We sat down for an interview with Chris McCormack, the Senior Product Manager at Sophos. Chris is responsible for Network Security with over 20 years of experience in IT and 5 years in Sophos. He specialises in providing advice and insight into the latest threats and network protection strategies.
The focused topic was on network and web threats – Sophos UTM 9.2.
During the interview, when asked on how web threats are progressing these days. McCormack described it as “nasty”. He mentioned about how malicious malwares have been to users and unfortunately there’s quite a handful of organisations out there not having the right amount of protection against these threats. Adding to the fact that most hackers are popular at doing cross scripting. He also explained on the five stages of web malware attack towards web users.
Basically, McCormack explained malwares might conceal themselves as advertisements, files and folders which resemble word documents or alikes whereby users might mistaken it as a real file and upon opening it, releases the malware onto your hardware. Some might even conceal the malwares into a “lost and found thumbdrive” causing the founder of the thumbdrive to be “infected”.
McCormack explained through his presentation slides the five stages of how a web attack works. It starts with the entry of the malware from “infected” sites which hijacks user’s browser. Distribution then occurs by redirecting the user to another malicious site depensing on the browser and OS.
The malware then releases an exploit kit which probes through the user’s system for a handful of vulnerabilities. Infection occurs when a malicious payload is downloaded and infects the user’s system with malware. The final stage is execution whereby the malware calls home or the hacker in-charge with sensitive data or attempts to extort the user for money (ransomware).
To counter attacks like these, Sophos has been monitoring hacker activities and preventing it from happening beforehand. McCormack further explained that tests are done on malwares caught at the Sophos lab in order to study the malwares behaviour and to come up with a counter measure for these malware.
When asked how does Sophos UTM 9.2 protects users from these unwanted threats, McCormack suggested a multi-layered protection system against malwares. Explaining that protection has to be done at each stage of the web attack and this is what UTM 9.2 specialises in.
McCormack believes Sophos is doing a great job at preventing malwares from infiltrating enterprises and big companies by making the most challenging tasks simple.