Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

Proofpoint : Countermeasures for Ransomware

09/09/2021 | 04:42pm EDT

Ransomware has emerged as one of the top national security concerns confronting the United States and is a top concern for most chief information security officers (CISOs) today. These sophisticated cyber threats not only disrupt vital infrastructure and major corporations, but they also can be detrimental to local communities and interrupt daily life for many people.

Ransomware attacks have evolved into multistage payload attacks where email and web (drive-by compromise) play an integral part in the attack chain, often delivering the initial payload as a malware downloader. These downloaders are designed to gain entry into a user's system or steal credentials to access the network, spread laterally and infect victims with ransomware.

Proofpoint Threat Analysts have observed ransomware threat actors becoming more hands-on with their campaigns and conducting additional surveillance of potential victims. They're using targeted lures to focus on larger industries that could lead to critical implications if disrupted for prolonged periods. These threat actors will not only leave ransomware payloads but also exfiltrate data and threaten to release it for double extortion, leaving organizations helpless.

Ransomware mitigation strategies

Implementing detection tools like the Proofpoint Advanced Threat Protection can help prevent ransomware attacks during the initial distribution and infection stages. These tools use multilayered controls that can detect, block and provide visibility into ransomware and malware downloaders that lead to ransomware.

Following is an overview of other countermeasures your organization can use to help avoid or reduce the impact of ransomware attacks:

1. Use technology controls to block malicious payloads

This includes controls for email and cloud detection. For example, you could:

  • Dynamically detect and block email and cloud threat variants
  • Identify various threat tactics and trends
  • Tag external email to alert recipients of its origin
  • Analyze multiple email attributes (email header, sender's IP address, reputation, and message body) for urgency
  • Use Advanced BEC Defense from Proofpoint, a machine learning-based detection engine that learns in real time and analyzes every message detail
  • Identify data exposure in the cloud and limit what you share with threat actors
  • Protect from command-and-control with web security
  • Limit the ransomware blast radius with zero-trust network access controls
  • Prevent ransomware from being distributed from your cloud apps

There are also authentication controls you can employ, such as:

Increasing visibility can also help you reduce the risk of a ransomware attack. For instance, you can:

  • Identify the Very Attacked People™ (VAPs) in your organization to identify which users are being attacked with impostor threats
  • Provide granular threat details
  • See which suppliers pose the highest risk to your organization
  • Uncover malicious lookalikes of your domains and your suppliers' domains
  • Reveal who is sending emails using your domain, including trusted third-party senders

Additionally, automated response mechanisms allow you to:

  • Quarantine or remove suspicious or unwanted messages with one click-or automatically
  • Automate the abuse mailbox process
  • Enable users to report suspicious messages directly from the warning tag
  • Isolate user browsing sessions automatically based on their risk profile
2. Implement administrative controls

Implementing administrative controls is another strategy. It includes security awareness training designed to ensure users understand the do's and don'ts of email fraud and security. User knowledge and awareness play a critical role in improving email security. By keeping users aware of the techniques and tricks of cybercriminals, you can help them transform from targets to defenders who can identify, avoid and report malicious emails-and help keep the organization's data, operations and finances safe.

User awareness should focus on safe computing practices and cautions. Users are your last line of defense, after all, so it's important they know how to look out for suspicious emails. Also consider using tools that provide routine microlearning to help users improve their knowledge and awareness about common security threats involving email.

The following is a summary of good practices that security awareness training for users should cover to help your organization reduce the risk of ransomware:

  • Be wary of unexpected emails that have links or attachments.
  • Always look at the email address carefully; the email address may not match the actual address of known companies, work colleagues or friends.
  • Be sure to back up your data routinely in case ransomware is accidentally loaded; you can then restore your data and not pay.
  • Be careful of 'scary' emails informing you that an account or personal information has been compromised and that you must take immediate action by clicking a link or providing secret information.
  • Be wary of 'too good to be true' emails that provide windfall offers or lead you to believe you've won a prize and provide a link to claim the offer or prize.
  • Always carefully examine email addresses to ensure they match who the email is purportedly from.
3. Get started now on raising user awareness

To help organizations raise user awareness and knowledge about ransomware, we've curated a selection of free resources to support users' understanding of best practices to apply to work and personal email.

The Proofpoint Ransomware Awareness Kit provides written, video and other visual content that can be emailed, displayed, posted or presented to reinforce safe email practices. In the kit, you'll find a description of how to use the materials, a suggested communication plan and a deployment schedule. You'll also find guidance and tips for executing a password improvement awareness campaign successfully using the materials provided.

Learn more about ransomware protection

Check out this page on the Proofpoint website to learn more about our market-leading solutions and mitigation strategies to help you defend against phishing, email fraud, ransomware and more.


Proofpoint Inc. published this content on 09 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 09 September 2021 20:41:03 UTC.

© Publicnow 2021
All news about PROOFPOINT, INC.
10/18EXCLUSIVE : Email security software vendor Zix explores sale - sources
10/01PROOFPOINT : Named Best Overall Enterprise Email Security Solution Provider of the Year
09/14PROOFPOINT : How to Implement People-Centric DLP for Office 365
09/09PROOFPOINT : Countermeasures for Ransomware
09/08Proofpoint Announces Occurrence of Fundamental Change and Make-Whole Fundamental Change..
09/08ADVANCE FEE FRAUD : The Emergence of Elaborate Crypto Schemes
09/03PROOFPOINT : Why Building a Security Culture at Your Company Matters and How to Start
09/02PROOFPOINT : What the Biggest and Boldest Insider Threat Incidents Can Teach Us
09/01PROOFPOINT, INC.(NASDAQGS : PFPT) dropped from S&P Software & Services Select Industry Ind..
09/01PROOFPOINT, INC.(NASDAQGS : PFPT) dropped from S&P Global BMI Index
More news
Analyst Recommendations on PROOFPOINT, INC.
More recommendations
Financials (USD)
Sales 2021 1 248 M - -
Net income 2021 - - -
Net Debt 2021 - - -
P/E ratio 2021 -
Yield 2021 -
Capitalization 10 160 M 10 160 M -
Capi. / Sales 2021 8,14x
Capi. / Sales 2022 6,92x
Nbr of Employees 3 658
Free-Float 96,0%
Duration : Period :
Proofpoint, Inc. Technical Analysis Chart | PFPT | US7434241037 | MarketScreener
Income Statement Evolution
Managers and Directors
Gary Leigh Steele Chairman & Chief Executive Officer
Paul R. Auvil Chief Financial & Accounting Officer
Marcel DePaolis Chief Technical Officer
Lyn Campbell SVP-Global Operations & Information Technology
Robert Darren Lee EVP, GM-Compliance & Digital Risk Business Unit
Sector and Competitors
1st jan.Capi. (M$)
PROOFPOINT, INC.28.95%10 160
ACCENTURE PLC35.44%223 468
SNOWFLAKE INC.20.75%102 240