Stop Office 365 Ransomware Attacks with Predictive Email Defense
It’s the big day. In a couple hours, you’re scheduled to present a report to upper-management that could put you in good standing for a promotion. You’re putting the last touches on your report when you receive an Excel spreadsheet (seemingly from a colleague) that contains the last few numbers you need. Moments later, your computer freezes. A ransomware message pops up:
Your documents, photos, databases, and other important files have been encrypted. A private decryption key is stored on a secret Internet server. Nobody can decrypt your files until you pay and obtain the private key. You only have 24 hours to submit payment. If you do not send the money within the provided time, all your files will be destroyed. Warning! Do not try to get rid of the program yourself. Any action taken will result in the permanent deletion of your files. The only way to keep your files is to follow the instructions below…
Congratulations. You’re another victim of ransomware delivered by an Office 365-based email.
What do you do? Do you pay the price? Or report it to the IT department? If you are the IT department, or at least in it, you risk your reputation—you should’ve known better than to fall victim to ransomware. If you aren’t in the IT department, are you sure that you haven’t done anything negligible?
According to Cybersecurity Ventures, the global cost of ransomware damage is expected to exceed $5 billion in 2017—up from $325 million 2015.
Experts advise organizations not to pay ransoms, as it only rewards attackers and encourages them to continue using ransomware. But what’s a user to do when they’re under pressure to deliver at work or their own online behavior may be questionable? Your best option is to prevent ransomware in the first place with predictive email defense.
What is Ransomware?
Before we get into prevention measures, let’s take a closer look at what we’re dealing with. Ransomware is malicious software that attackers use to encrypt files on a victim’s computer or device, rendering them inaccessible. The attacker demands a ransom to be paid in exchange for the decryption key. The attacker may also add an additional blackmail threat, as in the above example. Most often, ransomware is delivered via phishing or spear phishing emails. Cloud-based email systems like Office 365 are as vulnerable as any email system without adequate protections.
Research by IBM reveals that 59% of ransomware attacks originate with phishing emails.