09/09/2021 | News release | Distributed by Public on 09/09/2021 14:38
Ransomware has emerged as one of the top national security concerns confronting the United States and is a top concern for most chief information security officers (CISOs) today. These sophisticated cyber threats not only disrupt vital infrastructure and major corporations, but they also can be detrimental to local communities and interrupt daily life for many people.
Ransomware attacks have evolved into multistage payload attacks where email and web (drive-by compromise) play an integral part in the attack chain, often delivering the initial payload as a malware downloader. These downloaders are designed to gain entry into a user's system or steal credentials to access the network, spread laterally and infect victims with ransomware.
Proofpoint Threat Analysts have observed ransomware threat actors becoming more hands-on with their campaigns and conducting additional surveillance of potential victims. They're using targeted lures to focus on larger industries that could lead to critical implications if disrupted for prolonged periods. These threat actors will not only leave ransomware payloads but also exfiltrate data and threaten to release it for double extortion, leaving organizations helpless.
Implementing detection tools like the Proofpoint Advanced Threat Protection can help prevent ransomware attacks during the initial distribution and infection stages. These tools use multilayered controls that can detect, block and provide visibility into ransomware and malware downloaders that lead to ransomware.
Following is an overview of other countermeasures your organization can use to help avoid or reduce the impact of ransomware attacks:
This includes controls for email and cloud detection. For example, you could:
There are also authentication controls you can employ, such as:
Increasing visibility can also help you reduce the risk of a ransomware attack. For instance, you can:
Additionally, automated response mechanisms allow you to:
Implementing administrative controls is another strategy. It includes security awareness training designed to ensure users understand the do's and don'ts of email fraud and security. User knowledge and awareness play a critical role in improving email security. By keeping users aware of the techniques and tricks of cybercriminals, you can help them transform from targets to defenders who can identify, avoid and report malicious emails-and help keep the organization's data, operations and finances safe.
User awareness should focus on safe computing practices and cautions. Users are your last line of defense, after all, so it's important they know how to look out for suspicious emails. Also consider using tools that provide routine microlearning to help users improve their knowledge and awareness about common security threats involving email.
The following is a summary of good practices that security awareness training for users should cover to help your organization reduce the risk of ransomware:
To help organizations raise user awareness and knowledge about ransomware, we've curated a selection of free resources to support users' understanding of best practices to apply to work and personal email.
The Proofpoint Ransomware Awareness Kit provides written, video and other visual content that can be emailed, displayed, posted or presented to reinforce safe email practices. In the kit, you'll find a description of how to use the materials, a suggested communication plan and a deployment schedule. You'll also find guidance and tips for executing a password improvement awareness campaign successfully using the materials provided.
Check out this page on the Proofpoint website to learn more about our market-leading solutions and mitigation strategies to help you defend against phishing, email fraud, ransomware and more.