Moving Target Defense Blog

With more people working from home than ever before in history, virtual desktop infrastructures have arisen as a fast and cost-effective method to ensure that remote workers can access the applications they need from wherever they are. In fact, VDI use might soon increase, as Gartner recently found that 74 percent of CFOs intend to shift some positions to working from home permanently because of increased efficiencies. 

How do you steal something that doesn’t exist? That’s the thinking behind the widespread fallacy that virtual desktop infrastructure (VDI) is more secure than physical desktops.

An Infostealer is a trojan that is designed to gather and exfiltrate private and sensitive information from a target system. There is a large variety of info stealers active in the wild, some are independent and some act as a modular part of a larger task such as a Banking Trojan (Trickbot) or a RAT.

Introduction

The Agent Tesla infostealer has been around since 2014. During the last two to three years, it's also had a significant distribution growth factor partially due to the fact that cracked versions of it have been leaked.

It’s not hard to understand the concept of proactive cyber defense: acting in anticipation of an attack against a computer or network. The goal is getting in front of attacks by evading, outwitting, or neutralizing them early instead of waiting for the damage to start like reactive cyber defenses.

It’s also not hard to understand the benefits of being proactive: preventing the negative effects of cyber attacks instead of trying to minimize the damage. The only thing hard to understand is why every company doesn’t practice proactive cyber defense already?

Available anytime and capable of being run from anywhere, cloud computing provides a perfect solution to operational challenges posed by the COVID-19 pandemic. With public and hybrid cloud use rising across every sector, dramatically increased uptake of cloud technology quickly became one of the more benign changes brought about this year.

Virtual desktop infrastructure (VDI) felt like a lifeline at the start of the Coronavirus pandemic. As offices rushed to close down and companies scrambled to operate remotely, those with VDI found the process to be surprisingly seamless. People didn’t have to bring the office home with them or make do with incomplete data and insufficient tools. Instead, they simply had to login to a portal to access a virtual copy of their own office desktop. The setting may have changed, but thanks to VDI, the workflows carried on as always.

The coronavirus pandemic has forced companies to experiment with remote work in ways they never had before. For many, working from home was the only viable option for weeks or months due to mandatory shutdown orders and grave public health concerns. But that doesn’t explain why 74% of the CFOs recently surveyed by Gartner plan to make some positions permanently remote even after the pandemic ends.

Increasing numbers of headline-grabbing ransomware attacks are a concerning trend. They also point to a strong possibility that many organizations are falling behind threat actors in the cybersecurity arms race. As they fail to reassess their approaches to cybersecurity, organizations open themselves up to attacks that can be devastating and, in some cases, life-threatening.

The recent leap towards cloud computing has fast-forwarded digital transformation for countless organizations. What there hasn’t been, however, is a corresponding improvement in the ability of organizations to secure the cloud. In fact, as more companies rely on the cloud to maintain their operations, they also risk accruing a cybersecurity deficit. In a survey conducted in February, over 60 percent of cybersecurity professionals indicated that their cloud implementation was already beyond their abilities to reliable secure these environments.