{"id":12145,"date":"2019-05-30T09:00:50","date_gmt":"2019-05-30T09:00:50","guid":{"rendered":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/?p=12145"},"modified":"2022-10-14T18:28:53","modified_gmt":"2022-10-14T22:28:53","slug":"sophos-wards-off-blended-cyberattacks","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/sophos-wards-off-blended-cyberattacks.html","title":{"rendered":"Sophos Wards Off Blended Cyberattacks"},"content":{"rendered":"\n<p><a href=\"http:\/\/www.sophos.com\/\">Sophos<\/a> announced Intercept X for Server with Endpoint Detection and Response (EDR). By adding <a href=\"https:\/\/www.sophos.com\/en-us\/products\/server-security.aspx\">EDR to Intercept X for Server<\/a>, IT managers can investigate cyberattacks against servers, a sought-after target due to the high value of data stored there. Cybercriminals frequently evolve their methods and are now blending automation and human hacking skills to successfully carry out attacks on servers. This new type of blended attack combines the use of bots to identify potential victims with active adversaries making decisions about who and how to attack. <\/p>\n\n\n\n<p>Once the\nbots identify potential targets, cybercriminals use their savvy to select victims\nbased on an organization\u2019s scope of sensitive data or intellectual property, ability\nto pay a large ransom, or access to other servers and networks. The final steps\nare cerebral and manual: break in, evade detection and move laterally to complete\nthe mission. This could be to quietly sneak around to steal intelligence and\nexit unnoticed, disable backups and encrypt servers to demand high-roller\nransoms, or use servers as launch pads to attack other companies. <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"335\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/sophos-bikes.jpeg\" alt=\"\" class=\"wp-image-12148\"\/><\/figure>\n\n\n\n<p>\u201cBlended cyberattacks, once a page in the playbook of nation state attackers, are now becoming regular practice for everyday cybercriminals because they are profitable. The difference is that nation state attackers tend to persist inside networks for long lengths of time whereas common cybercriminals are after quick-hit money making opportunities,\u201d said Dan Schiappa, chief product officer, Sophos. \u201cMost malware is now automated, so it\u2019s easy for attackers to find organizations with weak security postures, evaluate their payday potential, and use hand-to-keyboard hacking techniques to do as much damage as possible.\u201d <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"458\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/sophos-sign-evening-full-building-2-e1377639168387.jpg\" alt=\"\" class=\"wp-image-12149\"\/><\/figure>\n\n\n\n<p>With Sophos\nIntercept X for Server with EDR, IT managers at businesses of all sizes now have\nvisibility across an entire estate. This allows them to proactively detect\nstealthy attacks, better understand the impact of a security incident and\nquickly visualize the full attack history. &nbsp;<\/p>\n\n\n\n<p>\u201cWhen adversaries break into a network, they head straight for the server. Unfortunately, the mission-critical nature of servers restrains many organizations from making changes, often significantly delaying patch deployment. Cybercriminals are counting on this window of opportunity. If organizations do fall victim to an attack, they need to know the full context of what devices and servers were hit in order to improve security as well as answer questions based on stricter regulatory laws. Knowing this information accurately the first time can help businesses resolve issues much faster and prevent them from a repeat data breach,\u201d said Schiappa. \u201cIf regulators rely on digital forensics as evidence of lost data, then businesses can rely on the same forensics to demonstrate their data has not been stolen. Sophos Intercept X for Server with EDR provides this required insight and security intelligence.\u201d<\/p>\n\n\n\n<p>Sophos Intercept X for Server with EDR expands Sophos\u2019 offering of EDR, which was first announced for endpoints in October 2018. Sophos EDR is powered by deep learning technology for more extensive malware discovery. Sophos\u2019 deep learning neural network is trained on hundreds of millions of samples to look for suspicious attributes of malicious code to detect never-before-seen threats. It provides broad, expert analysis of potential attacks by comparing the DNA of suspicious files against the malware samples already categorized in SophosLabs. <\/p>\n\n\n\n<p><em>Learn about the latest in <a href=\"https:\/\/cvxexpo.tmcnet.com\/east\/\">the Channel<\/a>,&nbsp;<a href=\"https:\/\/www.mspexpo.com\/\">MSPs<\/a> and Cybersecurity at the world\u2019s only #TechSuperShow,&nbsp;<strong><a href=\"http:\/\/www.itexpo.com\/\">ITEXPO<\/a><\/strong>,&nbsp;Feb 12-14, 2020 Fort Lauderdale, FL.<\/em><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-5.jpg\" alt=\"\" class=\"wp-image-12146\" srcset=\"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-5.jpg 800w, https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-content\/uploads\/2019\/05\/itexpo-2019-hall-5-768x576.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Sophos announced Intercept X for Server with Endpoint Detection and Response (EDR). By adding EDR to Intercept X for Server, IT managers can investigate cyberattacks against servers, a sought-after target due to the high value of data stored there. Cybercriminals frequently evolve their methods and are now blending automation and human hacking skills to successfully<\/p>\n","protected":false},"author":44,"featured_media":12147,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[156],"tags":[1918,1919,1796,1920,300,477,1916,1921,1917],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12145"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=12145"}],"version-history":[{"count":2,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12145\/revisions"}],"predecessor-version":[{"id":12169,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/12145\/revisions\/12169"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media\/12147"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=12145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=12145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=12145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}