2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
The threat of virus ransomware.
Virus ransomware is a new and quickly growing threat to corporate security. In a ransomware attack, hackers breach an organization's network and hold it hostage by blocking access to systems, requiring organizations to pay ransom to regain access.
As virus ransomware attacks frequently begin through email phishing scams and similar threats, finding ways to stop these threats and block malicious URLs and weaponized attachments must be a high priority for IT departments.
Mimecast provides comprehensive email security services, including tools to stop virus ransomware as part of an all-in-one subscription service for email security, archiving and continuity.
Mimecast's email security services eliminate the need to deploy a variety of point solutions to prevent spear phishing, virus ransomware, CFO fraud and other threats. Mimecast provides protection from these advanced threats as well as the threats of malware, spam, data leaks and more. Mimecast employs a secure email gateway, sophisticated detection engines and constantly updated threat intelligence to mitigate known and emerging threats before they reach the corporate network.
To protect against virus ransomware, Mimecast Targeted Threat Protection provides three levels of defense that neutralize the most common methods used by attackers:
Learn more about stopping virus ransomware with Mimecast, and about solutions to prevent Office 365 phishing.
What is a ransomware virus?
A ransomware virus is a form of malware, or malicious software, that can be downloaded to a user’s computer, denying access to the computer or the data on it until a ransom is paid. Ransomware is a form of cybercrime that is usually spread through phishing emails which convince users to share login information, click on a malicious link or visit a website where a ransomware virus can be covertly downloaded to their computer.
How to remove a ransomware virus?
When a ransomware virus is successfully downloaded to a computer and an attack is launched, organizations should immediately isolate the virus by disconnecting the machine from the network and from any storage devices shared with other computers. After identifying the ransomware virus by the language in the ransom note, organization should report the virus to federal authorities at the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at www.us-cert.gov/report, and to a local FBI field office. To recover data, organizations can either try to decrypt files using decryption tools or ransomware specialists, or to wipe the system clean and reinstall data from a recent backup.
How to avoid a ransomware virus?
Avoiding a ransomware virus is the best way to prevent an attack. Anti-malware and antispam software can identify and block many routine or known ransomware virus threats. A secure email gateway with advanced inspection and filtering capabilities can block new and emerging ransomware threats by identifying indicators such as social engineering techniques as well as header anomalies, domain similarity and suspect language. Defenses that inspect URLs and attachments within email can block users from opening suspicious links or files. And DNS authentication services can spot email that may use sender spoofing to launch a ransomware virus.
How to train employees to prevent a ransomware virus?
Security awareness training is an integral part of defense against ransomware virus attacks. Human error is a leading factor in security breaches such as ransomware attacks, and training employees to be more vigilant can transform them from the weakest links in the security chain to an organization’s most effective defenders. Training typically focuses on how to recognize phishing emails that may be used in conjunction with a ransomware virus, and how to avoid the types of social engineering techniques that cyber criminals often used to breach defenses.
How to detect a ransomware virus?
There are a number of common indicators of a phishing email that may be designed to install a ransomware virus on the computer. These include: