Phishing attacks are becoming increasingly popular, despite advances in anti-phishing techniques and staff training. It’s because they’re so effective. Employees, after all, must to click on links to do their jobs, and social engineering makes it more difficult to identify phishing links.
Phishing links are especially effective because there are so many malicious and short-lived websites around. Their content is frequently changed to prevent accurate categorization. To make matters worse, some employees click quickly and thoughtlessly on links and leave their email and chat clients open, creating an instant opportunity for cybercriminals.
Detection is never reliable; at best it stops known malware, but unknown malicious code very often causes false positives (to the annoyance of staff who are restricted in their work), and even false negatives, which is when malware hits home and causes damage. HP Sure Click Enterprise (formerly Bromium) offers a revolutionary approach to ransomware and advanced malware protection. This endpoint security solution focuses on isolation rather than detection. Email attachments, websites and files from insecure sources are executed in a secure environment on the computer. It is fully transparent and doesn’t restrict users.
HP Sure Click Enterprise (formerly Bromium) works by isolating potentially hazardous tasks – first and foremost internet browsing, but also opening email attachments and files from USB drives, of course. The Bromium microvisor uses the virtualization technology of today’s processors to handle each task in a dedicated micro-VM. This means that malicious code can never penetrate the actual client host or even further into the internal network. Users do not notice any of this; they continue to work in their virtual copies of the client, as before. As well as actual isolation through micro-VMs, HP Sure Click Enterprise covers every aspect of a fully comprehensive endpoint security suite, including monitoring, real-time threat intelligence, alerting and remediation.
This novel approach of not relying on malware detection means there is no need for constant software updates, as is the case with AV, etc. Operational managers can determine the ideal time to install security updates for applications, for example, Internet Explorer or Adobe Reader, since even the latest variants of malware like ransomware can simply no longer cause any damage because they always execute in a micro-VM. On the contrary, this provides forensic experts, CERT teams, or SOC staff with valuable information because the complete kill chain is analyzed and processed as a result of the final execution of the malicious code.
Spear phishing: Targeted fraud attempts directed at individuals by including their names, positions and work processes.
Whaling: Aimed at company executives, it is often formulated as legal notices, customer complaints or management issues.
Social engineering: Disguised as an appeal to people’s willingness
to trust and help others.
Unintended infection: Sharing messages and links from social networks that have been compromised.
About Bromium & HP Inc.
Bromium has transformed endpoint security to defeat cyberattacks with its revolutionary isolation technology. Unlike antivirus software and other detection-based defenses that cannot stop modern attacks, Bromium uses micro-virtualization to keep users safe while delivering significant cost savings, by reducing and even eliminating false positives, urgent patching and corrective action – and thus transforming the traditional security lifecycle.