The most prevalant threat to users at the moment is ransomware.
Security companies have generally struggled to deal with such an issue as the detection and removal of the executable files that encrypt the files on your computer are inherently difficult to handle in traditional antivirus methods.
As a reminder, ransomware is a program that hides in PDFs or Word documents, or is actioned from a weblink. This program will encrypt your files on either the PC or Server or both and hold the decryption key to ransom – this key is only available by paying a fee to the malicious software writer. Of course if you are to pay you have then provided your payment details to a criminal which may be used again and again. This is a destructive and costly risk to all businesses and individuals.
The launch of Intercept X from Sophos is more than just another piece of software, this is a specific solution to handle malicious threats including ransomware.
We must be mindful that the most powerful measure against ransomware is end user awareness – we must not trust that the email recipient our email program shows is true – it may look like an email from your bank or courier company, but hover over the links and check for their authenticity, check for spelling mistakes and layout as well as poor quality logo images.
Should the malicious software writers overcome the above issues and lead you to run the encryption software that holds your PC or server to ransom it is vital that the process is blocked and removed as quickly as possible.
This is where Intercept X is at its most useful. The Sophos program includes ‘CryptoGuard’ which secures your Endpoints (PCs) and servers which will monitor and stop ransomware before it affects (infects) your system.
By using the following processes Sophos can provide a next generation enhanced level of protection.
It is known that 90% of breaches are from software exploits, i.e. security vulnerabilities on your operating system or other software being used – it is also known that there is on average a 163-day window from the time the exploit
is found, to being fixed (patched) and the user then applying that update – the largest amount of time is for the user to perform the update. Therefore, 90% of all breaches are in fact avoidable.
Intercept X will therefore bridge the gap to reduce the ability for the virus to exploit the lack of updates or the security vulnerability in your software.
This will attempt to block any access to the malicious software (Malware) before it reaches your device through web detection. If the user still runs the Malware then Intercept X will perform its greatest trick.
Malware that is allowed to come into operation by end users clicking on a link or file that is malicious will see Intercept X stop the program from working, therefore stopping any encryption on the PCs files. Not only this, but any files that are encrypted in the milliseconds of the malware running, will be reverted back to a safe, unencrypted state.
This is very powerful and saves the user from a huge amount of time to report, diagnose and fix the issue assuming the IT partner is able to do so.
Intercept X’s CryptoGuard technology is effective against the well-known CryptoLocker, Locky, Zepto, Cerber and many more.
The automatic roll back is very impressive and provides a ‘get out of jail free’ card for any users clicking on the wrong link or attachment.
This should not replace the user training required to look out for threats, Intercept X should complement your existing security policies and provide business protection.
If you would like any more information please do not hesitate to contact us and our Sophos experts will be able to assit.