Another week, another security vulnerability in the headlines. This one is especially bad and extremely widespread. Meltdown and Spectre leverage flaws in processors from Intel, AMD, and ARM-licensed processors that enable a variety of sophisticated cyber-attacks. For these vulnerabilities to be exploited, an attacker must be able to load or construct a specific sequence of instructions on the target system, which is already a common occurrence with application malware today. Unfortunately, the scope of these vulnerabilities and the fact that they exploit weaknesses directly on processors means there are some hard truths to keep in mind.
Reality number one: no software-based cyber security solution can completely mitigate the threats that these newly discovered vulnerabilities have created.
Reality number two: this is just the beginning of these side-channel attacks. Attackers are getting increasingly sophisticated about circumventing current security methodologies, studying all aspects of hardware and software to detect and capitalize on vulnerabilities faster than ever before.
While enterprises have been working to mitigate the apparent threats via released patches from Microsoft and others, it’s been a wake-up call to many that a new approach to cybersecurity is needed.
The Implications on AppGuard and EdgeGuard
AppGuard for endpoint security provides a new level of protection that doesn’t focus on the detection of malware, but rather on the prevention. It prevents breaches from occurring by disrupting the earliest and subsequent stages of cyberattacks that are undetectable by other endpoint cybersecurity solutions. AppGuard prevents malware from detonating without requiring scanning, updates, or signature-based detection.
Since attacks are stopped at the first stage, most of the attack vectors used to trigger Spectre and Meltdown are halted. Other tools only act after malicious code detonates. This not only exposes endpoints to greater harm but also increases the amount of IT resources needed in the enterprise.
We extend that unique security to remote access with our EdgeGuard solution, enabling users to turn almost any laptop or desktop into a trusted terminal. Here’s a quick look at the implications of Spectre and Meltdown on those devices as well.
EdgeGuard may provide the best enterprise protection from end-point PCs with this vulnerability. Even if the native OS software has been previously subverted, EdgeGuard loads its own OS and user application. The EdgeGuard design excludes the execution of externally introduced software that could use Spectre/Meltdown vulnerabilities to attack EdgeGuard during the user session, which in turn could harm the enterprise.
With EdgeGuard, any prior successful attacks on the underlying PC are made irrelevant for the duration of the session because the device is isolated from the underlying operating system. EdgeGuard includes its own host OS as well as the virtual RemoteLink and virtual desktop thin client that provides the end-user interface into enterprise servers. It creates a formidable barrier to establishing the attack precondition for a chosen code execution. All components are stateless and the boot media is never written to, with the end user left with no means to load and execute programs locally.
Cybercrime damage costs will hit $6 trillion annually by 2021. We continue to believe, as do our customers, that Blue Ridge Networks solutions provide the most robust security available against current and evolving threats. We’re simply more secure and the proof is the results. In 20 years of providing cybersecurity solutions, there has been not one reported breach of our solutions.
Interested in learning more? Contact us to speak with a cybersecurity expert today.