Malware Isolation - Stop all browser borne threats (Known or Unknown)

Malware Isolation

Stop all browser borne threats – Known or Unknown

Browser bourne attacks are on the rise at an increasingly alarming rate. Whether through Malvertising (BBC and New York Times both were victim to this this week), via phishing links, embed code in downloads or the execution of malicious material by a user, there is a common vector they all require either directly or indirectly: a system to execute on and (often) the internet to communicate with.

A threat delivered in the form of malware / ransomware or any other malicious code requires the ability to execute and in many cases then “communicate back” to a system located somewhere on the internet, the known internet or the darkweb, either way it must communicate back over “traditional bearers” and more often than not those channels are now encrypted.

Current detection techniques can’t keep up with the number of new malware variants that are released daily. Therefore the sensible and somewhat simplest option is to remove the endpoint from the internet altogether! Nice idea I hear you say, but how does my business still function, let alone communicate?

Malware Isolation – provides the ability to browse and utilise the internet as any employee normally would. Though in the knowledge that no browser borne threat can ever execute on their endpoint. By removing the endpoint, though maintaining the functionality security is increased exponentially, false positives, alerts or log analysis effort is reduced greatly and the overall Threat Surface (a system or device an attack can gain a foothold) of an Organisation is decreased massively. This is part of KEEP’s Actual Cyber Threat Reduction approach – Proven, tested solutions.

A typical organisation has a large percentage of users whom need to utilise the internet for their everyday tasks, not to mention personal communications, so much so that the browser is one of if not the single most integral components to how a user interacts with systems, customers, suppliers and colleagues.

• Patching browsers and systems is time consuming, resource intensive and will always be behind the curve
• Training of staff to be aware of threats is a great initiative, but the variance of threats and ingenuity of attackers outpaces that training and the awareness of the “average” user
• The delivery of threats has moved from highly targeted to high volume and therefore multiple threats may be delivered, some detected, some executed and some lying in wait
• A reactive approach will not save the business, if a threat has already executed and been noticed, it has to be questioned how long it has truly been there and what else may be there that systems simply don’t or can’t detect

The entire industry, organisations, users and IT Staff need to move away from traditional detection and response techniques and remove the problem in its entirety. A single solution will not solve the whole problem, attack vectors still exist, but taking away your largest, most targeted and most vulnerable threat surface is a pretty good start…..