sb-nz logo
Story image

Just one click – that’s all it takes to let in cyber-crime

25 Sep 2020

By Bufferzone Security business strategist for A/NZ Greg Wyman.

Organisations can train users all day, every day, but humans are humans. It’s never possible to train 100% of users to identify and never click on a malicious link, or open a potentially harmful email attachment.

All it takes is for one user to visit one website, click a single web link, open one email attachment or download one file from a website, and potentially have a hacker or ransomware inside the organisation. Although phishing training is critically important, it is only a superficial layer of protection.

Attackers prey on the oldest human traits of greed, necessity, kindness, urgency or fear, to encourage users to click a link or open an email attachment.

So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple. It is about isolation, containment and elimination, or ICE solutions for short.

Imagine if every time users browse the internet, click a link, download a file or open an email attachment these are all opened in a low impact, secure virtual container located at the endpoint.

Any malware, ransomware or hacker code is isolated in that virtual container and, quite simply, it cannot escape to infect the rest of the organisation. To eliminate the malware, empty the container, and it all disappears.

The next challenge is how to bring file types such as Word, Excel, Powerpoint, PDF’s et cetera from untrusted or unknown external sources such as the web and emails into the business, and ensure there is no hidden or embedded malware in any of those documents?

Again, the solution is remarkably simple. All inbound files should be broken down to their barebone known useful components, then immediately reassembled using only the known good, industry-standard components. This leaves behind in the secure virtual container all macros, VB scripts, hidden or embedded objects and malware.

The document is visually identical to the original but does not contain malware. Any malware is isolated in the escape-proof container, and when this gets emptied, all malware disappears.

The cornerstone of an ICE solution is to have minimal impact on the users’ machines and for the sanitisation process to take just a few seconds so that work and users are impacted as little as possible. They can click links, download files and open attachments with confidence.

The users are protected, and the organisation has prevented a potentially devasting malware attack. This is especially concerning today as, according to Verizon, 94% of data breaches start at the endpoint.

Realistically, it’s never possible to stop 100% of users from clicking a web link, or downloading a file from the internet, or opening an email attachment. But that is where the latest in ICE solutions deliver compelling value add to existing endpoint security infrastructure and help to reduce cost and complexity while improving protection.

ICE solutions are designed to complement existing endpoint security products quickly and cost-effectively, to improve effectiveness without the traditional cost and complexity, and to stop even the unknown, undetectable, never-before-seen threats attacking businesses of all sizes.

With ICE based solutions, users can click and download with virtually zero risk.

Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
Gartner names ThreatQuotient a representative vendor for SOAR
The company is listed in Gartner’s 2020 Market Guide for Security Orchestration, Automation and Response Solutions.More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More