Preventing ransomware attacks with Advanced Threat Protection (ATP)

Preventing ransomware attacks with Advanced Threat Protection (ATP)

Most ransomware attacks start via mail and can be prevented!

Add mail security Add mail security , but besides mail identity protection is the most important.

What does ransomware mean?

Ransomware or hostage software is a means of blackmail on the Internet. Literally translated, ransom means: ransom. Ransomware is malware that blocks a computer and/or the data on it and then asks the user for money to 'liberate' the computer again by means of a code provided in exchange for payment. However, payment does not (always) lead to unlocking the infected computer, warns the Dutch government. And even when the code is successfully used after payment, the software remains on the computer and can block the system again several months later and ask for even more money. Source

Spreading of ransomware

  • The most common distribution of ransomware is via email. In this article, we will focus largely on this method.

How can you add extra safety with ATP?


What are other possibilities?

  • Thanks to the above best-practice, protection against advanced cyber threats has been activated.
  • Office 365 Advanced Threat Protection (ATP) is set to block or limit malicious content in email attachments, links and files in SharePoint, OneDrive, Office and Microsoft teams

Ransomware can be prevented

  • IT professionals play an important role. Inreality, multi-factor authentication is often even difficult to implement by IT professionals.
  • Commodity (old and known) malware alerts can indicate that new attacks are growing. MDATP has everything included to counteract this.
  • To truly mitigate modern attacks, the infrastructure that lets attackers in must be addressed. Organisations need to focus less on solving alerts and invest in the attack surface through which these problems can occur. Proactive.

Use multi-factor authentication

  • Create enough security-awareness, but enough is enough.
  • When an organisation is under attack, we often activate MFA.
  • 1 in 200 accounts of all professional office 365 users is breached according to Microsoft figures. Source.
  • Block all exotic protocols such as IMAP, POP3 + Protect all layers within the organisation with security Azure Defaults!
  • Create a real digital workplace. MFA with Windows 10 does not give many pop-ups. MFA with Windows 10 without a deep integration in a traditional model well. MFA with Windows 7.... you are already hacked!

Further develop Microsoft Defender ATP (MDATP)

  • MDATP or Microsoft Defender ATP is not just Microsoft's virus scanner. MDATP is an end-to-end security mechanism that makes deep insights graphical and understandable. It shows risks and can act on these risks.
  • With MDATP you have the best and user-friendly insights to build a security operation and properly protect the base so that you cannot fall victim to ransomware .
  • See the security -patching gap on all devices so that you can improve it.
  • Delete privileged account.
  • Use advanced hunting to detect brute force attempts .
  • Use Windows defender firewall, tamper protection,...
  • ...
  • ...

Related blogs

Block downloading of O365 files when your device is unknown
Make legacy authentication transparent with Azure Log Analytics
Secure Score for Microsoft Azure | improveOffice 365 Secure Score



Welcome to On this website you can read articles and experiences about Office 365 with focus on Microsoft Teams. Feel free to ask me a question and I will answer it in a blog post. Help others by giving feedback at the bottom of the articles. This blog is made in Dutch. The multilingual website is offered with best-effort machine translation.
0 0 votes
Product review
Please let us know if there are
0 Reactions
Inline feedbacks
See all comments
Would love to know your thoughts, please leave a comment.x