Over time and the evolution of technology, the hackers they are constantly developing new methods and now combine automation with their hacking capabilities to attack servers that are a primary goal because of the data stored on them. This new type of attack combines the use of bots to identify potential victims with human resources, who decides to whom and how to attack. To address this issue, Sophos announced Intercept X for Endpoint Detection and Response (EDR) Server. By adding EDR to Intercept X for Server, security experts can explore them cyberattacks on servers.
Using bots, cybercriminals decide which targets to choose based on the range of sensitive data or the intellectual property of an organization, the ability to pay more ransom, or access to other servers and networks. Then they complete their work in the usual way: they break into the system, avoid detection, steal the information they want and leave unnoticed, or in other cases disable backups and encrypt the servers to demand ransom or use the servers to attack. to other companies.
According to Dan Schiappa, head of Sophos product service, “Most malware is now automated, so it's easy for attackers to find organizations with weak security, evaluate their payment options and use hacking techniques to do as much as possible. as much damage as possible. ”
With Sophos Intercept X for Server with EDR, IT specialists in businesses of all sizes now have visibility across the enterprise system. This allows them to pre-detect any hidden attacks, better understand the impact of an attack, and quickly depict the full history of an attack.
“When hackers get into a network, they go straight to the server. Unfortunately, the critical nature of servers restricts many organizations from making changes, often significantly delaying the development of patches. Cybercriminals are based on this. If organizations fall victim to an attack, they need to know the full scope of the devices and servers affected to improve security. Knowing this information accurately can help businesses solve problems much faster and prevent a repeat data breach, ”Schiappa said. "Sophos Intercept X for Server with EDR provides this required knowledge and security."
Sophos EDR is powered by deep learning technology for more extensive detection of malware. Sophos' neural network of deep learning is trained in hundreds of millions of samples to look for suspicious malicious code features and detect threats that are unknown until that time. It provides a broad and specialized analysis of potential attacks, comparing the DNA of suspicious files with the malware samples already categorized in SophosLabs.