Switching to virtual browsers could solve the growing problem of zero-day threats for network defenders, according to an industry cyber expert and a former FBI chief information officer.
In an interview with Defense News, CACI‘s Senior Vice President Zal Azmi said virtual browsers do not store any data on computer hard drives–including cookies or malicious code–which makes it impossible for malware to install itself and impact computer registries. If the virtual browser discovers a threat, it stops functioning and warns the user. It can also shut itself down, get rid of the malware, and launch a new, uninfected browsing session, Azmi added.
Defense News reports CACI has a version in the works of the virtual browser that will send signature information about the threats it finds to intrusion-detection systems, which will record the signatures and then block the malware before it reaches as far as the browser.
Another solution to fend off insider threats would entail a cyber shield, Azmi said, citing as an example the Afghan war documents a U.S. Army intelligence analyst allegedly downloaded from a secure U.S. network and provided to whistle-blower website WikiLeaks. Setting computers not to permit file copying and monitoring network activity more closely would reduce the risk of malevolent insiders, Azmi said.
Additionally, setting USB ports so they do not allow downloading or uploading could prevent data theft on the one hand and network infection on the other. The ports can also be made to alert network operators if someone tries to use them, he said.
In addition to defending networks, the cyber shield would also collect global threat intelligence so NATO network operators know what is happening in cyberspace and are not attacked by surprise assaults, Samuel S. Visner, CSC vice president and cyber lead, told Defense News.