Cybercriminals are after your servers too!
June 12, 2018 - 4 minutes readYour servers hold your most critical data, your business applications and your highest privilege accounts, so protecting them is key to protecting your whole organization.
What if a server with order processing or patient health records was maliciously encrypted and held hostage for ransom? What if an organization’s domain controller was rendered unusable? Or what if an application server slowed to a crawl because attackers had managed to take advantage of an unpatched exploit to mine cryptocurrency?
If a laptop gets infected with ransomware, the user’s productivity is affected. But if a server is attacked and unavailable, the whole organization may be impacted. You don’t have to look further than last year’s WannaCry and NotPetya ransomware attacks to see examples of this.
Merck, the global pharmaceuticals company, Maersk, the global shipping and transportation company, and FedEx were all hugely financially impacted by the NotPetya attacks.
But it wasn’t just multinational corporations who fell victim. Smaller companies, such as Nuance Communications, were also attacked. The company recently disclosed its losses in a filing with the Securities and Exchange Commission (SEC).
Nuance was unable to get its software back online completely until early August, inhibiting its ability to offer SaaS transcription services for healthcare companies. The company also mentioned that a subsequent data breach in November had occurred when “an unauthorized third party illegally accessed reports hosted on a Nuance transcription platform.”
The company expects to incur additional costs this year when it enhances and upgrades its cybersecurity software, while still providing additional resources to its health companies.
The 2018 Verizon Data Breach Investigations Report notes how ransomware has increased in prevalence because it has been, and continues to be, an effective tool for cybercriminals: “When we first started seeing ransomware, it was smaller organizations – one desktop, one laptop…Now it’s more widespread and affecting critical systems, including servers.”
Over half of all the incidents reported included servers, so making sure you have protection in place couldn’t be more important.
Early Access Program
We’ve just opened our Early Access Program (EAP), a beta for our Server Protection products, and we’re inviting you to sign up.
Here’s what’s included in this EAP release:
- Ransomware/WipeGuard – to stop malicious encryption of organizational systems and data, or the Master Boot Record
- Anti-exploit – to stop the techniques used to exploit a vulnerability, whether specific exploits have been developed and found previously or not
- Anti-adversary – to prevent advanced hacking techniques used to persist stealthily in customer environments, and move laterally around the network
- Deep learning – to detect known and unknown malware
- Root cause analysis as an intuitive response tool
All of this is in addition to the features already included in Sophos Server Protection:
- Server Lockdown – to allowlist applications with one click and only allow those present during lockdown to execute
- Automatic application exclusions – to minimize false positives and ensure that key applications are not impacted
- Integration with AWS and Azure – to provide visibility and protection for all instances and VMs in the public cloud
- Synchronized Security – allows coordination across both the network and servers to mitigate risk and stop data loss instantly
Don’t wait, join the Sophos Server Protection beta today!
You can read the original article, here.
Powered by WPeMatico