• Latest
  • Trending
How ransomware groups use remote encryption for cyberattacks

How ransomware groups use remote encryption for cyberattacks

December 28, 2023
Call of Duty movie: Paramount, Activision strike deal for live-action adaptation

Call of Duty movie: Paramount, Activision strike deal for live-action adaptation

September 5, 2025
Meta Brings Back Facebook Poke with Emojis and Streaks

Meta Brings Back Facebook Poke with Emojis and Streaks

September 5, 2025
Know why they’re calling: Truecaller launches AI-powered insights

Know why they’re calling: Truecaller launches AI-powered insights

September 5, 2025
Visa harnesses local partnerships to launch Visa Pay in DR Congo

Visa harnesses local partnerships to launch Visa Pay in DR Congo

September 5, 2025
Betika denies recent reports of security breach

Betika denies recent reports of security breach

September 5, 2025
10 things you can actually buy with crypto in Africa

10 things you can actually buy with crypto in Africa

September 5, 2025
CBE seals deal with Botim to enhance remittance services for Ethiopians living in UAE

CBE seals deal with Botim to enhance remittance services for Ethiopians living in UAE

September 5, 2025
Nigeria Senate, SIBAN push for crypto regulation to boost digital economy

Nigeria Senate, SIBAN push for crypto regulation to boost digital economy

September 5, 2025
Mamo Mihretu Resigns as Governor of Ethiopia’s Central Bank

Mamo Mihretu Resigns as Governor of Ethiopia’s Central Bank

September 5, 2025
Paratus Group introduces first private mobile network using LTE and 5G in Namibia

Paratus Group introduces first private mobile network using LTE and 5G in Namibia

September 5, 2025
Your one-stop tech hub! Get the latest updates on AI, cybersecurity, fintech, and emerging technologies.
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • General News
    • How To
    • Reviews
  • Cryptocurrency
  • Fintech
  • Startups
  • Ai
No Result
View All Result
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • General News
    • How To
    • Reviews
  • Cryptocurrency
  • Fintech
  • Startups
  • Ai
No Result
View All Result
Techpression
No Result
View All Result
Home Tech News Africa Tech News

How ransomware groups use remote encryption for cyberattacks

Felicia Akindurodoye by Felicia Akindurodoye
December 28, 2023
149 1
0
How ransomware groups use remote encryption for cyberattacks
465
SHARES
Share on FacebookShare on TwitterWhatsAppTelegram

In a report titled “CryptoGuard: An Asymmetric Approach to the Ransomware Battle,” published on December 21, 2023, by Sophos, a British-based security software and hardware company, it was discovered that a number of the most well-known and active ransomware groups, such as Akira, ALPHV/BlackCat, LockBit, Royal, and Black Basta, are purposefully using remote encryption in their attacks. 

A compromised and frequently weakly protected endpoint is used by adversaries to encrypt data on other devices connected to the same network in remote encryption attacks also referred to as remote ransomware.

All Sophos Endpoint licences come with Sophos CryptoGuard, the anti-ransomware technology that Sophos acquired in 2015*. In addition to monitoring malicious file encryption, CryptoGuard offers instant protection and rollback capabilities—even in situations where the ransomware never manifests on a host that is protected. 

Sophos’ layered endpoint protection includes a unique anti-ransomware technology as a last line of defence that only activates when an adversary triggers it later in the attack chain. Since 2022, CryptoGuard has observed a 62% rise in deliberate remote encryption attacks annually.

RelatedPosts

Kenya’s business data compromised in cyberattack, investigators rule out Ransomware

Serengeti strikes: 1,000+ nabbed in cybercrime crackdown

WEF lists AI misinformation, cyberattacks as top concerns

Read also: Lazarus Group causes $340 million damage in cyberattacks

The risks faced by companies 

Mark Loman, vice president of threat research at Sophos and the co-creator of CryptoGuard said: “Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one under-protected device to compromise the entire network. Attackers know this, so they hunt for that one ‘weak spot’—and most companies have at least one. Remote encryption is going to stay a perennial problem for defenders, and based on the alerts we’ve seen, the attack method is steadily increasing.”

Traditional anti-ransomware protection techniques installed on remote devices are unable to “see” the malicious files or their activity because this kind of attack entails encrypting files remotely. As a result, they are unable to shield the targets from unapproved encryption and possible data loss. 

As stated in the Sophos X-Ops article, Sophos CryptoGuard technology, on the other hand, employs a novel technique to thwart remote ransomware: it examines file contents to determine whether any data has been encrypted in order to identify ransomware activity on any networked device, even if the device is malware-free.

5 tips to avoid cyberattacks in 2023 as a remote worker

How Sophos has grown as a company

Jan Hruska and Peter Lammer founded Sophos, which started manufacturing its first encryption and antivirus software in 1985. In the UK, the company mainly created and distributed security technologies in the late 1980s and early 1990s, including encryption tools that were accessible to the majority of users (private or business). Towards the end of the 1990s, the company focused on creating and marketing antivirus software and started an international growth initiative.

Sophos was the parent company of ActiveState, a developer of programming tools for dynamic programming languages, from September 2003 to February 2006. After ActiveState was sold to Vancouver-based venture capital firm Pender Financial in February 2006, it became an independent company.

The company purchased ENDFORCE, an Ohio-based business that created and marketed Network Access Control (NAC) and security policy compliance software, in 2007. Astaro, a privately held provider of network security products with headquarters in Wilmington, Massachusetts, USA, and Karlsruhe, Germany, was acquired by Sophos, as announced in May 2011. 

While Forbes questioned the deal’s viability at the time, Astaro was the fourth-largest UTM (Unified Threat Management) vendor at the time. The Astaro UTM was later renamed as Sophos UTM by Sophos. Barricade is a start-up with a behaviour-based analytics engine that the company acquired in November 2016. A software provider of malware threat detection, prevention, and pre-breach forensic intelligence, Invincea was purchased by the company in February 2017.

Thoma Bravo paid US$3.9 billion to acquire the company in March 2020.

Tags: cyberattacksRansomware
Felicia Akindurodoye

Felicia Akindurodoye

Felicia Akindurodoye is an experienced writer and researcher, whose watchword is originality.

No Result
View All Result

Quick Links

  • Tech News
  • Cryptocurrency
  • Fintech
  • Startups
  • Business

Follow Us:

  • facebook
  • instagram
  • Twitter(X)
  • Linkedin
  • YouTube
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2025 Techpression.com -Techpression Media Limited

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

No Result
View All Result
  • Home
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • Reviews
    • How To
    • General News
  • Cryptocurrency
  • Business
  • Fintech
  • Startups
  • Featured
  • Ai
  • Tech TV

© 2025 Techpression.com -Techpression Media Limited

techpression.com
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.