A deep-dive on ransomware attacks during the pandemic and how Sophos endpoint security is evolving to meet the threat.

The Coronavirus pandemic made way for a new wave of cyber threats and opportunistic attacks, as organisations grappled with a transition to remote working and remote operations.

One of the key trends and challenges throughout 2020 was a rise in ransomware as operators pioneered new ways to evade endpoint security products. According to cyber security specialists Sophos, ransomware will continue to be THE major security issue in 2021.

As highlighted in the Sophos 2020 Ransomware Report and echoed in the new Sophos 2021 Threat Report, ransomware is getting more destructive, more expensive, and uglier in its nature. Sophos found that ransomware attacks grew in every quarter of 2020 and that half of all UK organisations were hit by an attack. Of those targeted, 73% had their data encrypted.

The financial implication is huge. A full-scale attack set the average business back by nearly £550K. And, unfortunately, almost a quarter of all victims were forced to cough up and pay out in exchange for the safe return of their data. While comprehensive cyber insurance can help to safeguard the return of your data, it falls short of providing a complete solution. Your customer data has already unlawfully been exposed, potentially on the dark web. When your duty is to protect data, this can have a catastrophic affect on your brand and credibility.

The shift to public cloud has compromised security further. Some 70% of organisations that are actively hosting data or workloads in public cloud reported a security incident in the last year, according to the Sophos Public Cloud Report 2020

It is therefore essential that organisations take decisive action to reinforce their cyber security provision across all endpoints, from core to edge to cloud.

Invest to protect

One of the common reasons that organisations are not properly investing in cyber protection is lack of budget. Covid-19 has forced organisations to realign their IT spend, with a huge focus on remote working tools and infrastructure. To ensure businesses could keep the lights on, software-as-a-service (SaaS) has taken more than its share of the funding pot. As a result, cybersecurity has often been left under-financed.

However, investing in a complete cybersecurity system is critical to combat the rise in ransomware. Not only can organisations protect themselves from the devastating impact of a threat in terms of data violation, there is also a huge opportunity for cost savings. According to Sophos Cybersecurity Evolve Report, organisations that adopted a Sophos Next-gen Cybersecurity System more than halved the time and effort spent managing IT security.

Investing in the best defense possible is the best way to mitigate against the costly impact of cyber crime.

The evolution of endpoint security

Thankfully, endpoint security is advancing to meet the threat. Sophos has developed a number of market-leading solutions, in direct response to key findings of the recent Threat Report and Ransomware Report. To find out about the latest features in its endpoint portfolio, we talked to security experts, Greg Iddon, MTR Strategist and Jonathan Hope, Security Specialist.

Intercept X Endpoint for heavyweight protection

Sophos Intercept X Endpoint is the “heavyweight” in endpoint security protection. This market-leading solution offers full protection including: Endpoint Detection and Response (EDR), Anti Ransomware, Managed Threat Response (MTR) and other key features like AI enabled Deep Learning Technology. For those already familiar with Intercept X, these new features pack a punch, giving all round stronger protection than its predecessor.

Users can proactively hunt for threats on their network and seek out undetonated malware and remnant fragments. The EDR feature also gives you the tools to ask detailed questions when hunting down threats to help identify and remedy issues. The cloud-based management console makes it easy to take action on remote devices. So you can investigate, install and uninstall software, or remediate any additional issues, on any device.

Round-the-clock monitoring with Managed Threat Response

The limitation with EDR is that it requires constant active management by the IT user to interpret the results and then act on the output. Managed Threat Response (MTR) is designed to mitigate the need for constant management.

With MTR the local IT admin is supported by a team of Sophos experts who are constantly remotely monitoring telemetry form their network using tools like EDR and more. The specialist team can detect issues, and with the customers permission, respond appropriately 24 hours a day. It’s ideal for organisations who feel they cannot oversee the day-to-day operations of EDR.

Rapid Response to deal with incidents quickly

Sophos Rapid Response is a separate service which provides, as the name suggests, speedy assistance to deal with a breach. The Sophos team of expert incident responders will help to identify and neutralise active threats against and within the organisation. Whether it is an infection, compromise, or unauthorised access attempting to circumvent your security controls.

Protect yourself with Sophos and Trustmarque

Trustmarque has a well established cyber security team and is as a leading partner to Sophos. We provide technical expertise across Sophos solutions, Intercept X, Cloud Firewall Rapid Response and more. Together, we protect your endpoint perimeter and keep your business safe and secure.

Watch out for our upcoming cybersecurity video interview with Sophos

We will delve further into 2021 threat landscape when Sophos’ MTR Strategist Greg Iddon joins Trustmarque’s Cybersecurity Practice Director James Holton for a discussion on the key challenges, trends and action points. This video interview will be available to watch on-demand soon – watch this space. Keep an eye on our LinkedIn profile to watch the interview as soon as it’s ready.

For a full view on the 2021 cyber security landscape, read the Sophos 2021 Threat Report and the Sophos 2020 Ransomware Report

By Katherine Murphy, content enthusiast