{"id":22279,"date":"2016-09-27T12:00:00","date_gmt":"2016-09-27T11:00:00","guid":{"rendered":"https:\/\/www.avanet.com\/blog\/sophos-central-endpoint-intercept-x-the-solution-against-ransomware\/"},"modified":"2023-08-17T19:36:13","modified_gmt":"2023-08-17T18:36:13","slug":"sophos-central-endpoint-intercept-x-the-solution-against-ransomware","status":"publish","type":"post","link":"https:\/\/www.avanet.com\/en\/blog\/sophos-central-endpoint-intercept-x-the-solution-against-ransomware\/","title":{"rendered":"Sophos Central Endpoint Intercept X &#8211; The solution against ransomware"},"content":{"rendered":"\n<p>Let&#8217;s look the facts in the face. Anyone who goes online with a computer today is exposed to so many dangers in one fell swoop that the only way to protect yourself against them is with a mixture of common sense, good antivirus protection and, at best, a firewall with a web filter behind the network. Shutting down the computer in the evening without catching malware is becoming more and more of a challenge!<\/p>\n\n<p>Ransomware has now been in the headlines since November 2015, and for a long time there was no technical protection, only <a href=\"https:\/\/www.avanet.com\/assets\/sophos-firewall-best-practices-to-block-ransomware-en.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">tips and advice <\/a>for IT managers. With <a href=\"https:\/\/www.avanet.com\/en\/shop\/sophos-central-intercept-x-essentials\/\">Sophos Intercept X <\/a>, Sophos has now launched a product <strong>that complements your existing endpoint security solution<\/strong> and can protect against ransomware, zero-day exploits and stealth attacks.<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>In this blog post, we will leave the classic viruses, worms and Trojans behind and focus on the really bad kind, namely the so-called <strong>ransomware<\/strong> (encryption Trojans). In addition, of course, we show how Sophos can protect against this malware and what products are needed to do so.<\/p><\/blockquote>\n\n<h2 class=\"wp-block-heading\" id=\"h-was-ist-denn-bitteschon-eine-ransomware\">What exactly is ransomware?<\/h2>\n\n<p>Imagine that you are unsuspectingly opening the attachment of an email and suddenly a message appears on the screen that your data has just been encrypted and you will not get it back until you pay a &#8220;ransom&#8221; for it. However, payment is not made in a familiar form, such as PayPal, credit card or bank transfer, because the transactions should be as anonymous as possible and cannot be traced. As if you weren&#8217;t already stressed enough after this incident, you then also have to deal with <strong>Bitcoins<\/strong>. Pretty brazen, isn&#8217;t it?<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Ransomware &#8211; When you suddenly have to pay a ransom for your data.<\/p><\/blockquote>\n\n<p>Today&#8217;s hacker has found an incredibly effective way to make a lot of money in a very short time. The hacker, or rather, the hacker organization, thereby receives sufficient financial resources, with which a part can be reinvested in the further spread of ransomware. The risk of you or even your company becoming a victim of this is therefore increasing. Think about what your company data would be worth to you.<\/p>\n\n<p>In the following video, Sophos explains the issue in 90 seconds:<\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Ransomware: A Brief Introduction\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/Xon8W6A2-Ro?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n<h2 class=\"wp-block-heading\" id=\"ransomware-verschwindet-nicht\">Ransomware does not disappear<\/h2>\n\n<p>Ransomware is currently the most effective attack, which means that it will not disappear anytime soon. Your own data is encrypted and if you want it back, you have to pay. Private individuals also have data, not just companies. So everyone is at risk. Companies simply bear the greater risk here, as more users access the same data. Thus, it is enough for a single employee to catch something and the group drive is encrypted and the company comes to a standstill. For hackers, ransomware is a success story because it&#8217;s a billion-dollar business! If you haven&#8217;t done anything about it yet, you should definitely do something.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"wie-kann-man-sich-gegen-ransomware-schutzen\">How can you protect yourself against ransomware?