Sophos flags emergence of targeted cyber attacks
CYBERSECURITY COMPANY Sophos said next-generation technology is needed to address new types of cyber attacks, which it found are starting to be more targeted based on its 2019 Threat Report.
The United Kingdom-based firm said many businesses that are affected by cybersecurity breaches are subscribed to antivirus softwares, but are still penetrated because cybercriminals have also started to adapt.
“Next generation threats are not the traditional threats we know of in the past, where we could stop them with traditional antivirus. We need to look at new ways to stop them,” Sophos Managing Director for ASEAN and Korea Sumit Bansal said in a media roundtable on Tuesday.
It said its survey of 2,000 organizations globally found that 54% were hit by ransomware last year, and 77% of the those had an up-to-date antivirus at the time of the attack. It added that the average cost for every ransomware attack is $133,000.
“The threat landscape is undoubtedly evolving ‚ a less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we will eventually be left with fewer, but smarter and stronger, adversaries,” Sophos Chief Technology Officer Joe Levy said in a statement.
Sophos Senior Manager for Security Solutions Engineering in ASEAN Julius Suarez explained the start of targeted attacks that’s veering from emailed viruses. He said cybercriminals are using a search engine for Internet-connected devices to find those that use vulnerable softwares.
“Cybercriminals are targeting any server that has this vulnerability... They are not infecting the server, but they are using the server to hop into your network,” Mr. Suarez said.
He added that aside from targeted attacks, some attackers are also beginning to utilize Windows system administration tools which are already installed in one’s computer. He said with this, cybercriminals may more easily hack into a device by uploading just a script and exploiting built-in tools to execute an attack.
To address these emerging trends in cyber breaches, Mr. Suarez said it is important for business organizations to tap nextgeneration antivirus tools that are more equipped to detect and address the new forms of attacks.
He added that it is also helpful to employ security basics such as a using virtual public network and multi-factor authentication, reassigning default applications in a device and restricting the applications that a work station can run.