Virtual meeting hijackers may be thwarted via remote browser isolation

Cybercriminals continue to target virtual meetings as a means of disseminating ransomware, including account takeover assaults based on animated GIFs. Zoom has agreed to pay $85 million to its consumers who have been the victims of a zoom bombing earlier this week. Zoom has also pledged to stepping up its efforts to prevent malware and account takeover attempts from being sent over chat on its platform by cyberattackers. Zoom. As part of a lawsuit settlement reached earlier this week, the corporation has also agreed to create extra security and privacy measures. Cyberattackers continue to target the Web, and virtual meetings’ increasing security has been an obvious target since the epidemic became a need.

Many CISOs were sceptical about the initial generation of virtual meeting platforms prior to the pandemic’s commencement. One of the reasons virtual meeting platforms didn’t spread quicker before the pandemic was the ability of cyberattackers to conceal malware in HTML, JavaScript and browser code and then conduct assaults against insecure endpoints. Cyberattackers may laterally roam across an enterprise’s network to execute new malware assaults or impersonate senior management and swindle the firm after an endpoint has been hacked.

The sophistication of cyberattacks is increasing

Using GIF graphics to execute worm-based assaults into corporate accounts using Microsoft Teams reveals how advanced these attacks are. In order for authtoken cookie data to be exchanged with a hacked subdomain, users simply had to view the GIF in Team CyberArk’s recent blog article on how cyberattackers successfully leveraged a GIF message to transmit a worm-like malware strain across companies demonstrates how exposed anybody utilising Teams and Microsoft-based products is to attack.

It was shown in CyberArk’s blog post that a cyberattacker might penetrate an entire corporation and obtain access to privileged, secret data if Microsoft didn’t reply soon enough. It’s no longer necessary for cyberattackers to get privileged access credentials to enjoy the advantages of hacking into virtual meetings.

The GIF-based assault is shown in the following image.

Cyberattackers’ ingenious use of GIFs to launch a worm-like attack on enterprises via Microsoft Teams shows the level of effort bad actors will make in comprising virtual meeting platforms for gain. Source: CyberArk, Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams

Why remote browser isolation is effective is a question that many people have

Zoom and other platform providers started installing a remote web server on users’ devices as a plan to secure and establish more collaborative virtual meeting platforms concurrently. They were swiftly rectified by Zoom while Apple quietly updated their systems to ban Zoom’s service. As the cost of the lawsuit settlement rises, Zoom’s security measures will need to be tightened more. Virtual meeting solutions must strive to strike a balance between security, speed, and responsiveness while also allowing for remote participation. For a long time, many businesses were reluctant to abandon their sluggish and inefficient traditional teleconferencing systems in favour of Zoom or other platforms because of the potential security risks.

There has been a dramatic increase in the use of virtual and hybrid teams since the beginning of the epidemic, and this trend is expected to continue. Supporting the proliferation of personal, unmanaged devices is difficult for CISOs and CIOs.

As enterprises seek to introduce a zero-trust security strategy to all online sessions, Remote Browser Isolation (RBI) has grown in popularity over the last two years. An enterprise’s IT stack may be a big risk if there is a trust gap, therefore zero trust tries to remove the need for trusted interactions. This means that companies like Forcepoint, McAfee, and Zscaler have just added RBI to their products to join the likes of Ericom and Authentic8 in the field of business cybersecurity. As a result, Ericom has emerged as the only company capable of ensuring virtual meetings throughout the world, regardless of the size or scope of the company. It has submitted a patent application for its technological advancements in this field.

As opposed to clients that lack security and may create software conflicts on endpoints, RBI is proving to be a more secure option. The URL for a virtual meeting is opened in a cloud-based container that is segregated from the rest of the internet. Media streams are synchronised with endpoint devices via virtual devices such as a microphone, camera, or desktop.

The container streams only secure rendering data representing the media of isolated users to the endpoint browsers of participants. Other participants’ material is safely rendered for isolated users as well. When a virtual meeting session finishes, the isolated container and all of its contents are deleted. Users’ screen sharing and chat capabilities are also restricted by corporate restrictions. Participants’ browsers do not save any photos, videos, or audio from meetings, so they cannot be accessed or shared after the meeting. Additionally, malware-enabled recording of sessions is prevented by the solution.

Using a cautionary story as a springboard for action

Teams are able to collaborate, create, and complete difficult projects more effectively with the use of virtual meetings. CIOs and CISOs who support virtual meeting technologies must keep an eye on the security dangers posed by downloadable clients of virtual meeting platforms. There hasn’t been a good method to keep them safe until now. When virtual meeting platforms come up in discussion, every CIO I know mentions Zoom’s choice to load web servers on users’ computers as a warning story.

As a result of the ability to segregate virtual meetings, CIOs and CISOs who desire a solution that can grow across unmanaged devices may relax. A zero-trust approach to defending every potential attack surface and decreasing overall corporate risk has propelled endpoint security forward in lockstep with RBI throughout the epidemic. As a consequence, a sound endpoint security strategy for businesses must now include safeguarding virtual meetings.