How Isolation could prevent the next WannaCry

Last month, Microsoft issued 79 patches and among these patches was one for an old Windows XP operating system, which was officially abandoned by Microsoft 5 years ago. The last time Microsoft released an update like this was months before the WannaCry ransomware attacks of 2017 wreaked havoc. Even Microsoft warned of the similarities with Simon Pope, director of incident response for the Microsoft Security Response Center writing, “Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

Windows users who have updated to Windows 8 will not be affected, but there are many who have not installed the patch. In fact, there are still nearly a million Windows XP users who are at risk. While the obvious explanation is to patch the vulnerability or update their systems, many of these users are not going to go the extra lengths to seek out the patch and install it on an old computer. Enterprises are especially a cause for concern. For many of the businesses running Windows XP, these patches and updates aren’t considered a priority, or due to operational obstacles, the patch is not always easy, and can sometimes interrupt critical processes.

Without the patch however, attackers have many ways in which they could exploit the vulnerability: malware and phishing included. Instead, users can protect themselves from ever downloading any malware in the first place by adopting a Zero Trust Internet.  This can be achieved with Internet isolation, which removes the browsing process from the desktop and moves it to the cloud, effectively creating an “air gap” between the Internet and enterprise networks. Internet isolation separates an enterprise network from the Internet so that attackers can never gain a foothold and therefore, malware is kept off of end points. Additionally, Internet isolation never disrupts the user experience and web pages look identical to how they would normally only there is zero risk of malware exploiting vulnerabilities. All email and web traffic goes through this isolation layer where the content is visible but never actually downloaded to the endpoint. This new way of thinking about security, gives organizations the freedom to patch when it is convenient for them and not have to worry about the severe consequences.

To learn more about how cybercriminals are exploiting traditional measures of trust on the web, please download our State of the Web First Half 2018 report and for more information on Menlo Security’s Isolation Platform and to better understand the business case for web isolation, please download our Business Case Web Isolation white paper.