SophosLabs has released a malware forecast to coincide with the start of RSA Conference 2017.
Typically, our research papers focus on Windows, which has traditionally been the largest battleground. While some of the report does indeed look at Microsoft-specific challenges, we decided to focus more on the increasing malware threats directed at platforms where the risks are often not as well understood, specifically Linux, MacOS and Android devices.
Designed to secure business critical servers without sacrificing performance, Sophos Server Protection protects Windows and Linux servers from malicious attacks using a variety of traditional and next-gen methods, including Malicious Traffic Detection, Application Whitelisting (Lockdown), and soon CryptoGuard anti-ransomware capabilities.
Sophos now enables application and management of Server Protection policies for Amazon Web Services Auto Scaling Groups, and display valuable information about EC2 Instances in the Sophos Central management console.
The malware ecosystem is a complex environment. Criminals must acquire victims, develop scams and figure out the most effective way to turn that activity into cash. Most Internet crimes are opportunistic, meaning that online attacks are best operated as a high-volume business.
The keys to profitability are the ability to exploit a high percentage of potential victims, being able to cast a wide net to gather said victims, and some sort of payload that can steal information or extort money from a victim.
In research conducted in February 2015 at SophosLabs in Vancouver, Canada, we found that Linux machines represented approximately 80% of the 178,635 newly malicious websites discovered by Sophos during that week. This compares to approximately 73% of all websites being served by non-Windows servers.
Why should this be the case? What leads Linux to be such an integral part of malware distribution?
Linux is widely considered to provide a higher level of security than traditional operating systems.
As a result, security tools such as anti-virus software are often ignored on the Linux platform.
However, Linux is increasingly popular with attackers, because Linux systems are often used for critical roles such as developer workstations, web servers and internal file servers.
Europe’s biggest security event is upon us. If you’re attending Infosecurity Europe 2015, we hope you’ll join us at stand D260 to check out our great products, grab one of our cool giveaways, and see entertaining presentations from our respected experts.
One of our top experts will also be featured on the keynote stage, where James Lyne, Sophos global head of security research, will show you live attack demonstrations in his talk “How to Hack an Enterprise: Exploitation for Beginners.” James is also a member of the advisory board for the Intelligent Defence technical research conference taking place alongside Infosec.
The theme of Infosec this year is “Intelligent Security: Protect. Detect. Respond. Recover.” We agree that security should be intelligent – that’s why Sophos products are designed to prevent attacks based on suspicious behaviors, and detect and isolate infections when they do happen.
Recently we asked a bunch of IT professionals if they install antivirus on their servers. Their answers were quite surprising.
Out of 486 IT professionals we surveyed, only 284 (58%) said they run antivirus on both Windows and Linux servers.
The rest said they either don’t bother with antivirus on Linux servers (34%), or don’t run antivirus on any servers at all (8%).
If you couldn’t make it to San Francisco for RSA Conference, we’re bringing you great content and news from the event on our blogs and social media channels.
We also broadcasted from RSA via podcast – bringing you the expert opinions of our top security gurus, who took time away from their presentations and booth talks to reflect on the interesting themes and serious discussions happening at the conference.
There’s so much going on in the security world, and Sophos experts cut through the noise succinctly and intelligently in our (brief, informative, fun) podcasts.