Sophos launched the Sophos Intercept X for server, next-generation server protection with predictive deep learning technology that provides constantly evolving security against cyber threats. Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks. SophosLabs research indicates that 75 percent of malware found in an organization is unique to that organization, indicating the majority of malware is previously unknown.
A recent Sophos survey reveals that two-thirds of IT managers worldwide don’t understand what anti-exploit technology is, leaving their organizations vulnerable to data breaches. Once inside a network, cybercriminals can use persistent and lateral moves to target and takeover servers to access the high-value data stored there, such as personally-identifiable information (PII), banking, tax, payroll and other financial records, proprietary intellectual properties, shared applications – all of which can be sold on the Dark Web or used for other types of attacks and monetary gain. Servers can also suffer collateral damage from ransomware and run-of-the-mill cyberattacks. Attacks reaching servers can be more devastating to a business than attacks on endpoints, due to the critical data they hold.
“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organizational purpose than individual endpoints. An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “Cybercriminals use stolen information for their own spear-phishing campaigns and crime sprees, or they could resell it at a premium price on the Dark Web or to a private network of buyers. Sophos threat experts have seen access to compromised servers for sale on the Dark Web, in addition to the poached data itself – a bonus for cybercriminals, but a double whammy for businesses.”
“Sophos understands that servers need their own set of security criteria, like the lockdown feature in the current server solution, and the new ability to discover cloud workloads. Many of Riverlite’s clients, companies with under-staffed IT personnel, require us to keep cloud deployments secure and free from disruption,” said Simon Barnes, principal consultant at Riverlite in St. Neots, Cambridgeshire, UK.