Loading...
Content: all pages

 

Technological Insights Cyberwall for Endpoints

Why browser security and privacy require new tools

 

Online activities can be tracked and analysed due to browsers.

Browsers allow to track online activities. Browsers reveal data such as IP addresses, login credentials, and even mouse movements and typing behaviour. Browser data is the fuel for web analytic techniques designed to trace single employees, expert teams and organizations. Visited pages, search keywords and online behaviour reveal actionable information about organizational structures, potential clients and intellectual property. Industrial Espionage in the age of Cyber warfare is an uncontained threat, with web browsers beeing the prominent source of organizational information.

By analysing information gathered using sophisticated web tracking techniques, critical information is obtained. Corporate strategies, technological innovation, research projects, sensible client information or research data are exposed to an unknown number of third parties. Organizations employing such web analytics are often global intelligence services, organized crime, ad tech companies, as well as competitors from all over the world. In many cases, these actors also share or even sell information.

Browsers can be hacked.


In 2014 alone, 1.035 new exploits were found in the top-5 browsers (+42% vs. 2013). 

 

Secunia Vulnerability Review 2015

Browsers have become more and more complex over the years. And with increased complexity, there is a rising number of ever more new forms of malware targeting browsers. In 2014 alone, 1.035 new exploits were found in the top-5 browsers (+42% vs. 2013). Most of them were rated as critical. Common web content (e.g. JavaScript, Plugins, etc.) might include malicious code to infect web browsers and end-user devices over the Internet. Once the end-user device is hijacked, outsiders can use it to further hack into organizational networks.

And common security architectures are insufficient when it comes to browsers.

Regarding tracking and analysis of online activities: Most of the traditional security solutions are simply not designed to keep web activities private. The web is an open network using an unmanageable number of technologies modern browsers need to support. For these reasons there is an almost unlimited number of ways to identify and track web users.

Regarding network intrusion via browsers: Common security architectures are not designed to cope with the often unknown threats. Zero-day and targeted attacks can often pass detection-based security solutions - simply because they make use of unknown or not yet patched vulnerabilities in browsers or because the illicit domain isn't listed in any filter database.

Detection-based approaches have proven to be ineffective in the case of browser based attacks. Today over 40% of all successful cyber-attacks exploit browsers. To make things worse, detection-based solutions produce large operational overhead: to deploy security patches, to chase false positives, to identify as well as trace intrusions and to reimage hijacked devices.

Today, browser vulnerabilities are the most important element in modern cyber attacks

 

Alt

 

40% of successful network intrusions involve web browsers as central point of attack.

Browsers at endpoints are the central weakness in organizations' IT security. Cyberwall can be used as remote browsing proxy for effective and cost-saving browser isolation, greatly reducing your attack surface.

Traditional security solutions are no longer sufficient to protect browsers when surfing the internet. Common security architectures are not designed to cope with the often unknown threats. Zero-day and targeted attacks can often pass by detection-based protection - simply because they make use of unknown or not yet patched vulnerabilities in browsers. Detection-based approaches have proven to be ineffective in the case of browser based attacks. Today over 40% of all successful cyber-attacks exploit browsers. 

To make things worse, detection-based solutions produce large operational overhead: to deploy security patches, to chase false positives, to identify as well as trace intrusions and to reimage hijacked devices.

Vulnerabilities in web browsers are being exploited by hackers and criminal organisations to attack companies on a daily basis. Employees are lured onto manipulated websites (“phishing”) where their browser becomes infected. Usually a single breach of security will suffice for attackers to gain control over the PC or mobile device. This way systems become infected by viruses, malware is distributed and data gets stolen from companies and organisations.

Cyberwall disables browser-based attacks by executing all client-side code at remote servers

 

Alt

 

SOLVING THE ROOT CAUSE OF BROWSER VULNERABILITY

The obvious solution is to remove the browser from the corporate network – leaving the browser outside the Firewall means that PC’s and mobile devices can’t be infected. The concept of a remote browser separates the Internet from the company intranet: Web attacks through an infected browser are thwarted as attackers are stuck in the virtual machine of the browser appliance outside of your network.

CYBERWALL ISOLATES UNTRUSTED WEB CONTENT THROUGH HTML5 STREAMING
The virtual browsing engine of Cyberwall executes websites outside of the corporate firewall and network. Only the resulting, simple and safe code that's used for displaying is streamed to the user device. No untrusted JavaScript code reaches the endpoint. The result is highly secure protection against known and unknown forms of web attacks. Hackers simply can't infect the user device when browsing the web or when opening malicious links and emails.

A new class of web protection: effective separation of rendering and display of web content through html5-streaming

The browser is executed within a virtual machine running at in an isolated environment. The remote browsing engine executes web sessions including all Javascript elements (illustration: left browser). The rendered web content is then streamed to the normal browser at the end user device (illustration: right browser). The streaming is based on a proprietary protocol. End user devices aren't connecting to the web directly, all rendering is done remotely in a trusted environment.

