MANILA, PHILIPPINES — In early 2017, Sophos, a global provider of network and endpoint security, entered into an agreement to acquire Invincea, a provider of next-generation malware protection.
Invincea’s endpoint security portfolio is designed to detect and prevent unknown malware and sophisticated attacks via its patented deep learning neural-network algorithms. It has been consistently ranked as among the best performing machine learning, signature-less next-generation endpoint technologies in third-party testing and rated highly both for high detection and low false-positive rates.
“Artificial Intelligence or AI will be the next buzzword in malware detection,” said Sumit Bansal, Sophos Director for ASEAN and Korea in a roundtable interview with InterAksyon. “Not years, but in just a couple of months, our AI will be helping in detecting these malwares in the wild and deliver the protection.”
If you’ve seen the news, then you’ve probably read about the recent spate of hacks, viruses and malware that are plaguing the modern world. It is never a good thing to have your PCs, your office network or your company systems affected by these cyber attacks.
Only recently Sophos held a regional tech roadshow in the Philippines for customers who belong in finance, loans, conglomerates, manufacturing, government, and education sectors.
We wanted to know the state of cybersecurity in the world and in the Philippines, and it was fascinating to talk about Artificial Intelligence (AI), evolving viruses, malware and synchronized security.
In the advent of this ever evolving cyber threats, Sophos is not only keeping cadence, they’re trying different approaches to combat it. Aside from protecting and securing enterprises, they’re looking into protecting computers and connected mobile devices.
Artificial Intelligence is helping develop better Security solutions.
According to Bansal, Sophos is tapping Artificial Intelligence to fight against computer virus.
“Machine and Artificial Intelligence has been used for years… what’s new now is AI is better than people. These machines have become more active than human beings. So it makes sense to use that kind of technology to make predictive decision.”
Exploit kit, ransomware and phishing
At the roundtable, we asked Bansal the top three computer viruses in the world, today.
According to the Sophos executive: first there’s the exploit kit, second is the ransomware, and last is the phishing threat.
Phishing is a devious way to get confidential information such as usernames, passwords, financial records. Hackers do this by disguising their e-mails and web sites as trustworthy.
Most of the time they look like they came from reputable organizations or big financial institutions. But they’re not. Once a user visits these fake sites, hackers could also install malware or get the user to provide their financial and private information.
Bansal said this is the number one issue these days. In fact, 80% of security issues are caused by phishing threats.
Then there’s ransomware. This is actual software or code that gets downloaded into a user’s computer. Ransomware starts encrypting the data of the user and blocks access to it until a ransom is paid. But it does take days for it to work so the user might still be able to access their devices. Well-known type of ransomware today are the Wannacry and Petya.
Based on a Sophos study, a run-of-the-mill hacker beginner can make up to $4,000 a month from ransomware.
“They (hackers) don’t have to be geniuses to make the program to actually create the malware. All they have to do is to go to darkweb, buy the platform, buy the list of people they want to attack from there and then launch it… that’s what they could get with less than $500,” Bansal explained.
Last is the exploit kit, technique that hackers use to deliver malware. Exploit kit as the name suggests, identifies software and system vulnerabilities in devices and machines. Once it has discovered these vulnerabilities, it’ll exploit it, uploading and executing malicious code on these devices. Currently, there are 24 exploit kits out in the wild and more are being created.
Sophos also protects the home
So the next question is, what about protecting home computers and devices? People use their own computers and mobile devices to access corporate networks and e-mails. While Sophos is focused on providing enterprise security solutions, they acknowledge that the home is part of the corporate security ecosystem.
“We realized that our customers who use Sophos Synchronized Security and Sophos Central, a platform for managing different Sophos products at the office or at their workspaces, also like to be protected at home. And they would like to feel that they’re using the same console as Sophos Central, so we offer Sophos Home.”
Bansal added that Sophos Home provides business grade security for home Macs and PCs. It uses the same engine as other Sophos enterprise security products but it’s simplified. Sophos Home is free and users can be set-up up to 10 devices either on Windows or Mac.
Sophos continues to study hacker techniques and stop them from performing through the use of Next Generation Endpoint. It prevents exploit kits in delivering malware, stops ransomware from running and then sends a report how it happened and how to clean it and check it.
Bansal said Sophos will continue to develop and build better solutions to protect and secure systems, whether they’re on the enterprise or at home.