Page 77 - Cyber Warnings
P. 77
Protecting Government by Expecting the Worst
Browser isolation can kill even the stealthiest threats
The proverb “Hope for the best, but prepare for the worst,” dates to the 1700’s, but applies
perfectly to anyone trying to keep their organizations safe from modern threats to cybersecurity.
Everyone should still invest in whatever detection and prevention systems they can, but know
that at some point those will inevitably fail. The attacks are too numerous, and the adversaries
too sophisticated to think any differently.
Government has been in the center of this security maelstrom for years now, and while it works
to constantly shore up its defenses, there have been numerous high profile attacks, such as the
breach at OPM, that were highly successful for the attackers. The problem for government is
two-fold. First, the information it protects is extremely valuable to some adversaries such as rival
nation states, so it will always be in the crosshairs. Secondly, the government, like most
organizations, built up defenses based on the concept of a security perimeter. That may still
work for physical security, but cybersecurity can no longer rely on that classic strategy.
In cybersecurity, the perimeter no longer exists. Almost every agency now has a significant part
of its workforce using desktop computers and laptops outside of the old firewall-protected
frontlines. Agencies that rely heavily on contractors have even more assets outside of their
direct control and protection. Any of those “outside” assets could become a pathway used by
attackers to get at the core data they want to steal.
Agencies and their federal contractors are all looking for new ways to secure assets working
outside of a known perimeter. For the contractors, being able to prove that they are doing
everything they can to secure those assets could mean the difference between a contract award
and having their bids rejected. For agencies, they simply can’t afford any more high-profile
breaches.
What makes outside assets so insecure is that they are often operating outside a firewall or
network support structure. The only protection the laptop has against threats is whatever is
installed locally. Unfortunately, one thing that is on virtually every endpoint is a browser, and it is
the number one pathway used by malware to infect systems. So, something that every system
is sure to have is accounting for almost 90 percent of all successful breaches.
To try and protect browsers, there are numerous programs designed to monitor systems and
detect malware ranging from classic anti-virus tools to memory resident scanners. They can be
highly successful, especially for low-level attacks, but all of them eventually miss something
which can open a doorway into a federal network. All of those prevention programs are only
listening to half of the classic phrase. They hope for the best, but don’t also prepare for the
worst.
And that is where the new technology of virtual isolation can be deployed to protect federal
assets and those of contractors operating outside of a firewall. Only virtual isolation allows users
77 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
