Summer’s Over, But the HEAT is On
TD Synnex Public Sector’s Chief Cybersecurity Technologist, Don Maclean sat down with Mark Guntrip, Senior Director of Security Strategy at Menlo Security, to discuss one of the latest emergent security threats.
Highly Evasive Adaptive Threat (HEAT) attacks, target web browsers as their primary attack vector. Once the attack gains access, it employs techniques that evade multiple layers of protection such as firewalls, secure web gateways, sandbox analysis, URL reputation, and phishing detection. Guntrip says that standard detect-and-respond safeguards are inadequate when dealing with HEAT attacks. Because HEAT attacks adapt to the target environment, once they gain initial access, they can compromise login credentials or deploy malware. Threat blocking models that provide a “strong front door” are essential.[1] According to Menlo Security, HEAT attacks increased by more than 200 percent in 2021 and a similar increase is expected for 2022.[2] Analysis of more than half a million malicious URLs revealed that 69 percent leveraged HEAT attacks.
The ongoing shift to remote and hybrid work models, due in large part to the global COVID pandemic, presents challenges as well as benefits. According to a Forrester Consulting survey employees spend 75 percent of their time online,[3] mainly within a web browser. Attackers have adapted their techniques to exploit this shift, using browsers and SaaS applications as an attack vector and evading the static protections built into current security stacks. HEAT attacks can evade traditional defenses, such as antivirus, endpoint protection, sandboxes, and application and cloud firewalls. Implementing Remote Browser Isolation (RBI) can prevent HEAT attacks[4] that use the web, social media, text/SMS, and shared folders and documents.
Why do traditional security techniques fall short in stopping HEAT attacks? Reliance on on-premises deployment and signature-based detection provide ineffective visibility into applications. This detect-and-respond model is inadequate for threats that are designed to evade and adapt to such countermeasures. HEAT techniques have also been developed that bypass sandboxes, delaying execution of malicious code until leaving the sandbox environment.
How can agencies protect themselves against HEAT attacks? A Zero Trust approach, as mandated by the Executive Order 14028, can be effective. Using Zero Trust, a user or entity is never assumed to be trustworthy, even after being granted access. In a Zero Trust architecture, it is necessary to authenticate all connections; verify the identity of all users, devices, applications, and services; and verify that traffic only goes where necessary.
Menlo’s Guntrip says, “Working practices have changed and companies must stop relying on traditional tools and strategies that just don’t cut it anymore. Adopting a prevention-driven approach to security is the only way to achieve this and using isolation-powered security to do so stops the browser from having any direct interaction with the website and content and ensures that HEAT attacks don’t stand a chance.”[5]
Who Is Menlo Security?
Menlo Security on AWS offers an all-in-one cloud-native security solution that helps teams take control of their security in the cloud. Their Zero Trust approach aids their users in keeping their teams safe with military-grade technology backed by elite security researchers. Find out more at www.menlosecurity.com
[1] https://eandt.theiet.org/content/articles/2022/06/stronger-front-door-required-to-rebuff-cyber-heat-attacks/
[2] https://www.businesswire.com/news/home/20220202005353/en/Menlo-Security-Finds-Cloud-Migration-and-Remote-Work-Gives-Rise-to-New-Era-of-Malware-Highly-Evasive-Adaptive-Threats-HEAT
[3] https://www.menlosecurity.com/blog/too-hot-to-handle-why-modern-work-has-given-rise-to-heat-attacks/
[4] https://www.menlosecurity.com/blog/remote-browser-isolation-rbi-myths-debunked/
[5] https://www.darkreading.com/cloud/menlo-security-less-than-three-in-10-organizations-are-equipped-to-combat-growing-wave-of-web-based-cyber-threats
Related Blog Posts
Application Lifecycle, Education, Market Intelligence, State & Local Government
According to data contained in a recent study from Pediatrics, the official scientific journal of the American Academy of Pediatrics, the number of school shootings in the United States has increased dramatically every year since the 2017-2018 school year. At the same time, school mass shootings have become increasingly deadly. Given this trend and the risk posed by security threats to students and faculty, school districts are desperate to find solutions to improve school security.
