Virus ransomware

The threat of virus ransomware.

Ransomware

The threat of virus ransomware.

Virus ransomware is a new and quickly growing threat to corporate security. In a ransomware attack, hackers breach an organization's network and hold it hostage by blocking access to systems, requiring organizations to pay ransom to regain access.

As virus ransomware attacks frequently begin through email phishing scams and similar threats, finding ways to stop these threats and block malicious URLs and weaponized attachments must be a high priority for IT departments.

Stop virus ransomware with Mimecast.

Mimecast provides comprehensive email security services, including tools to stop virus ransomware as part of an all-in-one subscription service for email security, archiving and continuity.

Mimecast's email security services eliminate the need to deploy a variety of point solutions to prevent spear phishing, virus ransomware, CFO fraud and other threats. Mimecast provides protection from these advanced threats as well as the threats of malware, spam, data leaks and more. Mimecast employs a secure email gateway, sophisticated detection engines and constantly updated threat intelligence to mitigate known and emerging threats before they reach the corporate network.

Ransomware

Mimecast solutions for mitigating virus ransomware.

To protect against virus ransomware, Mimecast Targeted Threat Protection provides three levels of defense that neutralize the most common methods used by attackers:

  • URL Protect prevents users from clicking on malicious links in email until the target URL has been determined to be safe. Mimecast scans links in live email as well as archived messages to prevent delayed attacks.
  • Attachment Protect provides defenses against virus ransomware by protecting employees from attachments that contain malware. Mimecast can preemptively sandbox attachments while checking for malware, or transcribe attachments to a safe format before sending them on to users in order to provide faster access to documents.
  • Impersonation Protect helps to stop phishing emails and other threats that use social engineering techniques to dupe users into revealing sensitive information or wiring money to fraudulent accounts. This Mimecast service provides virus ransomware and phishing protection by scanning all email for signs of fraud and then, based on administrator-defined policies, blocking or quarantining the message or sending it on to the intending recipient with a warning that it may be suspicious.

Learn more about stopping virus ransomware with Mimecast, and about solutions to prevent Office 365 phishing.

FAQs: Virus Ransomware

FAQs: Virus Ransomware

What is a ransomware virus?

A ransomware virus is a form of malware, or malicious software, that can be downloaded to a user’s computer, denying access to the computer or the data on it until a ransom is paid. Ransomware is a form of cybercrime that is usually spread through phishing emails which convince users to share login information, click on a malicious link or visit a website where a ransomware virus can be covertly downloaded to their computer.

How to remove a ransomware virus?

When a ransomware virus is successfully downloaded to a computer and an attack is launched, organizations should immediately isolate the virus by disconnecting the machine from the network and from any storage devices shared with other computers. After identifying the ransomware virus by the language in the ransom note, organization should report the virus to federal authorities at the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at www.us-cert.gov/report, and to a local FBI field office. To recover data, organizations can either try to decrypt files using decryption tools or ransomware specialists, or to wipe the system clean and reinstall data from a recent backup.

How to avoid a ransomware virus?

Avoiding a ransomware virus is the best way to prevent an attack. Anti-malware and antispam software can identify and block many routine or known ransomware virus threats. A secure email gateway with advanced inspection and filtering capabilities can block new and emerging ransomware threats by identifying indicators such as social engineering techniques as well as header anomalies, domain similarity and suspect language. Defenses that inspect URLs and attachments within email can block users from opening suspicious links or files. And DNS authentication services can spot email that may use sender spoofing to launch a ransomware virus.

How to train employees to prevent a ransomware virus?

Security awareness training is an integral part of defense against ransomware virus attacks. Human error is a leading factor in security breaches such as ransomware attacks, and training employees to be more vigilant can transform them from the weakest links in the security chain to an organization’s most effective defenders. Training typically focuses on how to recognize phishing emails that may be used in conjunction with a ransomware virus, and how to avoid the types of social engineering techniques that cyber criminals often used to breach defenses.

How to detect a ransomware virus?

There are a number of common indicators of a phishing email that may be designed to install a ransomware virus on the computer. These include:

  • Suspicious attachments such as unexpected invoices or files.
  • Grammar and spelling mistakes or uncharacteristic language that indicate the sender may not be who they claim to be.
  • Non-personalized communications, with salutations that don’t mention the recipient’s name.
  • Threats of negative consequences and/or an urgent tone that are designed to encourage recipients to act quickly.
  • Requests for personal information such as login credentials.
  • Inconsistencies in email addresses, domains and URLs, where the email address in the header is not an exact match for the company the email claims to be from, or where links in the body of the email don’t match the actual URL target within the link.