicking on potentially malicious links in email by scanning the destination website in real time and blocking any suspicious URLs.
To reduce the impact of ransomware attacks, Mimecast Enterprise Information Archiving provides safe storage of all email content in the cloud, enabling administrators to roll back data to a point just before ransomware attack. And Mimecast Mailbox Continuity enables users to have continuous access to email during an outage caused by an attack, a natural disaster, hardware failure or human error.
Learn more about mitigating ransomware attacks with Mimecast.
What are ransomware attacks?
Ransomware attacks are a form of cybercrime where malware, or malicious software, is downloaded and installed on a computer to prevent users from accessing files and data on the computer until or unless a ransom is paid.
How do ransomware attacks work?
Ransomware attacks are launched in several ways. Attackers may use phishing emails that convince recipients to share login information and passwords that attackers can use to enter a system and install malware. Emails may have malicious attachments that download malware to a computer when opened, or malicious links that take users to a website where ransomware can be downloaded. Other ransomware attacks are executed when attackers exploit vulnerabilities within software and systems to gain unauthorized access to an organization’s network.
There are several well-known types of ransomware attacks.
How to identify ransomware attacks?
Since most ransomware attacks are the product of phishing emails that trick users into opening attachments, clicking links or sharing information, training users to spot phishing email is one of the most powerful ways to prevent ransomware attacks. Many phishing emails contain telltale signs such as:
How to prevent ransomware attacks?
Preventing ransomware attacks requires a multilayered approach to security.
What to do after ransomware attacks?
Because no security program can stop every attack, it’s important to have plans for how to recover after a successful attack. Your first step should be to disconnect all affected computers from the network and shared storage to prevent ransomware from spreading. After identifying the type of ransomware, report the attack to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at www.us-cert.gov/report and to a local FBI field office. To recover data affected by ransomware attacks, you may try to decrypting files with help from specialized tools and companies, or wiping infected computers clean and restoring files for backup.