Protect Against Malicious Document and File Downloads

They originate from many sources.

HP security
HP

To do their jobs, users need to be able to download files from external sources. People tend to click on shared documents quickly, averaging less than four minutes from the time they hit the inbox. Malicious downloads enter the organization in many ways, including:

  • Web browsing
  • Clicking on shared links
  • Installing programs
  • Initiating FTP file transfers

Malicious downloads are particularly effective because bad websites are so abundant, short-lived, and contain content that changes frequently to avoid accurate categorization; with unique and polymorphic malware that evade all traditional methods of detection.

Malware distribution by file download is efficient, inexpensive, and always evolving. It can take many forms:

  • Deliberate downloads: User initiates a document or executable file download during normal web browsing.
  • Fake executable updates: User is tricked into downloading a malicious file when visiting a website.
  • Links to documents: User receives a document link in an email or a chat program that prompts for a download of a document that contains malware.
  • URL redirects: Initial link redirects the user to an alternate URL that prompts for a file download.
  • Bad DNS: If the DNS lookup record is compromised, the user may download a malicious file, even if they did nothing wrong.
  • Bogus drivers and utilities: User gets directed to an “unofficial” download site and inadvertently installs malware.
  • Watering-hole attacks: An attacker infects a website that is commonly used by the target and replaces or redirects file downloads.

HP Sure Click Enterprise1 provides a virtual safety net for PC users, even when unknown threats slip past other defenses. Hardware-enforced virtualization isolates high-risk content to protect user PCs, data, and credentials, rendering malware harmless, while IT gets actionable threat intelligence to help strengthen organizational security posture.

Using hardware-enforced isolation, each downloaded document or executable file runs in its own secure container. Malicious threats delivered via file downloads are completely isolated from the host—and from all other applications to prevent cross-contamination. When the application or file is closed, the threat is terminated along with the micro-VM. The full malware kill-chain is shared with all other HP Sure Click Enterprise devices on your network, further hardening the infrastructure and reducing the overall attack surface.

Learn more at https://www.hp.com/enterprisesecurity

1 HP Sure Click Enterprise is sold separately and requires Windows 8 or 10 and Microsoft Internet Explorer, Google Chrome, Chromium or Firefox are supported. Supported attachments include Microsoft Office (Word, Excel, PowerPoint) and PDF files, when Microsoft Office or Adobe Acrobat are installed.

Related:

Copyright © 2021 IDG Communications, Inc.