FINAL WORD
are deploying multiple attack methods to
succeed, whether using a mix of ransomware
in a single campaign, taking advantage of a
remote access opportunity, infecting a server
or disabling security software.”
This relentless attack methodology
combined with the growth in Ransomware-
as-a-Service, the anticipation of more
complex threats and the resurgence of
worms like WannaCry and NotPetya puts
businesses in serious need of a security
makeover, according to Sophos. In fact, more
than 77% of those impacted by ransomware
were running up to date endpoint protection,
confirming that traditional endpoint security
is no longer enough to protect against
today’s ransomware attacks.
Two thirds of IT admins
surveyed don’t understand
anti-exploit technology
IT professionals also need to be aware of
how exploits are used to gain access to
a company’s system for data breaches,
distributed-denial-of-service attacks and
cryptomining. Unfortunately, Sophos’ survey
revealed considerable misunderstanding
around technologies to stop exploits with
69% unable to correctly identify the
definition of anti-exploit software. With
this confusion, it’s not surprising that
54% do not have anti-exploit technology
in place at all. This also suggests that a
significant proportion of organisations have
a misplaced belief that they are protected
from this common attack technique yet are
actually at significant risk.
“The lack of awareness and lack of
protection against exploits is alarming.
We’ve seen a resurgence in cybercriminals
looking for vulnerabilities to actively use
in countless attack campaigns. Five or six
years ago we saw one per year, and last
year as many as five new Office exploits
have been used for cybercriminal activity,
according to SophosLabs,” said Schiappa.
“When cybercriminals are deliberately
seeking out both known and zero-day
vulnerabilities and an organisation has
a deficit in defences, it adds up to a bad
security situation.”
Dan Schiappa, senior vice president and
general manager of products, Sophos
“Organisations of all sizes are starting
2018 with inadequate protection against
ransomware, despite last year’s international
headlines,” said Schiappa. “Given the
ingenuity, frequency and financial impact
of attacks, all businesses should re-evaluate
their security to include predictive security
technology that has the capabilities needed
to combat ransomware and other costly
cyber threats.”
According to those impacted by ransomware
last year, the median total cost of a
ransomware attack was $133,000. This
extends beyond any ransom demanded and
includes downtime, manpower, device cost,
network cost and lost opportunities. Five
percent of those surveyed reported a $1.3
million to $6.6 million as total cost.
96
INTELLIGENTCIO
Intrusions from exploits have been
happening for years but are still a
prominent threat and often go undetected
for months, if not years. Once inside
a system, cybercriminals use complex
malware that can hide in memory
or camouflage itself. In many cases,
businesses do not know they’ve been
breached until someone finds a large cache
of stolen data on the Dark Web. “It’s time
to disrupt these intrusions,” said Schiappa.
“Since traditional endpoint technologies
are often unable to keep up with advanced
exploit attacks used to compromise a
system, Sophos has added predictive, deep
learning capabilities to the newest version
of its next-generation endpoint protection
product Sophos Intercept X.”
Although 60% of respondents admitted
their endpoint defences are not enough
to block the attacks seen last year, only
25% have predictive threat technologies,
such as machine or deep learning, leaving
75% vulnerable to repeated ransomware
attacks, exploits and evolving advanced
threats. Sixty percent plan to implement
predictive threat technology within a
year, yet confusion about it persists. Of
those surveyed, 56% admitted that they
do not have a full understanding of the
differences between machine learning and
deep learning.
“Given the speed at which cyber threats
have evolved it is not surprising that many
IT managers are unable to stay ahead of
the next-generation technology required
for security. Yet this knowledge gap could
be placing operations at risk. Organisations
need effective anti-ransomware, anti-exploit,
and deep learning technology to stay secure
in 2018 and beyond,” said Schiappa.
Key survey findings from South Africa:
• More than 50% of organisations were hit
by ransomware last year and on average
they were struck twice
• 75% were running up-to-date
endpoint protection when last impacted
by ransomware
• Median total cost of a ransomware attack
was around £100K including ransom,
downtime, manpower, device cost,
network cost and lost opportunities, with
48% incurring costs below this level and
52% incurring costs above this level
• More than 50% of organisations do not
have anti-exploit technology, which means
they are easy prey for data breaches and
complex threats like WannaCry
• 70% of IT professionals were unable to
identify the correct definition of anti-
exploit technology, despite how critical it
is for modern attack prevention
• Only 34% have predictive next-
generation technologies, such as machine
or deep learning; 48% plan to implement
within a year
The survey was conducted by Vanson
Bourne, an independent specialist in
market research. This survey interviewed
2,700 IT decision makers in 10 countries
and across five continents, including: the
US, Canada, Mexico, France, Germany, UK,
Australia, Japan, India and South Africa.
All respondents were from organisations of
between 100 and 5,000 users. n
www.intelligentcio.com