You have seen the high-profile cases in the media and you know the damage malware can do. You may have even been a victim yourself. You already take steps to secure your devices and network. But are you doing enough?
WannaCry
There are various different types of malware, but all have one common purpose: to deliberately cause harm to your device, your network or your data.
The list includes viruses, worms and Trojans, with ransomware one of the most prevalent types. Although ransomware attacks have declined in volume recently, their sophistication has increased with major incidents regularly hitting the headlines.
Last year the WannaCry ransomware attack infected more than 300,000 computers across 150 countries. 42 NHS trusts were affected with some having to turn away all non-emergency patients. The disruption caused to hospitals, and the subsequent bill to update network security, highlight the importance of updating security plans within every organisation. While healthcare providers are the sector most likely to be hit, schools and similar establishments are not far behind.
77% of Ransomware Vicitims had Anti-Virus
Research commissioned by Sophos found that 54% of public sector establishments and 47% of primary schools were attacked with ransomware in 2017. While it may be sobering to read that establishments are more likely to experience an attack than not, it may also be surprising to know that 77% of the organisations hit by ransomware were running up-to-date endpoint protection.
So what are they doing wrong?
Ransomware is built to exploit flaws in the software you use. When criminals uncover vulnerabilities, and then immediately produce and deploy malware to target those vulnerabilities, they are staging what is known as a ‘zero-day’ attack.
This catches individuals, organisations, software makers and even traditional anti-virus programmes unawares. Because generic malware protection relies on the threat first being known and then an update sent to the anti-virus solution, zero-day attacks have the upper hand. This is where dedicated anti-ransomware becomes invaluable.
An Affordable Solution
Sophos Intercept X is specific anti-ransomware technology that works alongside Sophos Endpoint Protection. Sophos ranks number 1 for endpoint protection in recent tests. By using traditional techniques (including signature-based detection, behavioural analysis, malicious traffic detection and application control) and new techniques (including ‘deep learning’ malware detection (an advanced form of machine learning), exploit prevention, and specific anti-ransomware tools), Sophos Intercept X can mitigate the risk of an attack by malware used in zero-day attacks. With the increased sophistication and fast pace of malware attacks, your existing anti-virus alone might not be up to the job.
Despite 98% of network managers understanding the importance of anti-ransomware technology, 61% of public sector establishments and 65% of private schools do not use dedicated anti-exploit protection. We understand that school budgets are tight, so we believe schools should have access to robust endpoint protection at an affordable price.
We offer both Sophos Endpoint Protection and Sophos Intercept X with a significant reduction in price for eligible purchasers. Endpoint Protection Advance using Sophos Central (cloud) is available for £1.65 per year per device (equivalent). Intercept X is available for £2.32 per year per device (equivalent).
On-premise versions of these solutions are also available.
Click herefor more details.
What Next?
There is no doubt that robust anti-malware software should be part of everyone’s cybersecurity arsenal.
So too should education, ensuring you and your network users know what to lookout for to prevent an attack.
From a damage limitation perspective, you might want to also consider remote backup, making it easier to pick up the pieces should the worst should happen to your data.
SWGfL’s Ransomware White Paper is a comprehensive guide to risk mitigation offering further advice to protect your data and devices.