Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Sophos waters down claims it was protecting the NHS from attacks

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

May 15, 2017

We noticed today that Sophos has updated its website to in fact water down a few claims that it was protecting the NHS from cyber-attacks following Friday's catastrophic WannaCrypt web security outbreak.

Some anonymous posters commented that the "NHS is totally protected with Sophos". They added that "Sophos understands the security needs of the NHS after the weekend scrub-up".

Internet security observers, including former staffer Graham Cluley, noticed the recent change in attitude.

Sophos didn't publish a definition update until 18:25 London time Friday, hours after a huge security attack that forced several hospitals to postpone scheduled treatments and appointments in scores of NHS Trusts.

If enabled, the Sophos Live Protection functionality could detect the WannaCrypt ransomware earlier than that, and that's troubling.

To be sure, signature updates aren't the only layer of internet security in modern anti-malware software but this only raises further questions about why Sophos's technology didn't pick up an attack based on a known exploit patched by Microsoft in March 2017.

Sophos has been talking a lot about building better anti-ransomware defences over recent weeks, most particularly following its Invincea acquisition back in February.

In April, the company launched its anti-ransomware CryptoGuard technology, a paid add-on to its Sophos server protection products.

We asked Sophos to comment on what seemingly went wrong with its security defences but we've yet to hear back.

Sophos says that customers using Sophos Intercept X or Exploit Prevention (EXP) "were protected proactively against Friday's ransomware behavior from the very first instance".

It added: "Sophos Endpoint Protection already detected some variants of the WannaCry ransomware. We added further detection at 15.58 UTC on Friday May 12 for various samples in the new attack that we missed.

"This was a complex set of executables and various exploits which took some time to analyze. We also thoroughly tested all identity and rule updates before releasing them to our customers. The 17.25 UTC time in the KBA on our website is the time by which all our customers should have been updated. We are in the process of updating this wording in the KBA to be clearer," the company asserted.

Source: Sophos Internet Security.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer