Why is it critical to stop ransomware at the gateway layer? Because email is the top entry point used by prevalent ransomware families. Based on our analysis, 71% of known ransomware families arrive via email. While there’s nothing new about the use of spam, ransomware distributors continue to employ this infection vector because it’s a tried-and-tested method. It’s also an effective way to reach potential victims like enterprises and small and medium businesses (SMBs) that normally use emails for communication and daily operations. Over the first half of the year, we observed how cybercriminals leveraged file types like JavaScript, VBScript, and Office files with macros to evade traditional security solutions. Some of these file types can be used to code malware. In fact, as a security precaution, Microsoft turns off macros by default. In this blog post, we examine various email file attachments and how ransomware affected the fluctuation in the use of these file types.
Read More