Alt

Innovative shielding from
privacy breaches and web tracking

Even sophisticated privacy measures such as typing analysis, mouse-movement tracking, browser-fingerprinting, cookies and IP-based tracking are prevented. Your users get a new browser for every session. This makes it impossible to follow personal tracks through browser tracking.

Cyberwall immunizes individual users
and complete networks

The Cyberwall immunization platform shields users and networks against known and unknown threats through web browsing. Drive-by malware worms, viruses and other threads are kept out. Your browser is immunized against web attacks.

Cyberwall is super-easy to use,
and also super fast

Unlike Terminal Server based solutions, you won't be needing any additional software. Our technology allows to do this directly inside web browsers you are already used to. A JavaScript thin-clients is used to connect to the remote browsing engine.

Multiple options for simple integration and deployment

Set Cyberwall as your homepage, proxy server or default search provider and protect your web sessions on the fly. You just use the browser you are most comfortable with. Due to our innovative caching algorithms, web sessions are actually accelerated.

Runs in the background of common browsers

The solution is virtually transparent to end users, meaning the user experience is unchanged. Depending on the configuration, parts of the platform can be made visible to provide a better feeling of security and privacy to the users. There is no training required, since users don't need to change the way they are using the browsers. Websites work as usual, browser functionalities are preserved.

Integrates into existing security architectures

Cyberwall can be integrated with existing security architectures and combined with up- or downstream proxies. Traffic can be forwarded using HTTP-redirects, proxy configuration (PAC) or by URL-rewrites happening in existing web security gateways or web security services. It is the first complete installation-free web security solution which can be activated by just changing a link.

True isolation of web applications and end-users through HTML5-streaming

Cyberwall means highly effective safeguard against known and unknown web attacks. Its protection is set on a higher level than rule-based solutions - as for example Web Application Firewalls. Due to the innovative web application streaming approach, a complete immunization is achieved directly at the application level.

Competitive total cost of ownership

In comparison to other security solutions, Cyberwall runs on any infrastrucutre or cloud and doesn't require special hardware. A key cost advantage: The platform is a stand-alone solution, i.e. it does not require additional systems as support or environment. It simply seals the browser. Also, Cyberwall does not need much ongoing maintenance, monitoring or chasing False Positives. It is designed to work quietly and reduce workload for IT departments.

High-performance, client-less web isolation service compatible with modern browsers (JavaScript client)

 

Run all client-side code outside of your corporate firewall

Alt

Key benefits at a glance

 

SAFE SURFING

  • Protected against browser exploits
  • Protected against Zero-day attacks
  • Signature-less, immunization instead of detection
  • Clients can't be infected through the web

PRIVATE BROWSING

  • Fully randomized online ID
  • No tracking possible
  • Your online activities stay fully private

ALL COMMON BROWSERS

  • Internet Explorer 10+
  • Chrome 24+, Firefox18+
  • Safari 4+, Opera 16+
  • Android Browsers since 4.0
  • Safari Mobile, Windows Phone, Blackberry

NO SOFTWARE TO INSTALL

  • 100% HTML5
  • Proxy set up as windows group policy
  • Scalable deployment via your own .pac file

USER FRIENDLY ACCESS

  • Almost 100% native speed
  • Loading times can be improved due to traffic compression
  • Users remain in familiar browser

SUPPORTS EXISTING ARCHITECTURES

  • Can be integrated into existing proxy-chains
  • Third party solutions such as download scanners can be integrated
  • Multiple Cyberwall appliances can be locally distributed within one organization

FOR DESKTOP AND MOBILE

  • Protects mobile devices and tablets
  • No terminal server solution (VNC/RDP/Citrix)
  • Works on all modern devices

 

Further resources

 

See downloads

 

Schedule a demo

 

Get in touch

Web browsers have become the central point of attack into corporate networks

 

Alt
Source: 2015 Black Hat Attendee Survey

BROWSER RELATED THREATS ARE A TOP CONCERN FOR IT SECURITY PROFESSIONALS

Phishing, social network exploits or other forms of social engineering, 80%
Sophisticated attacks targeted directly at organization, 90%
Espionage or surveillance by foreign governments or competitors, 85%
Attacks or exploits on cloud services, applications, or storage systems used by my organization, 75%

The browser is the central point of attack for cyber espionage. Browser Fingerprinting provides cyber espionage with an abundance of data about corporate web activities, which is then used to gather information about target networks.

40% of all successful network intrusions are possible due to security holes in browsers. In 2014 alone, 1.035 new exploits were found in the top-5 browsers (+42% vs. 2013). Nearly as many weaknesses were found in only 5 browsers, as in the 50 most commonly used corporate software applications (1.348 weaknesses; Source: Secunia 2014).