Unnecessary security flaw opened the door – Only to be saved by Synchronised Security

As you know, Security threats are absolutely everywhere.

Last week one of our longstanding customers faced a potentially critical cyber-attack, Ransomware had taken control of a single device… a Windows Vista PC. For 25+ years we have provided the business with IT infrastructure, ongoing support and security. The company has circa 50 users and a network with multiple layers of security installed to minimise risk.

The business benefits from Sophos Central which is a full security solution consisting of both hardware and software which protects entry to the network, user devices and servers. With no data breach or security issues in the past, the business was ideally protected with the in-place security solution delivered and managed by us. Sophos endpoint protection integrates technology like malicious traffic detection with real-time threat intelligence to help prevent, detect and remediate threats. Additionally, Sophos XG Firewall exposes hidden risks, blocks unknown threats, and automatically responds to incidents. This layered approach to security means that products work together to enhance defences and combat advanced threats.

Despite all of this protection, our customer’s network was still compromised – But why??

This was due to a single PC running Windows Vista, a platform that is no longer supported or capable of being protected by our security solution or Microsoft. The malware then tried to install itself across all of the computers on the network from this single infected PC.

The result?

No additional devices were breached, the Sophos application kicked in to exclude the infected system and protect the rest of the network from infection. How many of our team were involved in this process? None.

The application worked as it had been configured to. Delivering automated protection, isolating the infected system and keeping the rest of the network safe. The team at Babble were alerted allowing for reparation work on the infected device whilst all other systems continued to function as normal. Babble’s layered security deployment discovered the threat, analysed it and responded quickly to shut down the infection; if the unsupported PC has been running Sophos, no infiltration would have happened at all. It is reported that over half of applications installed on Windows PCs are out-of-date, which potentially puts the security of users at risk through flaws in software.

Our Cyberessentials assessment can help businesses to identify unsupported applications and devices on your network, highlight red and amber flags and provide solutions to move your business towards a full Cyberessentials certification.

Don’t become part of the statistics.