Trojan Shmojan (or) How to undermine the world’s greatest digital security threat

2015-09-29_FBI

NEWS

Late last month, a US federal court judge sentenced a Russian cyber criminal Dimitry Belorossov to four-and-a-half years in prison. Apparently, the not-so-nice Mr. Belorossov was guilty of using a computer virus to steal money from unwitting victims. His hacking tool of choice was a software program called Citadel. Citadel is a kind of malware known as a Trojan. It fools victims into giving criminals user IDs and passwords. It can also steal other other important information a user types into their device when they’re online.

If you search “Citadel” or “Trojan” online, results will turn up articles about who created them, the lineage of malware, how computer “Trojans” are technically different from “viruses,” and other details that are not relevant for businesses.

Here’s what is important: according to federal prosecutors, the Citadel software has infected approximately 11 million computers worldwide and caused $500 million in financial losses. Clearly, Citadel and malware like it is a global problem. Everyone wants to know how to avoid getting robbed by one of these awful things. If you run an office, you also want to know how to secure your data in case a Trojan wiggles its way into one of your workers’ computers.

There is an elegant solution. But first, we should take a quick look at how Citadel works.

Citadel (and other Trojans) often use a simple three-step process.

  1. Citadel installs itself on your computer. Odds are either you downloaded it when you installed seemingly harmless software or a file; or you went to a hijacked website that automatically installed Citadel on your machine.
  2. Citadel steals your login information. It usually does this in one of two ways. Option one, it knows when you type a particular website destination and forces your browser to a page that looks like that site, but is operated by criminals. Option two, Citadel lets you go to a site but pops up a window that asks for your login information before you can actually login to the site itself.
  3. Once a criminal has your login info, they log in as you and steal from you. Usually they plunder your bank account. Sometimes, criminals will sell your information to someone else.

Now the solution: Secure, cloud-based browsing with Silo.

Citadel and other Trojans steal information that travels through your browser. The online destinations that trigger Citadel to start stealing can be bank sites, social media platforms, or even Web-based applications that contain private customer data. A secure, cloud-based browser like Silo, protects you from a Trojan’s crafty devices in three ways.

1. Silo secures Web connections

Unlike run-of-the-mill Chrome, Firefox, or Safari browsers that run Web sessions on the local device, Silo runs sessions securely in the cloud. The key word here is “securely.” That means even if a device is infected, the secure, cloud-based session blocks the Trojan from seeing anything from the website being visited.

For example, the Trojan might be waiting to activate when it senses that you’re visiting www.bankofamerica.com. But a protected, virtual session on Silo never sends any Web code or details to your device and the Trojan infecting it. All that is received is benign image data, so the Trojan continues to lie in wait, while you complete your banking tasks, unobserved and unharmed.

2. Silo separates your local device from your Web session

Traditionalists look to antivirus software to protect users and their devices from malware. While virus detection is helpful for identifying old vulnerabilities and tactics, it’s a never-ending arms race. There will always be new exploits and malware (or new signatures for old malware). It’s a high-stakes game that the good guys can’t win.

Instead, stop Trojans from stealing your info by rendering them powerless. You can do this by moving your browser activity off your device and into the cloud. Silo does this for you with a virtual browser in a secure container, giving users a "perfect layer of insulation." When your Web sessions run securely in the cloud with Silo, Trojans on your device can’t pull off any of their tricks, e.g. URL redirects, keylogging, webcode inserts, or video capture.

3. Silo handles logging in for you

Silo protects your users from accidentally giving away login credentials by keeping them a secret -- even from themselves. Silo stores encrypted IDs and passwords and auto-fills them on the correct websites. Even keyloggers and screenscrapers are rendered useless because the credentials are never stored or entered from the local device: they are inserted in the secure, virtual session in the cloud.

No pop-up page or camouflaged website can take login credentials from innocent victims because the would-be victims don’t know them. If you don’t know your own passwords, you can’t be phished.

Perfect insulation and robust policy controls give IT the upper hand

Equipped with secure cloud-based connections, a perfect layer of insulation, and secure login credentials, Silo is the best way to separate your browsing from your device. Armed with that critical separation, Trojans like Citadel are no longer a serious threat to you and your employees.