When I was a kid, Red Rover was one of the popular playground games. Two teams lined up across from each other, each linking arms. One side yelled, “Red rover, red rover, we call [player’s name] over,” at which point the named girl or boy runs over and tries to break through the opposing team’s line. In military jargon, you might call that a brute-force attack vector – creating a literal hole or failure in the line of defense.
In the cybersecurity world, there are many attack vectors or pathways used by hackers to exploit system vulnerabilities and gain access to the target. More often than not, the target is a business’ end-user device since that’s the gateway to the crown jewels. Once attackers are inside those devices, they can spread malicious code throughout the company network and steal sensitive data concerning customers, financial information, intellectual property, and more.
Common Types of Attack Vectors
Let’s take a look at the attack vectors cybercriminals favor these days and how Hysolate helps defend against them.
If you’ve ever had emails from seemingly legitimate people or companies asking you to take an action you weren’t planning to do, like clicking on an unknown link or opening a file you didn’t ask for, you’ve likely been a target of phishing. It’s social engineering that relies on people’s innate sense of curiosity and impulse-driven behavior to trick them into seemingly innocuous, but actually quite damaging, actions. The link you click on might take you to a website that automatically downloads malware onto your device. The file you open may inject malicious code.
Phishing accounts for 32% of data breaches and doesn’t show any likelihood of slowing down. A recent report found that total phishing volume rose 40.9 percent over the course of 2018.
How Hysolate Protects Against Phishing Damage
Hysolate splits each end-user device into multiple, local virtual machines, each with its own operating system. Everything an end-user does happens in different operating systems, which run side-by-side with complete separation. To protect against phishing attacks, you run two zones: One for corporate use that includes email, the internet, and enables users to install software; another that’s dedicated for privileged use that is fully locked-down and limited to accessing sensitive data and systems.
Any malicious code that infiltrates the corporate zone via a phishing attack is contained within that operating system. It cannot reach the privileged zone or even see that it exists. For added protection, you also have the option of making the corporate zone non-persistent so that it’s automatically wiped clean at prescribed intervals. It can also be remotely wiped clean, when required, via the central Hysolate management console.
There are many types of malware, including trojans, viruses, and ransomware. What they all have in common is that end-users have to do something in order for the malware to get on their machine, like downloading a pdf or video from a website or opening an email attachment. The files themselves look ‘normal,’ but they contain malicious code that can be used by cybercriminals to steal confidential information or simply wreck havoc in IT and business-critical systems.
How Hysolate Protects Against Malware
Malware that can’t reach your systems and information can’t do damage. Hysolate enables you to restrict activities that can result in malware infections – like browsing the web, downloading files, clicking on email links, installing software – to the corporate zone. Hysolate ensures that malware can’t leave that isolated, corporate operating system. It can’t infect the company’s network or sensitive information. And it can be easily erased by wiping the VM clean.
Man-in-the Middle Attacks
This cyber attack is when a bad actor inserts himself into the communications channel between two trusting parties. It’s a form of eavesdropping. Attackers might use these attacks to steal login credentials and sensitive information, corrupt data, reroute traffic to phishing sites designed to look legitimate, or pass on traffic to its intended destination once data is harvested or recorded.
How Hysolate Protects Against Man-in-the Middle Attacks
Because man-in-the-middle attacks are so hard to spot, best practice is to limit their damage by using segmentation. Hysolate creates segmented zones on the end-user’s device (an open zone and an restricted/sensitive zone) with a virtual air gap between them.
Cross-Site Scripting (XSS) Attacks
This is when malicious code is inserted into a legitimate web site or web application for later execution. When a user visits the site, the scripts are executed in their web browser or local applications. The scripts could capture screenshots, log keystrokes, or remotely access and control the user’s machine.
How Hysolate Protects Against XSS
Hysolate mitigates damage from Cross-Site Scripting attacks just like it does from other attack vectors. If you create the two VMs recommended above, Hysolate will not allow users to browse the web or download applications via the restricted privileged zone, where access to all the information you don’t want hackers to see is located. Any time users try to do so, whether intentionally or mistakenly, they’re automatically redirected to the more open, corporate zone.
Want to future proof your attack mitigation? Learn how Hysolate provides air gap grade network security without restricting user experience. Start your free trial here. Start your free trial here.