Gabriel Zighelboim
Big Data & Analytics, Market Intelligence, State & Local Government
Since 2023, we have seen an explosion in the number of state data privacy laws, demonstrating a clear focus amongst state governments in data privacy. In fact, according to the National Conference of State Legislatures, “at least 40 states and Puerto Rico introduced or considered at least 350 consumer privacy bills in 2023.” These data privacy laws create protections for a range of several types of data, from general consumer data protections to specific protections for health data and minor data.
Gabriel Zighelboim
Federal Fiscal Year End, Federal Government, Market Intelligence, Technology
If you have been confused lately seeing multiple March dates with some mention of the federal budget tied to them, you are not crazy. There are in fact multiple budgets floating out there in the ether: some finalized versions for certain agencies, others still awaiting that vote and presidential approval for fiscal year 2024 (FY24), as well as a wholly new request for funding from the President for FY25 priorities. We will catch you up as succinctly as possible, and if FY24 sounds too confusing, read on to hear what’s catching attention across IT for FY25.
Susanna Patten
Federal Fiscal Year End, Federal Government, Market Intelligence, Technology
If you have been confused lately seeing multiple March dates with some mention of the federal budget tied to them, you are not crazy. There are in fact multiple budgets floating out there in the ether: some finalized versions for certain agencies, others still awaiting that vote and presidential approval for fiscal year 2024 (FY24), as well as a wholly new request for funding from the President for FY25 priorities. We will catch you up as succinctly as possible, and if FY24 sounds too confusing, read on to hear what’s catching attention across IT for FY25.
Susanna Patten
Cybersecurity, Federal Government, Market Intelligence, State & Local Government
The 2024 United States presidential election is rapidly approaching, and state and local governments are focusing their efforts on bolstering election security and ensuring the proper safeguards are in place.
Yvonne Maffia
Cybersecurity, Federal Government, Market Intelligence, State & Local Government
The 2024 United States presidential election is rapidly approaching, and state and local governments are focusing their efforts on bolstering election security and ensuring the proper safeguards are in place.
Yvonne Maffia
Cybersecurity, Federal Government, Market Intelligence, State & Local Government
The 2024 United States presidential election is rapidly approaching, and state and local governments are focusing their efforts on bolstering election security and ensuring the proper safeguards are in place.
Yvonne Maffia
Cloud Computing, Cybersecurity, Market Intelligence
Originally passed in 2014, the Federal Information Technology Acquisition Reform Act (FITARA) was designed to improve the management of all-things-IT across federal agencies. It essentially realigned how the government purchases and updates its technology, with an aim at grading agencies based on their ability to adhere to and improve on the following categories:
Susanna Patten
Cloud Computing, Cybersecurity, Market Intelligence
Originally passed in 2014, the Federal Information Technology Acquisition Reform Act (FITARA) was designed to improve the management of all-things-IT across federal agencies. It essentially realigned how the government purchases and updates its technology, with an aim at grading agencies based on their ability to adhere to and improve on the following categories:
Susanna Patten
Market Intelligence, State & Local Government, Technology
The start of a new year often brings uncertainties; but in 2024 one thing is for certain—artificial intelligence (AI) is top of mind nationwide and is expected to have a transformational impact on our society both now and in the future.
Yvonne Maffia
Market Intelligence, State & Local Government, Technology
The start of a new year often brings uncertainties; but in 2024 one thing is for certain—artificial intelligence (AI) is top of mind nationwide and is expected to have a transformational impact on our society both now and in the future.
Yvonne Maffia
Big Data & Analytics, Market Intelligence, State & Local Government
The year 2024 is just around the corner, and with a new year typically comes new priorities. However, some things, like digital government, are here to stay. Improving the Citizen Experience will continue to be a top priority both now and, in the future, as the modern world emphasizes the importance of personalized services that provide agility, accountability, transparency, equity, efficiency, adaptability.
Prioritizing Citizen Experience
Yvonne Maffia
Federal Government, Market Intelligence, News, Technology
We’re still in the first quarter of the fiscal year and headed toward the holiday season. Historically, that predicates a slower pace across the federal sector, but not this year. This year, artificial intelligence (AI) is having a moment, and nearly everyone across the public sector, including the White House and The Office of Management and Budget (OMB), has something to say about it.
Susanna Patten
Federal Government, Market Intelligence, News, Technology
We’re still in the first quarter of the fiscal year and headed toward the holiday season. Historically, that predicates a slower pace across the federal sector, but not this year. This year, artificial intelligence (AI) is having a moment, and nearly everyone across the public sector, including the White House and The Office of Management and Budget (OMB), has something to say about it.
