- ‹ previous
- 6 of 6
The rise of ransomware isn’t the only threat trend Sophos highlights in its report. While the vast majority of attacks continue to involve desktops and laptops, the company writes, attacks on Windows and non-Windows servers are climbing steadily.
A lot of that activity is associated with brute force assaults via Microsoft’s Remote Desktop Protocol. Dangerous under any circumstances, RDP attacks are made even more serious by the fact that they tend to be a precursor to ransomware.
“The Sophos Rapid Response team frequently finds that the root cause of ransomware attacks it investigates involve an initial access to the target’s network by means of RDP, and then the use of those machines to gain a foothold within the network and take control of DC servers, from which they can mount the rest of the attack,” the Threat Report states.
There are a lot of RDP attacks happening too. In research performed before coronavirus lockdowns went into effect, Sophos set up honeypots in 10 data centers around the world. “Over a 30 day period, the honeypots received a median average of 467,000 RDP login attempts, or about 600 per hour at each location,” Sophos writes. The longer each honeypot stayed online, moreover, the more heavily it was targeted.
More Galleries like This
Tuesday, if you didn’t notice, was Anti-Ransomware Day. Data published this week by Kaspersky, Sophos, and Kaseya suggests the damage ransomware inflicts remains as substantial as the opportunity it creates for providers of security services.
Speaking online yesterday about the vendor’s latest cyber threat report, SonicWall CEO Bill Conner (pictured) discussed an alarming rise in ransomware attacks, IoT exploits, and other threats in the first half of 2020.
New studies from Trend Micro and Thales suggest healthcare providers are vulnerable to attack and investing more heavily in security as a result.
Ransomware perps have been very busy this year. New research from Datto and Sophos shows how busy, as well as how much damage they’re doing and how they’re getting around cyber-defenses.
All three companies published new research studies at CompTIA’s 2017 ChannelCon event today. Here are a few of their most interesting findings.