Dots Header Dark

Ransomware

Detect the delivery of ransomware and malware by email, with Egress Defend.

The global ransomware problem

236.1m
ransomware attacks occurred in the first six months of 2022
7 days
is the average minimum amount of downtime per attack
$228,125
is the current average rasomware payment

The evolution from a phish to ransomware

Phishing is one of the most common attack vectors for ransomware. A threat actor might phish a user’s credentials, use them to launch a BEC attack and then sell the compromised account on to a ransomware actor. Alternatively, a ransomware actor might simply purchase compromised credentials and use them to progress the ransomware attack.

As threat actors find new and creative ways to deliver ransomware payloads, legacy detection techniques are failing to keep pace and users have little margin for error.

Stats V2 Ransomware
Solutions Ransomware 1

Sophisticated malicious email payloads do evade detection

Email attachments containing ransomware are typically detected using the sandboxing capabilities of most secure email gateways (SEGs).

Embedded links that lead to malicious files have a higher likelihood of getting by traditional defenses, as web downloads are rarely sandboxed in-line. This results in the patient-zero problem, where the ransomware is delivered and executes before the sandbox results are available.

Organizations need to implement anti-phishing technology that can detect suspicious links at the time of click and prevent connection to the target file download.

Solutions Ransomware 2

Egress Defend inspects all aspects of inbound email to detect ransomware

  • 1 Payload analysis. HTML attachment is examined and a JavaScript payload is found that retrieves a remote ransomware loader. The obfuscation used by the JavaScript is itself a sign of suspicion.
  • 2 Display name impersonation detection. This is difficult for users to spot, especially on mobile devices, and as the domain is real, it passes SPF checks.
  • 3 Newly registered domain. Passes SPF checks and is not on any blocklist, but a newly registered domain being used for a fax server is highly suspicious.
Solutions Ransomware 3

Intelligent technology that's easy for users to understand

  • 4 Linguistic analysis reveals anomalous content. Email structure and copy identifies it as a fax receipt notification, but this is the first time the recipient has received one.
  • 5 Blue alerts highlight the email's origins. Our blue banners let the recipient know they've received an external email from a new contact. Based on our analysis, a red warning is also added.
  • 6 Red warning banner alerts user to real-time risk. As Egress Defend has identified the email as a phish with a malicious payload, a red warning banner is dynamically added to alert the user.
Solutions Ransomware 4

Egress Security Center highlights the risks that matter

Reporting on threats such as ransomware and malware in your email flows can be manual and slow. Even worse, systems can throw too much unnecessary information at you, making it harder to make timely and effective decisions.

Egress Defend’s intelligence platform provides simplified dashboards and critical insights so that administrators can quickly cut through the noise, identify email security risks and, where necessary, remediate them.

Solutions Ransomware 5

Actionable intelligence

Data and analytics should not overwhelm you with information. Augmented threat intelligence into attack types, payloads, and supply chain health gives Security teams what they need to take decisive action that mitigates threats.

Our real-time threat feed offers insights and statistics into email details, type of attack, threat levels, authentication checks, communication history, and how your people interacted with the email.

Interested in how Egress Defend would detect ransomware in your organization?

 

What our customers say

Hear from companies and organizations who use Egress Defend to prevent against ransomware attacks caused by phishing attacks.

If you’re relying on a yearly or even quarterly phishing test, I think you’re leaving major gaps. On going education and real time information have to be a part of your arsenal as well. I’m really impressed by what Egress Defend has been able to provide.

TRUSTED BY GLOBAL ORGANIZATIONS

  • Bupa Logo
  • Trusaic Logo Clear
  • Bae Systems Logo
  • Bernicia Logo
  • Nspcc Logo (1)
  • Spire Healthcare Logo
  • Qinetic Logo
  • Dis Chem Logo
  • The National Archives (1)

Read more about preventing ransomware attacks

Fighting Phishing: The Security Leader's View

From ransomware to payment scams, the risk of phishing continues to rise. 

In our Fighting Phishing report, we evaluate the phishing threats that organizations face, the impact these attacks have, and the steps CISOs are taking to reduce their risk.

We also share first-hand responses from CISOs and Security teams about their personal experience with phishing attacks.

The personal impact of a ransomware attack

Hear from Lisa Forte, Partner at Red Goat Cyber Security LLP, about the real-world reality of a ransomware attack.

How to Use a Hacker’s Toolkit Against Them

Read insights from our threat researchers about the tools and tactics attackers use in the first three stages of the cyber kill chain.

First ransomware, now killware. Can it be stopped?

What is killware? What’s the risk to your organization? Find out in our article on this malware threat.

Egress Intelligent Email Security

Protect against sophisticated inbound and outbound email threats without creating productivity roadblocks.

Inbound threat protection
Small Icon Defend SVG

Egress Defend

Protects against advanced phishing threats.
Learn more
Outbound threat protection
Small Icon Prevent SVG

Egress Prevent

Protects against accidental and malicious data loss.
Learn more
Small Icon Protect SVG

Egress Protect

Secure, certified end-to-end email encryption.
Learn more

Egress Security Center

Egress Intelligent Email Security products are managed from the Egress Security Center admin console.
Learn more
Esc Icon