The massive ransomware outbreak that struck companies in more than 100 countries underscores the vulnerabilities that email poses to businesses. The attack, dubbed WannaCry, used emails as the path into corporate computer networks and exploited vulnerabilities in Microsoft (MSFT) - Get Report Windows.
Phishing attacks, in which hackers send bogus emails to gain passwords or data, are the "delivery model of choice for ransomware," Evercore analyst Ken Talanian noted in a weekend report on the outbreak.
A host of cybersecurity stocks were gaining strongly on Monday morning, but the news has particularly focused attention on email and cloud security outfit Proofpoint (PFPT) - Get Report , which was gaining 8.4% to $5.93 on Monday. Microsoft shares dropped 0.6% to $67.99.
Proofpoint already has been involved in defending against the attack. Researchers from the security company worked with the UK cyber researcher who found a "kill switch" within WannaCry that helped staunch the spread of the ransomware.
"We believe [Proofpoint] could see some benefit at the enterprise level as organizations ... look to enhance their security posture against phishing attacks," Talanian wrote.
Proofpoint Senior Vice President of Cybersecurity Strategy Ryan Kalember blogged on Friday that new variations on ransomware appear every two to three days. He noted that the number of new strains of ransomware quadrupled from the first quarter of last year to the first quarter of this year.
"We believe it was just a matter of time for an attack like this to occur because this Microsoft exploit was tailor made for malware that spread within an organization's network -- and ransomware is so profitable for cybercriminals," Kalember wrote. Along with updating security patches, companies should deploy software and services that block harmful emails and block employees from enabling macros that can spread ransomware.
Attackers are also seeking more money, according to Symantec (SYMC) - Get Report . The average ransomware demand jumped from $294 in 2015 to $1,077 last year, the security company noted in its annual global report on cyber attacks in April.
The risk may be closer than most email subscribers realize. Symantec found that 1 in 131 emails contained a malicious link or attachment last year.
Shares of Symantec gained 3.8% to $32.20 on Monday morning.