Back to Ransomware

Ransomware

City in North Carolina affected by Ryuk ransomware.

In March 2020, the city of Durham, North Carolina, was affected by Ryuk ransomware. The ransomware instance was planted in the city’s network via a phishing email and targeted the 911 call center and the city’s fire department.

As soon as the incident was discovered, Durham's officials temporarily disabled all access into the network for the Durham Police Department, the Durham Sheriff’s Office, and their communications center. Though there has been no evidence of any data being stolen, officials have instructed residents to keep an eye out for any emails claiming to be from the city. The Ryuk ransomware strain has been identified to be disastrous, as it 's designed to specifically infect crucial assets and resources in each targeted network. Recent victims of ransomware include US-based Fortune 500 company E MCOR, North America’s leading railroad company; RailWorks Corporation; and French ISP and cloud provider Bretagne Télécom. 

Ransomware attacks can be costly. Invest in a tool like ManageEngine DataSecurity Plus to secure data and mitigate ransomware attacks. Download a 30-day, free trial of DataSecurity Plus today. Additionally, attackers usually resort to familiar, effective techniques, like phishing scams, to outsmart employees. A smart tool like Exchange Reporter Plus enables organizations to stay ahead of attackers by monitoring for and thwarting email-bound cybersecurity threats. Download a free, 60-day trial of Exchange Reporter Plus today.

How ManageEngine can help.

Exchange Reporter Plus provides a host of reports that can help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Often times, these malicious emails appear to be valid, tricking users into opening the emails and clicking on links embedded in them, which can cause serious damage.

With Exchange Reporter Plus, you can locate emails based on:

  • Messages by subject keyword. Use reports to identify particular keywords in the email subject lines.
  • Messages by body keyword. Identify all the messages in your mailbox that have a particular keyword in the body of the email.
  • Attachment name. Get a report of all emails in your mailbox that have an attachment with a specific name. With the names of the malicious files, you can take the necessary steps to stop email-bound threats.
  • Attachment type. Based on an attachment’s file extension, you can spot malicious software.
  • The number of emails received from a specific domain, sender, department, or external email address. Get reports on all incoming emails from an external email address, a blacklisted sender or domain, or a specific department.

In addition, ManageEngine M365 Manager Plus provides an advanced Microsoft 365 mailbox content search capability that identifies phishing emails by analyzing internet message headers, subjects, attachments, and bodies of emails. With this feature, you can identify senders' email addresses, the platform used by the attackers, and the servers the emails passed through.

Start your free, 30-day trial of M365 Manager Plus today to try out all these features.

Alternatively, investing in a ransomware detection tool helps you detect and respond to ransomware attacks in real time to minimize the impact on your organization. Here are some best practices DataSecurity Plus can help you implement to handle ransomware attacks.

  • Detect ransomware with real-time mass access alerts. Monitor the frequency of file modifications by a user, and issue alerts whenever the number of modifications crosses a threshold within a specified time.
  • Quarantine ransomware and shut down infected devices with a customizable and automated response system. Set automated alert responses through the execution of a batch file to respond to mass access alerts.
  • View in-depth details of events for further investigation. Generate customizable, audit-ready reports on all file-related changes, access attempts, and share permissions.

Learn more about the eight best practices that can help you avoid cyberattacks and protect your organization. Start your free, 30-day trial of DataSecurity Plus today.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.