On Friday, Ross McKerchar, Sophos' CISO, was featured on ITV News, discussing the latest developments in Chinese #CyberThreats. This follows our announcement of Pacific Rim, Sophos' 5-year defensive and counter-offensive operation targeting state-sponsored adversaries based in China.

The segment highlighted China’s growing role in cyberattacks against critical infrastructure and the evolving tactics of these cybercriminals.

If you missed it, watch the full story on ITV News: https://bit.ly/3WYzhHF

Sophos lifts the lid off a vast Chinese cyberespionage operation

Today, we’ve unveiled a defensive and counter-offensive operation with multiple interlinked nation-state adversaries based in China.

In our research named “Pacific Rim,” we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage and cyberespionage. Sophos also found overlapping tactics, tools and procedures (TTPs) with well-known Chinese nation-state groups, including Volt Typhoon, APT31 and APT41. The adversaries targeted both small and large critical infrastructure and government targets, primarily located in South and South-East Asia, including nuclear energy suppliers, a national capital’s airport, a military hospital, state security apparatus, and central government ministries.

Throughout Pacific Rim, Sophos X-Ops, our cybersecurity and threat intelligence unit, worked to neutralize the adversaries’ moves and continuously evolved defenses and counter-offensives.

After Sophos successfully responded to the initial attacks, the adversaries escalated their efforts and brought in more experienced operators. Sophos subsequently uncovered a vast adversarial ecosystem.

Ross McKerchar, CISO at Sophos, warns that critical infrastructure and #SMBs in the supply chain remain key targets. “Collaboration across sectors is vital to disrupt these long-term, complex attacks.”

For years, nation states have known that network devices are privileged, powerful and unmonitored places to hide, which is why radical transparency about vulnerabilities and patches and migrating End of Life (EOL) devices to modern technology is essential. The security industry needs to come together to create the changes necessary to stop fueling nation-state cyberattacks.

Read the full story here: https://bit.ly/4hvp0uT

📢 Today, we’re excited to announce our definitive agreement to acquire Secureworks.

Cyber risk continues to escalate, driven by a rampant cybercriminal ecosystem and global geopolitical pressures. As two global leaders in cybersecurity, we share a long history of having remarkable threat intelligence, security operations, incident response, and innovative security product capabilities that help organizations defeat these adversaries.

By joining forces with Secureworks, we’re able to accelerate the delivery of advanced cybersecurity services and technology for organizations worldwide.

Read more: https://bit.ly/3Uh1LLe

We’re happy to announce that Sophos #InterceptX was a winner in the CRN 2024 Tech Innovator Awards in the Endpoint Security category. Sophos MDR was also recognized as a finalist in the Managed Detection and Response category.

Our endpoint detection and response ratings reflect our commitment to advance organizations' defenses across industries. Read the results: https://bit.ly/4fU1PKb

In 2024, 67% of #healthcare organizations were hit by ransomware and average recovery costs increased year-over-year to $2.57 million. How can you prevent these attacks while protecting patients?

Frequent backups, dependable #endpoint solutions, and cyber threat awareness strengthen #PatientSecurity. Learn more in our State of Ransomware in Healthcare report: https://bit.ly/3yXAYMm

Risk tolerance varies across organizations. Many struggle to manage cyber risk effectively, often focusing on individual threats and challenges rather than adopting a strategic, holistic approach.

In Forbes, Raja Patel, chief product officer at Sophos, explores how to a four-part framework aligns your risk tolerance and resource availability to your #RiskManagement strategy. Learn more: https://bit.ly/3YPdYdi

Median #ransomware recovery costs for two critical infrastructure sectors, Energy and Water, quadrupled to $3 million this year, according to The State of Ransomware in Critical Infrastructure 2024 report, released today.

"Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks,” says Chester Wisniewski, global field CTO at Sophos.

Get more #CriticalInfrastructure insights: https://bit.ly/3WrK4dm