… the Intercept X early access program, including advanced application lockdown and exploit prevention.
Sophos on Thursday also released its SophosLabs 2018 Malware Forecast report that summarizes ransomware and other cybersecurity trends based on data collected from customer computers worldwide, from April 1 to Oct. 3. One key finding shows that while ransomware predominantly attacked Windows systems in the last six months, Android, Linux and MacOS were far from immune. Schiappa says customers who believe Macs and mobile devices are safer than Windows PCs and thus don’t need the same level of protection are leaving an opening for attackers.
For example, SophosLabs says the number of attacks via Android devices increased almost every month in 2017.
“In September alone, 30.4 percent of malicious Android malware processed by SophosLabs was ransomware. We’re expecting this to jump to approximately 45 percent in October,” said Rowland Yu, a SophosLabs security researcher and contributor to the report, in a statement. There are two main attack methods: locking the phone without encrypting data, and locking the phone while encrypting the data. Either way, the end user loses control of the device. And, as with all ransomware, regular backups are a main line of defense. Partners should be working with customers to ensure all mobile devices are well managed and regularly patched and backed up. (See this Channel Partners report for a guide to doing just that.)
The Sophos report also tracks ransomware growth patterns. WannaCry, which first appeared in May, was the No. 1 exploit observed on customer computers, dethroning Cerber. WannaCry accounted for 45.3 percent of all ransomware tracked through SophosLabs, with Cerber accounting for 44.2 percent. The damaging NotPetya ransomware that wreaked havoc in June has largely fallen off the radar, raising questions about the attackers’ intent.
Nick Beardsley, chief solutions architect at MSP TeamLogicIT, says he approves of where Sophos is taking Intercept X and says the ability to detect based on machine learning is applicable for all customers.
“Even at the SMB level, we’re not dealing with traditional viruses anymore,” said Beardsley. TeamLogic supports a wide range of companies, ranging from two employees to several hundred in all verticals, and consults with enterprises for select outsourcing or help with product choices.
“It’s a testament to Sophos’ platform that it can serve all customers and easily add on tools like encryption, but the single most valuable is syncing of firewall and endpoint security,” Beardsley said.
As to ransomware, he’s getting calls from everyone from nonprofits to financial services — it’s not limited to high-value targets like health-care companies.