<\/h2>\n\n<p>When the topic of &#8220;ransomware&#8221; first came to the public&#8217;s attention, there were many guidebooks that showed IT managers what could be done against these crypto-Trojans. Basically, it was advised to train employees, actively make them aware of these threats, and create regular backups of company data. There was no software solution that could have detected such a Trojan. Antivirus software vendors were overwhelmed with these novel and quite intelligent Trojans, and some vendors still are. Sophos had then for the first time in December 2015 with <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-sandstorm-with-sandboxing-against-zero-day-maleware-and-apts\/\">\n  <strong>Sophos Sandstorm<\/strong>\n<\/a> a solution to defend against advanced persistent threats (APTs) and zero-day malware. That was at least a start. If you want to protect yourself against ransomware, we can recommend the brand new product <a href=\"https:\/\/www.avanet.com\/en\/shop\/sophos-central-intercept-x-essentials\/\">\n  <strong>Sophos Intercept X<\/strong>\n<\/a> which we believe should be installed on every endpoint.<\/p>\n\n<p><em><strong>Update<\/strong>: Meanwhile, there are new products <a href=\"https:\/\/www.avanet.com\/en\/shop\/sophos-central-intercept-x-advanced\/\">Intercept X Advanced<\/a> and <a href=\"https:\/\/www.avanet.com\/en\/shop\/sophos-central-intercept-x-advanced-for-server\/\">Intercept X Advanced for servers<\/a>.<\/em><\/p>\n\n<h2 class=\"wp-block-heading\" id=\"mit-sophos-intercept-x-gegen-ransomware\">Fighting ransomware with Sophos Intercept X<\/h2>\n\n<p>Sophos <strong>Intercept X<\/strong> is, in our view, simply a must-have to effectively protect against these new threats. Intercept X is based on technology from security vendor <strong>Surfright<\/strong>, which was acquired last year. The first product from this acquisition was <a href=\"https:\/\/www.avanet.com\/en\/blog\/sophos-clean-the-sidekick-among-virus-scanners\/\">Sophos Clean<\/a>. With Intercept X, this technology has now been integrated into <strong>Sophos Central<\/strong> and enhanced with new features. Threat pattern detection relies on behavioral analytics, attack vectors and Big Data. This allows malware to be detected without relying on updates or signatures. Signatureless detection also has the advantage of protecting against unknown malware and attacks from zero-day exploits.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"cryptoguard-eine-anti-ransomware-innovation\">CryptoGuard &#8211; An anti-ransomware innovation<\/h3>\n\n<p>One component of Intercept X is <strong>CryptoGuard<\/strong>. This feature protects against ransomware and immediately detects when files are encrypted. If this happens, the encryption of files is blocked and already encrypted files are automatically restored so that no data loss occurs.<\/p>\n\n<p>You can see how this looks in practice in this video:<\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"CryptoGuard Anti-Ransomware in 60 Seconds | Sophos Intercept X\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/jjvXlIUgkvs?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n<h3 class=\"wp-block-heading\" id=\"killer-feature-ist-die-analyse\">Killer feature is the analysis<\/h3>\n\n<p>The icing on the cake comes at the end. Imagine that, despite all the protective measures, malware has made it into your network. How could this happen? Which devices have been infected and what should you do now? Intercept X&#8217;s &#8220;Root Cause Analysis Tool&#8221; can answer all of these questions down to the smallest detail. A 360-degree visual analysis helps you find out where the attack took place, which parts of the system were affected and where it could have been stopped. In addition, recommendations for action are provided for similar attacks in the future. You can see exactly what this looks like in the following video:<\/p>\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Root Cause Analysis RCA in 2 Minutes | Sophos Intercept X\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/AOsjUjp4P7Q?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n<h3 class=\"wp-block-heading\" id=\"zusatzlicher-schutz-zum-bestehenden-antivirus\">Additional protection to the existing antivirus<\/h3>\n\n<p>Choosing the right antivirus package is almost overwhelming. There are, for example, Symantec, McAfee, Kaspersky, Trend Micro, Avira and Avast, just to name a few. Chances are very high that you have one of these products in use. With Intercept X, you don&#8217;t have to change a thing! It is even desirable, because Sophos Intercept X can or better must be installed in addition to existing endpoint security solutions from any vendor, thus increasing the level of security.<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Intercept is not an alternative to an antivirus, it is an additional layer of protection.