How do remote browsers protect against ransomware?

The cybersecurity threat landscape is at its most dangerous. Cyber gangs are allowed to roam freely in certain states while advancements in technology are making it easier for cybercriminals to target organisations and individuals on an enormous scale. And cybercrime keeps becoming ever-more lucrative. With trillions of dollars' worth of damage coming from malicious cyber activity every year, cybercrime has quickly become the costliest crime globally and is showing no signs of slowing down. 

In this current climate, the need for protection is critical for businesses. However, choosing the right solution can be challenging, especially considering the number of tools, products and services available. 

One solution that mitigates many of the current risks facing businesses of all sizes today, but many don’t know about, are remote browsers. 

What is a remote browser? 

Put simply, a remote browser is a browser that never runs on your devices, and instead operates on a cloud/virtual machine. Whatever you choose to visit using this virtual browser is then translated to your device by displaying pixels of code on your screen. For the user, it will appear that you are interacting with sites and applications on your device, however you are always one step removed. The virtual environment that this remote browser operates in is called a sandbox. Sandboxed environments are temporary networks which take on all of the risk for you. 

How do remote browsers and sandboxes protect you? 

When accessing data, whether that be through the web, applications, or via channels like emails or texts, there is an inherent risk. When this data comes from an unknown source, or you’re visiting more dangerous areas of the web, for example, this risk increases massively. What remote browsers and sandboxes allow you to do is open attachments or download files without having to put your device, and network, at risk. 

If ransomware is downloaded to a remote browser, it will infect the sandbox. However, that environment, which is running virtually on a remote browser, isn’t attached to you in any way. This removes all of your risk. 

The reason this is so good at warding off ransomware, is that ransomware works by infecting machines, devices and environments with malware. This malware will then usually encrypt and export a company’s data, with the aim of making it difficult for that business to operate, forcing its leaders to pay a ransom for the data to be returned or ‘unlocked’.  

With sandboxes and remote browsers, this isn’t possible. The ransomware will rush into the sandbox, infect it, but then have nothing to steal and nothing to encrypt, with no way to move laterally to your wider network. 

Why is this more effective than other cybersecurity measures? 

When it comes to cybersecurity, it is impossible to completely nullify risk. There will always be a way in for attackers, it just depends on how much time, money and effort they are willing to invest in breaking down your defenses. However, what’s crucial is that you don’t make it easy for them. 

The most common attack technique used by malicious cyber gangs is phishing. Phishing involves email or other communication campaigns which encourage people to click on links or download files which contain malicious code, or malware. 

The reason this is so popular is that it’s cheap and easy to run a phishing campaign for attackers. All they need to do is purchase off-the-shelf ransomware code, set up a mailing campaign to a list of email addresses, and hope that someone clicks on their link. It’s also very effective, and unfortunately for businesses, human error continues to be the leading cause of breaches. A recent study from Stanford University found that around 88% of data breaches are caused by human error. This is because of the scale of the phishing problem we face, and because in pressured environments such as busy businesses, people are more likely to make a mistake. 

While lots of the current cybersecurity processes and products available on the market do lower these risks posed by attackers, they are often not absolute. Sandboxes are, however, when used alongside virtual machines and remote browsers. 

How can I integrate remote browsers into my operating model? 

Remote browser integration doesn’t need to be complex, however it does require an overhaul in the way your employees access the web. 

Remote browsers such as OIS act as a browser application for users. This means that, if your employees continue to use Chrome or Edge after you install a remote browser, they won’t be protected. That is why organisational buy-in is key, and again highlights why so many attacks are caused by human error; often, even when businesses are protected, they become vulnerable because of decisions made by their staff. 

Remote browsers are just one of the solutions available to business leaders, small and large, looking to improve their cybersecurity posture. However, despite their effectiveness, many still aren’t aware of them and their benefits. This is a technology which all business owners and decision makers must consider, especially with emerging technologies such as AI making it easier than ever for malicious cybercriminals to target organisations. 

Tom Kidwell is the Co-founder of Ecliptic Dynamics, an internet infrastructure security specialist that provides security, privacy, and data protection through its web isolation platform and virtual desktop infrastructure.