Last year’s barrage of ransomware attacks, from WannaCry and Petya (NotPetya) to Bad Rabbit, had enterprises constantly reacting to the latest internet-borne cyberthreats. Reliance on the web, combined with social engineering, paves the way for destructive possibilities that can compromise even the strongest organization’s cybersecurity frameworks.
Unfortunately, in many instances, the human factor is the weak link responsible for enabling malware to wreak havoc on organizations. Hackers know this. They socially engineer their ruses with innocent email attachments or friendly website links to entice users to download or click. And when they do, it could be “game over,” as the hackers are already inside.
Bad Rabbit is a good example of how a visit to a website can result in downloading a ransomware-based dropper—programs that secretly install malicious executable files, built into their code, on a computer. The dropper was distributed via “drive-by” visits to a “safe” website. In the process, the dropper was being downloaded to the endpoint unbeknownst to the user.
This scenario happens every day. So how can you stop it from penetrating your security perimeter defense?
The Power of Isolation
By leveraging secure remote browsing, an organization’s chances of being attacked by Bad Rabbit or any other ransomware attack is dramatically reduced. Secure remote browsing solutions provide an additional security boundary without affecting the way users access the web.
All active web content is stored in an isolated environment away from the corporate network, where users are free to browse the internet completely safeguarded from malicious browser threats, and their own mistakes. Active browsing is conducted remotely in a virtual browser set up inside a container in the cloud or DMZ. The accessed content is then safely rendered in real time as a digital content stream and transmitted to the local browser. A seamless user experience is generated while ensuring there are no latency issues.
Malware that penetrates through the browser, such as Bad Rabbit, is unable to access the end user device and run the Disk Cryptor code necessary to execute the malware, because it remains isolated within the remote container away from other user devices. The container is disposed of once the browsing session terminates, ensuring that Bad Rabbit ransomware cannot spread further and is eliminated.
Malware can easily make its way past traditional security defenses. Integrating browser isolation with existing endpoint security frameworks provides the maximum level of security while minimizing the workload on IT. Constant browser patching is no longer necessary and neither is endpoint installation, due to the HTML5-based clientless approach.
It’s hard to rid employees of their bad habits. Therefore, it is in the organization’s best interest to reduce its dependence on the human factor. To combat Bad Rabbit and other potential cyberthreats, end user browsing must be kept isolated and secure. As you begin to prepare for all that 2018 has in store, eliminate the human factor in your cybersecurity equation to ensure the safety of your organization in the new year.