Browsing at public authorities fully encapsulated


Browsing at public authorities fully encapsulated

Why public authorities and municipalities are using R&S®Browser in the Box for protection against professional cybercriminals

Malware causes damage in the billions. One of the main gateways is the web browser. Conventional antivirus software is almost no match for the methods of professional data thieves, spies and saboteurs. Public authorities and municipalities, such as Dresden, the capital of Saxony, are therefore using the virtual browser from Rohde & Schwarz Cybersecurity to fulfill their strict cybersecurity requirements.

Main malware target: Windows

In an 80-page document, the Federal Office for Information Security (BSI) portrays the IT security situation in Germany in 2019. Put simply, it is serious. The number of attacks is rising sharply, and they are becoming more and more sophisticated. According to the BSI, 114 new malware variants were registered within one year, of which 65 million targeted the Windows operating system. On average, the BSI identified 6100 attacks per month that could not be detected or blocked by installed commercial protection products.

Cybergangs are using innovative technologies,business models such as "cybercrime as a service" expand continually.
Cybergangs are using innovative technologies,business models such as "cybercrime as a service" expand continually.

Gangs are using innovative technologies

In Germany alone, the damage is around EUR 100 billion per year according to recent calculations by the industry association Bitkom. In the report "Economic Impact of Cybercrime – No Slowing Down" published by the Center for Strategic and International Studies (CSIS), a US think tank, the worldwide damage is estimated at nearly USD 600 billion, which is USD 155 billion more than in 2014. The report attributes the accelerated increase to the use of new technologies by cybergangs and continual expansion of the "cybercrime as a service" business model.

Cybercrime: global damage

North America
Europe and Central Asia

Source: Center for Strategic and International Studies (CSIS), Feb. 2018

No firewall can stop Emotet

BSI experts cite a new malware product called Emotet as a prominent example of the growing expertise of today's cybercriminals. This malware has been known for years, but in November 2018 it suddenly spread massively due to malicious Office documents. The evolution of Emotet can be seen in particular in new features such as Outlook harvesting, which enables it to send spam emails that look astonishingly real.

The malware reads contact details and, since recently, email messages in the mailboxes of infected systems. The criminals use this information to increase the proliferation of the malware in subsequent spam campaigns. This means that recipients receive fake emails from senders they were recently in contact with. The BSI expects a further increase in this sort of automated social engineering attacks, which recipients are scarcely able to identify as such. In the case of "spear phishing" attacks, the message content is tailored to especially valuable targets. Emails containing this malware are therefore among the most frequently detected attacks, for example attacks on German federal government agencies.

Firewalls and antivirus software – the traditional solutions – are no match for modern Trojan horses, worms and other malware, because the usual blacklisting approach only blocks known dangers. The security measures of operating system vendors also do not provide adequate protection. Some public authorities still secure themselves by completely isolating the computers they use for browsing from their own operating system and their intranet. The inevitable consequence is that transactions with the digital outside world are massively restricted.

Clemens Schulz, Director of Desktop Security at Rohde & Schwarz Cybersecurity

"Once you install R&S®Browser in the Box, Windows 7 is no longer vulnerable to attacks from the internet and public authority can migrate to Windows 10 at their own pace."

Clemens Schulz, Director of Desktop Security at Rohde & Schwarz Cybersecurity

"The world's most secure browser"

Clemens Schulz, Director of Desktop Security at Rohde & Schwarz Cybersecurity, was a key player in the development of software that totally encapsulates the user's own browser from its surroundings without restricting user access to the digital outside world: R&S®Browser in the Box. Schulz says, "The gateway is still the person." This is why it is so important to not just rely on educating users in the company, but also using the best technology to prevent the accidental and unintentional import of malware. Instead of reacting to malware, the entry of malware should be proactively prevented. Nowadays simply opening a website is enough to activate a drive-by download, for example via banners.

The development of R&S®Browser in the Box represents a paradigm shift, similar to what happened in the automotive industry. As early as the 1950s, the effects of accidents on vehicle occupants could be reduced by airbags. Many years later, the introduction of electronic stability control (ESC) made a significant contribution to avoiding accidents. Like ESC in a vehicle, R&S®Browser in the Box prevents malware infections. This is called security by design. Telemetry services are also unable to seize the browser's data, and downloading malware from file attachments is equally impossible. The industry magazine Chip has named R&S®Browser in the Box the "world's most secure browser".

The initiative for the development of this type of software for total security of public authorities came from the BSI. Virtually all the offices of the police force of Baden-Württemberg, Germany, were among the first users. Long before the introduction of the General Data Protection Regulation (GDPR), municipal public authorities in Germany were obliged to protect the data of citizens on their data storage media. And long before the implementation of the EU GDPR, the city of Dresden upgraded its equipment to secure its computers with R&S®Browser in the Box.

Despite the encapsulation of the operating system, transactions with the internet run almost just as fast as with a normally protected system.
Despite the encapsulation of the operating system, transactions with the internet run almost just as fast as with a normally protected system.

When the health department does research ...

One example is the health department. Kay Hirschfeld, an administrator in Dresden's municipal government who is responsible for cybersecurity, identifies sensitive areas where the employees must be able to do research securely. For example, they must be able to contact sex workers to carry out information campaigns. They must be able to access forums for same-sex partners, for example to draw attention to the possibility of free and anonymous AIDS tests. In all cases, personal data must be encrypted and pseudonymized, and data protection and deletion deadlines must be complied with. In particular, online research activities must be separated from the internal system so that nobody can use the browser to access the operating system on which personal data is processed.

The situation with weapon registration is similar. Until recently, the weapon offices (around 550 in total) used a wide variety of systems to maintain their data, in some cases on index cards instead of digital. When, due to the associated EU directive, the data of all the offices had to be consolidated, which means harmonized and stored in a central system, the risk increased. As Hirschfeld explains, "Then, from a single gateway, hackers could access data of an entirely different quality and perhaps even an entirely different quantity of data." An important aspect for the IT security expert is that despite the encapsulation of their own operating system, transactions with the internet run almost just as fast as with a normally protected system. With the right configuration, it even loads unobtrusively when Windows starts up.

Multilayer security is the key

The operating system and the intranet remain completely separated from the web browser while the application is running. Telemetry data is no longer sent to the producer. This is metadata about the document, the client concerned and its usage. Along with this information, confidential data could also be grabbed without being noticed. The browser runs on a completely virtualized platform with no noticeable impact on users, because their browser behaves as expected. The "Docs in the Box" feature also allows email attachments, which could contain viruses, to be viewed safely in the preview window of a virtualized environment.

The key to this is a hardened Linux system. Schulz explains: "The open source operating system is stripped down so that only the browser can run on it." In addition, data traffic is encrypted end-to-end by a VPN tunnel using the R&S®Trusted VPN gateway. As Schulz points out, no other vendor in the world offers this sort of complete network and browser encapsulation with retention of full functionality.

The human factor

With R&S®Browser in the Box, individual authorized users are freed from the responsibility of personally checking each single site. Nevertheless, Kay Hirschfeld from Dresden warns, "The biggest danger is not hackers, but careless, perhaps even disgruntled, employees with appropriate access rights." Technical solutions are powerless against spies who smuggle data out of the company, but without a technical solution you have lost before you even get started.

Related topics

Rohde & Schwarz Cybersecurity

More information

Desktop security

More information

Network security

More information

Mobile security
Mobile security

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

I want to receive information from Rohde & Schwarz via

Marketing permission

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.