Sophos Intercept X with predictive deep learning offers security against cyber threats

Sophos has announced Sophos Intercept X for Server, next-generation server protection with predictive deep learning technology that provides constantly evolving security against cyber threats. Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks. Sophos Labs research indicates that 75 per cent of malware found in an organization is unique to that organization, indicating the majority of malware is previously unknown.

“Servers are the bull’s eye for cybercriminals because they store valuable information and have a broader, system-wide organizational purpose than individual endpoints. An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data,” said Sunil Sharma, Managing Director – Sales, Sophos India & SAARC. “Cybercriminals use stolen information for their own spear-phishing campaigns and crime sprees, or they could resell it at a premium price on the Dark Web or to a private network of buyers. Sophos threat experts have seen access to compromised servers for sale on the Dark Web, in addition to the poached data itself – a bonus for cybercriminals, but a double whammy for businesses.”

Attackers also use breached servers as proxies to redirect traffic to malicious websites and are now installing cryptominers on server farms and cloud accounts, so they can generate cryptocurrencies by stealing a company’s CPU, RAM, electricity, and other resources. The motives of cybercriminals based on how servers are utilized, what’s stored there and what can be leveraged for multiple crimes underscores the need for predictive, server-designed security with advanced anti-exploit technology that helps protect even unpatched systems.

“According to The Dirty Secrets of Network Firewalls research conducted by Sophos, 89 per cent IT managers in India opined that stopping malware threats has become harder over the last year and only endpoint or firewall is not sufficient to protect our data. It’s time we realize that servers are critical infrastructure, but they are often overlooked in the endpoint strategy of many companies,” said Sharma. “It’s not enough to simply install traditional endpoint protection on servers because they demand additional tools and features, such as cloud workload discovery, including Microsoft Azure and Amazon Web Services, and protection to mitigate risk from rogue or forgotten IT assets. The survey also said that 65% Indian respondents completely agree that their current defenses are not sufficient to block cyber threats – be it network, endpoint or server. Server-specific protection is necessary to a successful layered security strategy to reduce the risk of a data breach. Combined with Sophos’ Synchronized Security intelligence sharing and easy management from our Sophos Central dashboard, Intercept X for Server is a powerful addition that helps defend businesses from becoming the next victim.”

The need for server protection exists in organizations of all sizes, with smaller businesses being potentially at more risk than larger, better resourced enterprises as Frank Dickson, Research Vice-President, Security Products, IDC, commented, “The small- and mid-sized markets (SMBs) face challenges for server protection as they need the same level of protection as their enterprise counterparts. Yet, protection must be in an extremely easy-to- use offering. Additionally, sadly, SMBs are too often tempted to use underpowered, inappropriate PC endpoint offerings to protect servers as a way to save cost, forcing SMB server security vendors to provide compelling, affordable offerings that are also appropriate for a smaller or understaffed IT department.”

Regarding Sophos’ approach directly, Frank Dickson continued, “Sophos addresses the ease-of-use factor by integrating their products on Sophos Central, so there’s one dashboard for partners and customers to manage each security layer regardless of being on-premise or in the cloud. The new Intercept X for Server significantly advances server protection with deep learning, anti-exploit and other key technology elements. The anti-exploit technology has a client right on the server, a necessary requirement based on the manner in which hackers leverage server vulnerabilities to breach systems.”