Susanna Patten
Federal Government, Market Intelligence, Technology
The era of heightened environmental awareness calls for decisive action, and the federal government has stepped up to lead this transformative journey. Three federal agencies have carved out significant roles in funding and facilitating environmental remediation technologies: the Department of Energy (DOE), the Environmental Protection Agency (EPA), and the Department of Defense (DoD).
Dawit Blackwell
Federal Government, Market Intelligence, Technology
The era of heightened environmental awareness calls for decisive action, and the federal government has stepped up to lead this transformative journey. Three federal agencies have carved out significant roles in funding and facilitating environmental remediation technologies: the Department of Energy (DOE), the Environmental Protection Agency (EPA), and the Department of Defense (DoD).
Dawit Blackwell
Federal Government, Healthcare, Market Intelligence, Technology
Modernizing the defense healthcare system has never been more front and center for Defense Health Agency (DHA), the Department of Defense's (DOD) primary arm that manages all things healthcare for military service members and their beneficiaries. With acts of war and terrorism arising from overseas and the possibility of having our troops involved in future conflicts, patient healthcare and service preparedness are top priorities for the agency. So, the DHA is looking to work across federal agencies and industry to strengthen its healthcare systems.
Toan Le
Federal Government, Healthcare, Market Intelligence, Technology
Modernizing the defense healthcare system has never been more front and center for Defense Health Agency (DHA), the Department of Defense's (DOD) primary arm that manages all things healthcare for military service members and their beneficiaries. With acts of war and terrorism arising from overseas and the possibility of having our troops involved in future conflicts, patient healthcare and service preparedness are top priorities for the agency. So, the DHA is looking to work across federal agencies and industry to strengthen its healthcare systems.
Toan Le
Market Intelligence, State & Local Government, Technology
Numerous reports by various organizations, including the Government Accountability Office, have consistently found insufficiencies in state unemployment insurance programs. These insufficiencies were laid bare during the COVID-19 pandemic when increased need for such services, combined with an increase in fraudulent activity targeting unemployment insurance programs, overtaxed states’ unemployment insurance systems.
Gabriel Zighelboim
Market Intelligence, State & Local Government, Technology
Numerous reports by various organizations, including the Government Accountability Office, have consistently found insufficiencies in state unemployment insurance programs. These insufficiencies were laid bare during the COVID-19 pandemic when increased need for such services, combined with an increase in fraudulent activity targeting unemployment insurance programs, overtaxed states’ unemployment insurance systems.
Gabriel Zighelboim
Cloud Computing, Cybersecurity, Education, Market Intelligence, State & Local Government, Technology
The annual EDUCAUSE conference highlighted higher education technology trends, goals, challenges, and how to identify a way ahead for higher education institutions to be successful in today’s modern world.
Yvonne Maffia
Cloud Computing, Cybersecurity, Education, Market Intelligence, State & Local Government, Technology
The annual EDUCAUSE conference highlighted higher education technology trends, goals, challenges, and how to identify a way ahead for higher education institutions to be successful in today’s modern world.
Yvonne Maffia
Cloud Computing, Cybersecurity, Education, Market Intelligence, State & Local Government, Technology
The annual EDUCAUSE conference highlighted higher education technology trends, goals, challenges, and how to identify a way ahead for higher education institutions to be successful in today’s modern world.
Yvonne Maffia
Cloud Computing, Cybersecurity, Education, Market Intelligence, State & Local Government, Technology
The annual EDUCAUSE conference highlighted higher education technology trends, goals, challenges, and how to identify a way ahead for higher education institutions to be successful in today’s modern world.
Yvonne Maffia
Cybersecurity, Education, Federal Government, Market Intelligence, Technology
Over the last few months, there have been several recent cybersecurity initiatives at the federal level, aimed at bridging gaps in K-12 cybersecurity policy and strategy.
Yvonne Maffia
Cybersecurity, Education, Federal Government, Market Intelligence, Technology
Over the last few months, there have been several recent cybersecurity initiatives at the federal level, aimed at bridging gaps in K-12 cybersecurity policy and strategy.
Yvonne Maffia
Cybersecurity, Education, Federal Government, Market Intelligence, Technology
Over the last few months, there have been several recent cybersecurity initiatives at the federal level, aimed at bridging gaps in K-12 cybersecurity policy and strategy.
