Protect your PCs from the Wolf
While nothing is ever truly safe, you can mitigate the potential damage.
Traditional security can no longer protect you in an era of more sophisticated, targeted attacks. Cyber-criminals are growing smarter, exploiting every weakness in your network, your hardware, your systems and your software. They're growing more adept at pressing the psychological buttons that make your own employees give them access to your network, often through their own laptops and PCs.
Against such threats, organisations need to move away from a security model focused on guarding the perimeter and towards a multi-layered approach that protects PCs, laptops and your data against the widest range of attacks, while delivering robust authentication and enabling systems to self-heal. That demands a complete security ecosystem, bringing hardware, software and services together in one coherent platform, which is why HP has worked to create exactly that.
New trends, new threats
For all the great security technology and services out there and for all the work from IT security bodies and law enforcement the threats posed by cyber-criminals are not diminishing. May 2017's Symantec Security Alert saw the number of Web-based attacks reach their highest peak since 2015. One in every 422 emails sent contains malware, while over one in 3,000 emails is a phishing attack.
What's more, some disturbing new trends are emerging. Hackers are combining phishing emails with ransomware attacks, attacking corporate systems and encrypting corporate data until the ransom's paid. According to McAfee's 2017 Threat Predictions report, hardware and particularly firmware are under threat from more sophisticated attacks. As the report says, Hardware and firmware are complex targets, but successful attacks on them offer adversaries ultimate persistence, significant stealth, access to a great variety of hardware resources, and the ability to implant backdoors into systems' software stacks.'
The same report suggests that authentication schemes will continue to be a weakness, and that many attacks will focus first on credential theft, with administrator accounts a prized target as they provide such scope for follow-on attacks. Beyond this, vulnerabilities in the cloud and the gaps between different layers of cloud-based infrastructure could give hackers new opportunities both to steal data and to scale up their attacks on corporate networks. Third-party and fourth-party attacks, hitting service vendors and the companies that provide key services to them, are also on the rise.
While Internet-based attacks are growing more sophisticated, we shouldn't forget more physical intrusions, either. Many workplace laptops and PCs are vulnerable when unattended all it takes is malware on a USB stick or quickly installed from an online source, and either insiders or visitors could be involved. In some cases, cyber criminals actively recruit employees, turning them into malicious insider threats.
Perhaps most worryingly, it's not always the big, obvious attacks that get you the ones that immediately bring systems crashing down but the ones that give hackers access to your PCs and your networks over longer periods; the so-called Advanced Persistent Threat (APT). Bespoke malware and file-less malware are making it easier for hackers to get into networks and stay there undetected, working slowly to subvert new systems and open up new channels for future attacks. These threats might not even involve stealing data, but tampering with it, changing software or altering databases and accounts with effects you won't see until the damage is done.
In 2015, for example, hackers attacked three Ukrainian energy distribution companies with a combination of malware and phishing emails, then spent six months stealing credentials, altering network configurations, overwriting the firmware on business-critical systems and erasing all signs of their activities. They weren't merely able to shut the companies down, disrupting energy supply, but even launch Denial of Service attacks on helplines to prevent customers reporting the outage.
This kind of sophisticated, multi-layered attack requires an equally sophisticated, multi-layered defence, where PC and device security play a crucial role. It's not just a question of measures that can fend off malware, but of measures that can recognise an attack and take steps to remediate it, rapidly and preferably automatically. What's more, there are new solutions that make it easier to authenticate securely and protect laptops and PCs when their users are away. Combine these with management tools that help IT teams harden PCs and ensure security, and you have PCs that are protected against these more sophisticated threats. You'll find the following technologies inside HP's EliteBook laptops and Elite business PCs.
Protecting the BIOS
Now in its third generation, HP SureStart checks during start-up for signs that the BIOS the firmware that controls configuration and fundamental services - has been tampered with, then restores it to a known golden' version in the event it detects an unauthorised change. Allied with Run-time intrusion detection, protecting system memory from malware, and BIOS whitelisting, which prevents hacked firmware being installed. These technologies don't just protect your PC from attack, but ensure it recovers automatically.
Nobody can watch their laptop or PC 24/7, and there are always systems within reach of unauthorised users which go unguarded for several minutes at a time. HP WorkWise acts like a bodyguard, combining PC software with a smartphone app that can be configured to lock your PC automatically while you're away from your desk, unlocking automatically on your return, or which can be used to lock or shut-down your PC remotely if you're suddenly called away. WorkWise can also inform you of access attempts or any tampering, even alerting you if your laptop or your mouse is moved, a cable disconnected or a laptop lid shut.
Meanwhile, HP Client Security Gen 3 gives PCs another layer of protection against unauthorised use, supporting multi-factor authentication, secure device access, rigorous password management and the protection of keys, passwords and certificates using a high-security Trusted Platform Module (TPM) as used by banks and government agencies around the world.
Protecting the browser
HP's Sure Click technology, rolling out across Elite devices over the next six months, adds a new hardware-enforced layer of security to the Web browser. It puts each website in its own isolated, virtualised browser session where it can't impact other tabs or the system itself. With Sure Click, an employee clicking on a link in a phishing email shouldn't cause a catastrophe. The most common cross-site attacks should no longer be a threat.
HP also provides tools that make it easier for IT teams to maintain a strong security strategy even across large, disparate fleets of laptops and PCs. HP's Manageability Integration Kit helps speed up the creation of system images and the configuration of hardware, firmware and software, working through Microsoft System Center Configuration Manager. HP Image Assistant runs diagnostics on system images, identifies potential vulnerabilities and provides advice on fixing them, so that every laptop or PC you roll out is as secure as it can be.
Fighting off the Wolf and his brethren will never be easy; they move fast and are quick to find new weaknesses. Yet, by using these technologies and taking a more holistic approach to PC security you can ensure that you're not the easiest prey.