All organizations know that the cyber threat landscape is getting more dangerous all the time. Yesterday’s amateur hackers who were motivated to destroy machines and wreak havoc, have given way today’s professional adversaries who are mandated to steal data and generate profit.
However, many of the most sophisticated attacks are coming through the virtual front door of the public internet, and counting on end users to do what they have always done: indiscriminately click links and visit compromised websites. As noted by Gartner: “Almost all successful attacks originate from the public internet, and browser-based attacks are the leading source of attacks on users”.
While there are numerous web-borne threats that organizations need to thwart, five in particular are fixtures on every security teams’ Least Wanted List:
1. Zero-Day Exploits
These attacks exploit browser and plug-ins vulnerabilities that are yet to be disclosed, and as such cannot be prevented even with frequent patching. Once adversaries infect the browser, they have access to credentials and sensitive data, and may gain control of the entire endpoint. Research has shown that the window from when a vulnerability is identified to when it is fully eradicated can stay open for up to 10 months.
2. Drive-by Downloads
Drive-by downloads are especially worrisome, because they can deliver malware even without users clicking on a link or downloading a file. Simply being on the wrong website at the wrong time is enough.
3. Flash and Java Vulnerabilities
Flash and Java are two of the most targeted platforms, and account for hundreds of vulnerabilities each year. Unfortunately for security teams, rumors of Flash’s demise have been exaggerated. As lamented by WIRED: “Flash isn’t dead, or really any closer to it”. And cyber criminals continue to attack Java, largely because many enterprises rely on it for legacy internal applications.
In theory, end users could be educated on do’s and (especially) don’ts of safe browsing. But in practice, security training is not effective against phishing attacks, as despite these educational efforts more than 12% of users click on malicious links or disclose sensitive information. As noted by Vanderbilt University’s Eric Johnson: “It seems like in groups of people, particularly inside a corporate firewall, who just click on everything, training doesn't seem to slow them down one iota…It's very hard to get folks, particularly when the deception is pretty good, to really step back for thirty seconds and look at it and say, `Is this something I should be clicking on?’ ”
Ransomware is a rapidly growing type of malware that encrypts files on computers and networks, and extorts funds from organizations in exchange for the decryption keys, leaving the victim unable to access information until a ransom is paid. This type of threat if often delivered by visiting a malicious website or downloading an infected file through the browser.
The Way Forward: Browser Isolation
The bad news is that we can expect adversaries to continue improve their methods as they find new ways to circumvent conventional security solutions. The good news, though, is that organizations can significantly reduce their chances of being victimized by using browser isolation.
Browser isolation completely eliminates web-borne threats -- including those listed above -- by handling all web sessions remotely, and delivering to end users only a safe visual stream of the requested website. In this way, isolation prevents malicious web content from ever reaching and infecting endpoints.
To learn more about protecting your organization from the onslaught web-borne threats, download the Fireglass Threat Isolation Platform datasheet.