How does ransomware begin? According to a new report from Palo Alto Networks, the answer is primarily through email. The report shows the top arrival protocols for ransomware. The most significant vector is SMTP, at 45%, followed by IMAP at 26.5%. When combined with POP3 (3.8%), you get the following: 75.3% of ransomware attacks arrive via email.
Source: Palo Alto Networks
It’s also worth noting that 22.3% starts from web browsing. That can mean many things, but it certainly means being sent via messaging apps like Slack and Microsoft Teams.
What does this mean for you? It’s yet another reminder that the best defense against ransomware comes through preventing phishing emails.
When folks think about ransomware, they probably think about network intrusion. And that certainly does happen.
But it’s important to know that when there is phishing, there will be ransomware.
When you reduce phishing emails reaching the inbox, you reduce the risk of ransomware. With Avanan, that reduction is as much as 99.2%.
How do we achieve it? It’s because we at Avanan think of things differently. Instead of having harried employees determine if an email is malicious or not, why not have the email security solution do the scanning and only deliver if it’s 100% safe? Our API-based solution focuses on the subtle signs that hackers leave, often invisible to the human eye. It quarantines the email automatically so the user never has to make an assumption.
Avanan does this by leveraging Artificial Intelligence.
For AI to work effectively, it needs to be trained on the best data set. For email security, it must be embedded within the cloud suite via API. Once embedded, the data set of cloud email security solutions is much richer. By being embedded, Avanan understands who the people being emailed are, the social graph, internal email, geo-suspicious login events, and more. Beyond that, as an inline security solution, Avanan’s security layers run after Microsoft and Google’s default security filters. That means Avanan’s AI is trained on the specific attacks not caught by Google or Microsoft.
In our model, we’re constantly training and tuning our AI on the specific tenant. We have separate training sets for Office 365 and Google and separate models based on the direction of mail (inbound, outbound, internal). We use best-in-class AI algorithms and put our own inputs into them. By applying custom threat profiles for each organization, we can better tune our AI and keep phishing out. Instead of applying a one-size-fits all approach, like Microsoft and Google do, we work for a custom solution.
Additionally, you need a solution that is all-encompassing to prevent such attacks, including:
- Multi-BCC emails, emails with malicious content, deleted sent messages, etc.
- Email rules that demonstrate embed behavior
- New API connections, especially to new or untrustworthy apps
- Connection of shared services, public folders, etc.
- By correlating between the different behaviors, we build a complete picture assessing what damage was done and what vulnerabilities now exist.
By doing all of the above, Avanan customers see a 99.2% reduction in phishing emails reaching the inbox. That’s how you avoid ransomware.
Email is the leading vector for breaches. Ensuring it’s protected by blocking the email before it reaches the end-user is the best way of protecting against ransomware—and all other—attacks.
Ransomware is causing business leaders to stress, and understandably so. The high-profile nature of the attacks, combined with serious monetary and data damage, is cause for concern.
But there’s an action you can take. It starts with implementing an anti-phishing program that uses Artificial Intelligence and Machine Learning.
Avanan’s patented technology utilizes cutting-edge AI and machine learning, along with human input from end-users and trained researchers to catch the attacks that Microsoft and other security layers miss.
Our technology deploys in five minutes and is embedded within Office 365 as an additional layer. It scans and prevents malicious emails before they hit the inbox, meaning end-users never see it and, most importantly, never click on it.
Ransomware doesn’t have to keep you up at night. With proper protection, it can be defeated. Learn how true AI works to reduce the risk of phishing and ransomware by downloading this whitepaper.