<\/p><\/blockquote>\n\n<p>Sophos Intercept X can of course also be used together with <strong>Sophos Central Endpoint<\/strong> Standard (NEW!) or Advanced, providing a powerful additional layer of protection.<\/p>\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"967\" data-id=\"13013\" src=\"https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-1024x967.png\" alt=\"Sophpos Intercept X - Security Features\" class=\"wp-image-13013\" srcset=\"https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-1024x967.png 1024w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-64x60.png 64w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-300x283.png 300w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-600x567.png 600w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-768x726.png 768w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features-13x12.png 13w, https:\/\/www.avanet.com\/assets\/news-post-content-sophos-intercept-x-security-features.png 1051w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n\n<h3 class=\"wp-block-heading\" id=\"verwaltung-von-intercept-x\">Intercept X management<\/h3>\n\n<p>Intercept X can be installed and managed via the cloud-based management console <strong>Sophos Central<\/strong>. Administrators can control and configure settings, issue licenses, add new endpoints and track all activity.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"systemvoraussetzungen\">System requirements<\/h3>\n\n<p>Intercept X works smoothly alongside your existing antivirus software. Whether this is McAffee, Kaspersky, Symantec, Trend Micro, Avira, Avast or any other endpoint protection.<\/p>\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>According to our contact at Sophos, a Mac solution is on the way and will also be built into Intercept X.<\/p><\/blockquote>\n\n<h2 class=\"wp-block-heading\" id=\"sophos-intercept-x-jetzt-ausprobieren\">Try Sophos Intercept X now!<\/h2>\n\n<p>To see Sophos Intercept X for yourself, you can try it for free for 30 days. To do this, you simply need a Sophos Central account.<\/p>\n\n<p>If you don&#8217;t have a Sophos Central account yet, you can create one on the <a href=\"https:\/\/www.sophos.com\/en-us\/products\/sophos-central\/free-trial?id=0013000001EjyeY\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Sophos website<\/a> and try all the features, including &#8220;Sophos Intercept X&#8221;, for <strong>free for 30 days<\/strong>.<\/p>\n\n<p>If you already have a Sophos Central account and the 30 days trial period has already expired, you can either order a license for &#8220;Sophos Intercept X&#8221; in our store or you can choose our &#8220;Sophos Central Subscription&#8221; and rent the licenses on a monthly basis according to the &#8220;Pay-As-You-Go&#8221; principle:<\/p>\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.avanet.com\/en\/shop\/sophos-central-intercept-x-essentials\/\"><strong>Buy Sophos Incercept X now<\/strong><\/a><\/li><\/ul>\n\n<h2 class=\"wp-block-heading\" id=\"ransomware-simulator\">Ransomware Simulator<\/h2>\n\n<p>If you don&#8217;t quite trust this yet and feel that you are protected against ransomware even without Intercept X, check out <a href=\"https:\/\/www.knowbe4.com\/ransomware-simulator\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">KnowBe4<\/a> &#8216;s independent and free trial program &#8220;RanSim&#8221;. With this tool you can test whether your system could be infected by ransomware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Let&#8217;s look the facts in the face. Anyone who goes online with a computer today is exposed to so many dangers in one fell swoop that the only way to protect yourself against them is with a mixture of common sense, good antivirus protection and, at best, a firewall with a web filter behind the [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":21243,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[277],"tags":[],"class_list":["post-22279","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"blocksy_meta":[],"acf":[],"_links":{"self":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts\/22279","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/comments?post=22279"}],"version-history":[{"count":0,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/posts\/22279\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/media\/21243"}],"wp:attachment":[{"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/media?parent=22279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/categories?post=22279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.avanet.com\/en\/wp-json\/wp\/v2\/tags?post=22279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}