Yvonne Maffia
Federal Government, Market Intelligence
Ah yes, we meet again. The last week of the fiscal year: the air is cooler, pumpkin spice is in everything and the government might shut down. That is, if a deal isn’t reached by midnight on September 30th. This feels even more common, mostly because it is. And I don’t know about you, but the word “shutdown” might sound scary, apropos leading up to Halloween I suppose, but it doesn’t have to be. We’ll talk about what exactly a shutdown is, and more importantly, what it is not.
Susanna Patten
Cloud Computing, Cybersecurity, Market Intelligence
The Air Force hosts an annual summit known as Department of the Air Force Information Technology and Cyberpower (DAFITC) in Montgomery, Alabama, right next to Maxwell Air Force Base. It’s an opportunity for Guardians, Airmen, academics, and IT industry to come together to discuss pain point remedies and high-level plans and strategies. It is also an opportunity for branch heads to strike deals that lead to the adoption of modern and effective systems, meant to enable air superiority. Ms.
Kevin Shaker
Cloud Computing, Cybersecurity, Market Intelligence
The Air Force hosts an annual summit known as Department of the Air Force Information Technology and Cyberpower (DAFITC) in Montgomery, Alabama, right next to Maxwell Air Force Base. It’s an opportunity for Guardians, Airmen, academics, and IT industry to come together to discuss pain point remedies and high-level plans and strategies. It is also an opportunity for branch heads to strike deals that lead to the adoption of modern and effective systems, meant to enable air superiority. Ms.
Kevin Shaker
Federal Government, Technology
TD SYNNEX Public Sector Receives a $342 Million U.S. Department of the Navy Enterprise Agreement
for Oracle Software and Services
Doing business with federal agencies has unique opportunities and challenges, particularly when it comes to procuring IT solutions.
On one hand, the U.S. federal government is the world’s largest buyer of IT products and services, so there’s a tremendous need. But acquiring those solutions can be arduous, and managing the intricacies of licensing and pricing can be an ongoing burden.
Darian Mian
Federal Government, Technology
TD SYNNEX Public Sector Receives a $342 Million U.S. Department of the Navy Enterprise Agreement
for Oracle Software and Services
Doing business with federal agencies has unique opportunities and challenges, particularly when it comes to procuring IT solutions.
On one hand, the U.S. federal government is the world’s largest buyer of IT products and services, so there’s a tremendous need. But acquiring those solutions can be arduous, and managing the intricacies of licensing and pricing can be an ongoing burden.
Darian Mian
Cybersecurity, Internet of Things, IT Infrastructure, Market Intelligence
IoT and Its Impact on Infrastructure and Governance
The Internet of Things (IoT) revolutionizes how governments, organizations, and citizens interact with the physical world. This wave of interconnected devices promises a transformative infrastructure and governmental operations shift. However as the reach of IoT grows, the implications — especially related to security — become even more profound.
Dawit Blackwell
Big Data & Analytics, Market Intelligence, State & Local Government
Data analytics played a pivotal role in state, local, and education (SLED) governments’ response to the COVID-19 pandemic, and the emphasis on the importance of data has only continued to magnify over the last couple of years. Data analytics and related technology tools provide a host of benefits ranging from real-time data analysis, increased transparency and accountability, streamlined citizen facing services, better decision making and savings in both costs and time.
Yvonne Maffia
Application Lifecycle, DevSecOps, Federal Government, State & Local Government
Technology is supposed to make our lives easier. So you know something’s wrong when nearly a third of federal government acquisition professionals surveyed say their agency’s acquisition technology makes the job more difficult.
Ben Allen
Application Lifecycle, DevSecOps, Federal Government, State & Local Government
Technology is supposed to make our lives easier. So you know something’s wrong when nearly a third of federal government acquisition professionals surveyed say their agency’s acquisition technology makes the job more difficult.
Ben Allen
Big Data & Analytics, Data and Analytics, Federal Government, Geospatial, Market Intelligence
As the demand for trustworthy visual data collection and advanced technologies to support strategic decision-making continues to rise, geospatial intelligence plays a vital role in delivering essential military and environmental insights to the intelligence community. Recently at the GEOINT Conference in St. Louis, leaders from several intelligence agencies shed light on the future of geospatial intelligence (GEOINT) and its relationship with emerging technologies.
