Tag Archives: Sophos Server Protection

Sophos Global Report : Cyberattacks On Cloud Honeypots!

Sophos has just released their global report – Exposed: Cyberattacks on Cloud Honeypots with very alarming findings for servers worldwide! Get the full details and find out what this means for your business and IT operations!

 

Cyberattacks On Cloud Honeypots

A cloud honeypot is a cloud-based system set up to resemble targets of cybercriminals. When attached, they enable security experts to study the cyberattacks.

During the course of the study, Sophos had set up honeypots in 10 most popular Amazon Web Services (AWS) centers in the world like :

[adrotate group=”2″]
  • California
  • Frankfurt
  • Ireland
  • London
  • Mumbai
  • Ohio
  • Paris
  • Sao Paolo
  • Singapore
  • Sydney

 

Cyberattacks On Cloud Honeypots Report Findings

During the 30 day period, Sophos reported:

  • A cloud honeypot that was set up in Brazil was attacked a mere 52 seconds after it went live.
  • Cloud servers were attacked an average 13 times per minute.
  • More than 5 million attacks were attempted on the network of honeypots in the 30 day period

This data sends a very chilling warning to every company worldwide of the real danger cyberattackers/cybercriminals present.

Cybercriminals are constantly scanning for weak and vulnerable open cloud buckets. They are the points of entry into servers or other networks.

“The Sophos report, Exposed: Cyberattacks on Cloud Honeypots, identifies the threats organizations migrating to hybrid and all-cloud platforms face.

The aggressive speed and scale of attacks on the honeypots shows how relentlessly persistent cybercriminals are and indicates they are using botnets to target an organization’s cloud platforms.

In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud,” said Matthew Boddy, security specialist, Sophos.

“The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing.”

 

Recommended Reading

Go Back To > Cybersecurity | Home

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Sophos CryptoGuard Anti-Ransomware Protection Launched!

April 25, 2017 – Sophos (LSE:SOPH) today announced that its next-generation anti-ransomware CryptoGuard technology is now available with its Sophos Server Protection products.

With this optimisation, Sophos Server Protection now has signature-less detection capabilities to combat ransomware – similar to Sophos Intercept X for endpoints. In September 2016, Sophos launched Sophos Intercept X with CryptoGuard, which stop the spontaneous encryption of data by ransomware within seconds of detection.

 

Sophos CryptoGuard

By adding CryptoGuard to server security, Sophos is closing a critical gap by preventing ransomware attacks that could come in through rogue, guest or remote access users or other weaknesses in a company’s network. For example, if a company allows bring-your-own-laptops on the network, remote access for employees or is victimised by an insider cyber threat, servers become highly susceptible to ransomware.

Additionally, network shares on servers are high-value targets as they contain proprietary financials, personally identifiable information and other key data, and should be protected as such.

“Servers are considered the jackpot for cybercriminals, since they can store confidential corporate and employee information, medical records with social security numbers or private customer documents. It would be devastating for organisations to lose this kind of sensitive data to ransomware,” said Dan Schiappa, senior vice president and general manager of Sophos’ Enduser and Network Security Groups. “Most organisations back-up their data, but recovery from a backup is not always easy. Businesses, schools or hospitals do not want the liability, hassle and operational disruption required to restore from a backup. Anti-ransomware technology is a critical layer for the protection and ongoing accessibility of the information that resides on servers. Sophos has optimised its Server Protection products with CryptoGuard, adding another layer of next-gen protection to block this pervasive and highly-damaging cyber threat.”

[adrotate banner=”4″]

Sophos has also expanded Synchronised Security by adding Sophos Security Heartbeat capabilities to Sophos Central Server Protection Advanced. By adding Security Heartbeat to servers, an IT administrator can now leverage Sophos XG Firewall to automatically isolate infected servers and endpoints to identify and respond to the source of compromises faster.

Sophos Central Server Protection also includes Malicious Traffic Detection, which monitors for traffic to Command and Control servers and application whitelisting with one-click Server Lockdown, which secures servers in a safe state and prevents unauthorised applications from running.

Sophos Server Protection products with CryptoGuard capabilities now includes Central Server Protection Advanced on the cloud-based Sophos Central platform and Sophos Server Protection Enterprise, which is managed with a traditional on-premise console.

Pricing for the complete range of Sophos Server Protection products is available from authorised Sophos Partners worldwide.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!