Stop Malicious Email Attachments

Email is part of the lifeblood of governmental operations, and attachments are a central part of that flow. But skillful bad actors can hide malicious payloads in what look like innocuous documents, and people often open them because they look safe. It takes just a single click by anyone in your agency to put data at risk.

The solution is adding a zero-trust approach to security that improves productivity without forcing employees to change their workflow and lets them do their jobs the way they’re used to—including opening email attachments.

EMAIL IS AN UNAVOIDABLE VECTOR FOR MALWARE

Ransomware and other malware are commonly delivered via weaponized documents that are sent through email. Cyber criminals do this because it works. From 2018 to October 2022, ransomware attacks on U.S. government organizations cost over $70 billion, one estimate shows.1

Legitimate applications — many expressly whitelisted, including Microsoft Office 365 for Government — can also be exploited to bypass layered defenses and gain an organizational foothold from a single compromised host.

Despite promising advancements in malware detection, steady improvements in secure email gateways and an increase in user awareness training, malicious email attachments are still making it past all defenses, leading to data breach, loss and even destruction.

Today’s sophisticated, email-borne malware simply overwhelms traditional detect-to-protect defenses. But a transparent zero-trust solution, one that adds no burden on end users, can help keep malware from getting close to servers to begin with.

The numbers are in —

• 80%+ of data breaches are caused by human error²
• 35% of all ransomware incidents involved the use of email²
• 14% - The average number of malicious emails employees get per year³

HP SURE CLICK ENTERPRISE USES APPLICATION ISOLATION TO STOP MALWARE

Adding a zero-trust layer of security to your existing suite isolates high-risk content and gives users a virtual safety net from known and unknown threats. Using virtualization-based security, HP Sure Click Enterprise4 opens email attachments in an isolated micro virtual machine (micro VM) on your endpoints, so malware can launch and run but never has access to the endpoint or the network. Malware is essentially trapped, rendering it harmless while providing actionable insights to help strengthen your agency’s security posture.

MALWARE BY EMAIL IS CHEAP, EFFICIENT AND EVOLVING

Here’s how cyber criminals victimize your users:

• Ransomware: Encrypts the data on a victim’s PC with a symmetric key, forcing the victim to pay a ransom or lose access to their data (or both) primarily delivered via malicious documents
• Macro-enabled Trojans: Malicious binaries, dropped onto a host, which then communicate with remote command-and-control servers for additional instructions and downloads
• Fileless malware: Abuses tools such as PowerShell to execute commands without dropping any files on the host
• Malicious links: Malicious links in otherwise benign emails slip through layered defenses and result in a drive-by download or a browser exploit

PROTECTION BEFORE DETECTION

Contain email attachments

Open every email attachment in an isolated micro VM. If malware is served, it is contained and cannot access the host, and the network is not at risk.

Streamline IT security and reduce costs

Drastically reduce triage time and stop wasting resources on false positives with HP Sure Click Enterprise’s high-fidelity alerts. Eliminate reimaging, rebuilds and emergency patching.

Share real-time threat intelligence

Adaptive intelligence identifies and stops evasive attacks, shares real-time threat data across your network and delivers full kill-chain analysis.

Achieve lasting protection with hardware-enforced security

Only HP Sure Click Enterprise uses virtualization-based security to deliver hardware-enforced application isolation. Protect against unknown threats and polymorphic malware that easily slip past even the most advanced detection tools.

LEARN MORE AT HP.COM/WOLF

¹ Comparitech, “Ransomware attacks on US government organizations cost over $70bn from 2018 to October 2022,” Nov. 9, 2022.

² Verizon, “2022 Data Breach Investigations Report (DBIR),” accessed January 5, 2023, https://www.verizon.com/business/resources/reports/dbir/

³  Tessian, “Must-Know Phishing Statistics: Updated 2022,” Jan. 12, 2022, https://www.tessian.com/blog/phishing-statistics-2020/

⁴ HP Sure Click Enterprise is sold separately. Supported attachments include Microsoft Office (Word, Excel, PowerPoint) and PDF files, when Microsoft Office or Adobe Acrobat are installed. For full system requirements, please visit HP Sure Access Enterprise and HP Sure Click Enterprise system requirements at: https://enterprisesecurity.hp.com/s/article/System-Requirements-for-HP-Sure-Access-Enterprise