Sophos warns vs increase in cybercrimes

MANILA, Philippines – British security software firm Sophos sees an increase in data harvesting and cyber crimes this year. 

Sophos particularly warned that small and medium businesses (SMBs) would be vulnerable to cybercriminals who employ Ransomware, a  type of malware that forces its victims to pay ransom through certain online payment methods in order to grant access to their systems, or to get their data back.

“Last year, the focus was on the big glamorous hacking stories like Talk Talk and Ashley Madison, but it is not just large organizations that are being targeted right now,” Stuart Fisher, Sophos’ Managing Director for Asia Pacific told technology reporters.

Sophos cited a recent PwC report that showed that 74 percent of SMBs experienced a security issue in 2015, and this number is expected to increase as SMBs are being perceived as “easy targets.”

Fisher said Ransomware is one area where criminals have been monetizing small businesses in a more visible way.

“Previously, payloads  – such as sending spam, stealing data, infecting websites to host malware – were far less visible so small businesses often did not even realize they had been infected,” he said.

Ransomware is highly visible and has the potential to make or break an SMB if they do not pay the ransom, Fisher explained.  “This is why criminals are targeting SMBs. Companies should expect to see this increase in 2016,” he said.

 Fisher noted that since SMBs lack the security budgets of large enterprises, they opt to settle for  “best-effort approach to security investments, including equipment, services, and staffing.” But this approach, Fisher stressed, makes them more vulnerable to hackers because they can easily find security gaps and infiltrate the network.

On average, a security breach can cost a small business anywhere up to P528,320– a significant loss for any business, Fisher said.

 He advised SMBs to take a consolidated approach to security, which means a thoughtfully planned out IT strategy to prevent attacks before they happen.

“Installing software that connects the endpoint and the network will mean a comprehensive security system is in place where all components communicate, and ensure there are no gaps for hackers,” Fisher said.

During briefing, Sophos introduced the first synchronized security protection against sophisticated threats with the Sophos Security Heartbeat capability of the Sophos XG series of next-generation firewalls and UTMs. This  new technology directly links next-generation firewalls and UTMs with next generation endpoint security to share threat intelligence that enables faster detection of threats, automatic isolation of infected devices and more immediate and targeted response and resolution.

Today, real-time information can be shared between endpoint and the network to provide an automated and immediate response to suspicious behaviour without any manual intervention. Synchronized security delivers better protection for organizations of any size,” Fisher said.