Ransomware attacks cost cusinesses $133,000 on average

Sophos has published the findings of its global study, The State of Endpoint Security Today which shows the extent to which businesses are at risk of repeated ransomware attacks and are vulnerable to exploits.  This has been announced in conjunction with the launch of Sophos’ latest version of Intercept X, which is now enhanced with malware detection powered by advanced deep learning neural networks.

 

The State of Endpoint Security Today

 

The State of Endpoint Security Today survey polled more than 2,700 IT decision makers from mid-sized businesses in 10 countries worldwide, including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa. The survey concludes that despite the high profile headlines of 2017, businesses are still not prepared to face today’s fast-evolving threats. 

 

Key findings include:

• The cost of an attack: According to those impacted by ransomware last year, the average total cost of a ransomware attack was $133,000. This extends beyond any ransom demanded and includes downtime, manpower, device cost, network cost, and lost opportunities. Five percent of those surveyed reported a $1.3 million to $6.6 million as total cost.
• Ransomware continues to be a major issue: 54 percent of organisations surveyed were hit in the last year and a further 31 percent are expecting to be victims of an attack in the future. On average, respondents impacted by ransomware were struck twice.
• The exploit technology knowledge gap: Nearly 70 percent of IT professionals were unable to identify the correct definition of anti-exploit technology, despite how critical it is for modern attack prevention
• Companies need a security makeover: more than 77 percent of those impacted by ransomware were running up to date endpoint protection, confirming that traditional endpoint security is no longer enough to protect against today’s ransomware attacks.

 

“Ransomware is not a lightning strike – it can happen again and again to the same organisation. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software,” said Dan Schiappa, senior vice president and general manager of products at Sophos.

 

“Due to this complexity and intelligence of modern threats, traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system. This is why the latest verion of Sophos Intercept X has added predictive, deep learning capabilities which can learn by experience, create a high accuracy rate, and a low false positive rate. Intercept X can bring the most advanced next-generation protection to any organisation, regardless of their current strategy”

 

Alex Bradshaw, IT technician at Kimbolton School, a Sophos customer, commented, “We suffered a ransomware attack that cost us 48 hours of downtime and lost productivity while we recovered. It was stressful and inconvenient for our faculty and students who rely on our IT operations every day. After that we deployed Intercept X, which took five minutes to install, and ten minutes for a full scan. We haven’t been affected by a ransomware attack since.”

Sophos introduces predictive protection to Intercept X with advanced deep learning

 

The new version of Sophos Intercept X encompasses malware detection powered by advanced deep learning neutral networks. Combined with new active-hacker mitigation, advanced application lockdown, and enhanced ransomware protection, this latest release of the next-generation endpoint protection delivers previously unseen levels of detection and prevention.

 

Deep learning is the latest evolution of machine learning. It delivers a massively scalable detection model that is able to learn the entire observable threat landscape. With the ability to process hundreds of millions of samples, deep learning can make more accurate predictions at a faster rate with far fewer false-positives when compared to traditional machine learning.

 

This new version of Sophos Intercept X also includes innovations in anti-ransomware and exploit prevention, and active-hacker mitigations such as credential theft protection. As anti-malware has improved, attacks have increasingly focused on stealing credentials in order to move around systems and networks as a legitimate user, and Intercept X detects and prevents this behavior. Deployed through the cloud-based management platform Sophos Central, Intercept X can be installed alongside existing endpoint security software from any vendor, immediately boosting endpoint protection. When used with the Sophos XG Firewall, Intercept X can introduce synchronised security capabilities to further enhance protection.