Office 365 Ransomware Protection: You Need More Than Microsoft EOP
Adrien Gendre
—August 07, 2017
—3 min read
Ransomware attacks are running rampant around the globe. Numerous attacks have made global headlines, forcing businesses to halt operations and pay large premiums to regain access to their critical data.
If you use Office 365 for email and are relying on Microsoft Exchange Online Protection (EOP) for your email security, your organization is still vulnerable to all types of cyber-attacks. You need complete Office 365 ransomware protection to ensure that your organization won’t become the next victim.
If you use Microsoft EOP for your email security, your organization is still vulnerable to ransomware variants arriving via employee inboxes.
Scope of the Ransomware Threat
Ransomware is a huge threat for organizations of all sizes, including small and medium sized businesses. An attack or breach can have devastating reputational and financial impacts for businesses, not to mention the loss in operational time.
Email continues to be the primary attack vector for cybercriminals. They use deceptive techniques to convince users to open attachments, click links, or give up credentials. Malicious “delivery” or “invoice” PDFs and Word attachments containing macros have been one of the most popular delivery methods over the last year.
For some background on the scope of the ransomware threat here are some statistics from Symantec’s April 2017 Internet Security Threat Report:
- 1 in 131 emails sent in 2016 was malicious
- The average ransomware demand in 2016 was $1,077, more than 3x the 2015 demand price
- There has been a 3x increase in ransomware variants since December 2015
- Ransomware infections increased by 36% worldwide in 2016
- The rate of ransomware infections in 2016 nearly doubled from 846 infections per day to 1,539 infections per day by the end of the year
- Ransomware is expanding to more operating systems, including mobile devices and Mac OS X
What is causing this rampant spread of ransomware?
Cybercriminals are taking advantage of new and evolving technologies to make their software more sophisticated and devastating. Using these tools, they are able to create software that can slip past standard security defenses or use social engineering techniques to convince victims to click on malicious content.
- Botnets: distribute massive spam campaigns, and were the driving force behind some of the most devastating attacks this year that delivered Locky, Dridex, and TeslaCrypt. Able to send up to 1 million spam emails per day, this technology can quickly claim countless victims.
- Ransomware-as-a-service (RaaS): makes it easy for anyone to become a cybercriminal. Dark Net marketplaces offer easy-to-use platforms to customize ransomware with features, colors, or countdowns. It's essentially a ransomware franchise opportunity.
Doesn’t Office 365 Include Email Security?
Yes, but Micosoft’s Exchange Online Protection (EOP) and Advanced Threat Protection features are essentially signature-based solutions . While Office 365 ransomware protection provides some threat protection, it can only defend against known threats, leaving your organization susceptible. Signature-based systems look for known malicious portions of code to block attacks. Since cybercriminals are constantly making slight modifications to their malware to get past security defenses, your organization is left vulnerable to all unknown variations.
Microsoft EOP only protects against known threats.
The Problem with Signature-Based Systems
Signature-based systems can only defend against known attacks – that means someone has to fall victim before the ransomware gets blacklisted. No one wants to be the organization that happens to be hit by the latest variant before it has been blacklisted.
Signature based systems like EOP are basically useless for fighting against unknown email threats – and unfortunately with the spread of polymorphic and metamorphic malware… an ever increasing percentage of malware is effectively unknown to a signature-based system – in fact there were 357 million variants of malware in 2016 alone.
Predictive Office 365 Ransomware Protection
Organizations need comprehensive Office 365 ransomware protection that not only defends against known strains, but also protects you from unknown variants. The advanced solution from Vade uses artificial intelligence (AI) and data from a 24/7 global threat detection center to protect against all types of threats – including ransomware. Our multi-layered approach analyzes every email and ensures it is safe before it enters your employees’ inboxes.
Our solution has successfully detected every variant of Locky and CryptoLocker over the past several years with 100% accuracy.
Our software analyzes billions of emails every day so it is constantly learning and improving to ensure that your organization is protected from all types of email threats. Even just one malicious email infiltrating your organization can have devastating consequences, so you need predictive Office 365 ransomware protection to ensure your organization is safe.
Our software analyzes billions of emails every day that come through our global threat detection center to protect against both known and unknown email threats.
Besides ransomware, our solution protects against:
- Phishing
- Spear phishing
- Business Email Compromise (BEC)
- Zero-day attacks
- Malware
- Slight variants of malicious software
Interested in learning more about how our advanced analysis technologies work to protect Office 365 users? Download our ebook: Email Security for Office 365 .