Toan Le
Application Lifecycle, DevSecOps, Federal Government, State & Local Government, Technology
Government agencies strive to lower the cost of products and services to save taxpayers money. They also aim to shorten “procurement administrative lead time,” or PALT—the time from identification of need to delivery of value—to expedite their missions without delay.
Ben Allen
Application Lifecycle, DevSecOps, Federal Government, State & Local Government, Technology
Government agencies strive to lower the cost of products and services to save taxpayers money. They also aim to shorten “procurement administrative lead time,” or PALT—the time from identification of need to delivery of value—to expedite their missions without delay.
Ben Allen
Application Lifecycle, DevSecOps, Federal Government, State & Local Government, Technology
Government agencies strive to lower the cost of products and services to save taxpayers money. They also aim to shorten “procurement administrative lead time,” or PALT—the time from identification of need to delivery of value—to expedite their missions without delay.
Ben Allen
Application Lifecycle, Business Applications, Federal Government, State & Local Government
Case work is the universal working style of government agencies. Everything from handling customer service inquiries to issuing permits to responding to weather events—in short, any workflow a public sector organization handles—is a “case” that requires a systematic approach from start to finish.
Shari Ingerman
Application Lifecycle, Business Applications, Federal Government, State & Local Government
Case work is the universal working style of government agencies. Everything from handling customer service inquiries to issuing permits to responding to weather events—in short, any workflow a public sector organization handles—is a “case” that requires a systematic approach from start to finish.
Shari Ingerman
Market Intelligence, Technology
The Market Insights team is closely monitoring the immediate and long-term effects of the debt ceiling agreement, and we'll keep you informed of any updates. Here are our initial observations:
Immediate Impact:
Lloyd McCoy
Application Lifecycle, State & Local Government, Technology
The good news is that we’ve officially moved into the next phase of the pandemic, where the White House expects the threat of serious illness to be considerably diminished. But the bad news? Nearly 18 million Americans stand to lose the Medicaid benefits granted to them during the public health crisis as eligibility determinations return to pre-pandemic guidelines.
Vishal Hanjan
Application Lifecycle, State & Local Government, Technology
The good news is that we’ve officially moved into the next phase of the pandemic, where the White House expects the threat of serious illness to be considerably diminished. But the bad news? Nearly 18 million Americans stand to lose the Medicaid benefits granted to them during the public health crisis as eligibility determinations return to pre-pandemic guidelines.
Vishal Hanjan
Federal Government, Market Intelligence, Technology
Edge computing is transforming the public sector, providing increased efficiency, better decision-making, and improved services. The use of AI and machine learning is driving the adoption of edge computing in both federal and state/local government sectors. We will be examining what edge computing means for the public sector, explore recent developments and specific federal contracts, and discuss opportunities for information technology (IT) vendors and partners in this growing field.
Dawit Blackwell
Federal Government, Market Intelligence, Technology
Edge computing is transforming the public sector, providing increased efficiency, better decision-making, and improved services. The use of AI and machine learning is driving the adoption of edge computing in both federal and state/local government sectors. We will be examining what edge computing means for the public sector, explore recent developments and specific federal contracts, and discuss opportunities for information technology (IT) vendors and partners in this growing field.
Dawit Blackwell
Federal Government, Market Intelligence, Technology
This is part of a podcast series where the TD SYNNEX Public Sector Market Insights team provides insights and analysis on IT opportunities across the public sector. This episode features Kevin Shaker, Senior Manager of Lead Gen & Market Intelligence where he discusses the opportunities around, and how to navigate, the federal government’s fiscal year-end. Listen to the full podcast here.
Kevin Shaker
Federal Government, Market Intelligence, Technology
This is part of a podcast series where the TD SYNNEX Public Sector Market Insights team provides insights and analysis on IT opportunities across the public sector. This episode features Kevin Shaker, Senior Manager of Lead Gen & Market Intelligence where he discusses the opportunities around, and how to navigate, the federal government’s fiscal year-end. Listen to the full podcast here.
Kevin Shaker
Application Lifecycle, Technology
In successful federal government acquisitions, an agency’s needs are met in the most effective, economical, and timely manner. The key to meeting your acquisition objectives? Proper acquisition planning—which begins well before you write your plan document. In other words, plan first, document later.
Ben Allen