HP Ireland issued its quarterly HP Wolf Security Threat Insights Report, showing that thriving cybercriminal marketplaces are offering low-level attackers the tools needed to bypass detection and infect users.
Based on data from millions of endpoints running HP Wolf Security, key findings include:
Houdini’s Last Act: A new campaign targeted businesses with fake shipping documents concealing JavaScript malware. Its obscure code allowed the malware to slip past email defences and reach endpoints. The analysed attack delivered Houdini, a 10-year-old malware. This shows that, with the right pre-packaged tools from cybercrime marketplaces, hackers can still use vintage malware effectively by abusing the scripting features built into operating systems.
Cybercriminals Deploy “Jekyll and Hyde” Attacks: HP discovered a separate campaign launching two threads when a user opens a malicious scanned invoice designed to trick users. The “Jekyll” thread opens a decoy invoice copied from a legitimate online template, reducing suspicion, while the “Hyde” runs the malware in the background. This attack would be easy for threat actors to carry out, as pre-packaged kits to carry out this type of hacking have been advertised on forums for around €62 / $65 per month.
HP also identified attackers are hazing aspiring cybercriminals by hosting fake malware building kits on code sharing platforms like GitHub. These malicious code repositories trick wannabe threat actors into infecting their own machines. One popular malware kit, XWorm, is advertised on underground markets for as much as €474 / $500, driving resource-strapped cybercriminals to buy fake versions.
By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely – HP Wolf Security has specific insight into the latest techniques used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 30 billion email attachments, web pages, and downloaded files with no reported breaches.
The report details how cybercriminals continue to diversify attack methods to bypass security policies and detection tools. Other findings include:
Archives were the most popular malware delivery type for the sixth quarter running, used in 36% of cases analysed by HP.
Despite being disabled by default, macro-enabled Excel add-in threats (.xlam) rose to the 7th most popular file extension abused by attackers in Q3, up from 46th place in Q2. Q3 also saw malware campaigns abusing PowerPoint add-ins.
At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanners in both Q3, and Q2.
Q3 saw an increase in attacks using exploits in Excel (91%) and Word (68%) formats.
There was a 5%-point rise in PDF threats isolated by HP Wolf Security compared to Q2.
The top threat vectors in Q3 were email (80%) and downloads from browsers (11%).
Val Gabriel, Managing Director of HP Ireland, comments: “This quarter’s report has found that threat actors can easily and inexpensively purchase pre-packaged, user-friendly malware ‘meal kits’. We have found that these kits infect systems with a single click. So, instead of creating their own tools to breach security systems, low-level cybercriminals can now access kits that use living-off-the-land tactics. These stealthy in-memory attacks are often harder to detect due to security tool exclusions for admin use, like automation.
“While the tools for crafting stealthy attacks are readily available, threat actors still rely on the user clicking in order to infect systems,” continues Val Gabriel. “To neutralise the risk of falling victim to pre-packaged malware kits, businesses should isolate any high-risk activities, like opening email attachments, link clicks, and downloads, as doing so, significantly minimises the potential of a breach by reducing the attack surface.”
HP Wolf Security runs risky tasks in isolated, hardware-enforced virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that slip past other security tools and provides unique insights into intrusion techniques and threat actor behaviour.
About the data
This data was gathered from consenting HP Wolf Security customers from July-September 2023.
HP Inc. today unveiled findings from its first HP Work Relationship Index, a comprehensive study that explores employees’ relationships with work globally. The study, which surveyed more than 15,600 respondents across various industries in 12 countries, reveals the world’s relationship with work is at a breaking point – and its effects are pervasive.
Commenting on the research, Val Gabriel, Managing Director at HP Ireland, said “There are various ways to strengthen our collective ways of working globally that are mutually beneficial for people and for business. Our new global research highlights this and indicates how people’s relationship with work can impact their personal and working lives.
“For another successive quarter, Ireland has reached a new record for the highest number of people employed across the country than ever before. With this comes opportunity, as leaders we must understand there are always improvements that can be made to bridge any gaps. Successful companies are built on cultures that enable employees to excel in their careers while thriving outside of work.”
The study analysed 50+ aspects of people’s relationships with work, including the role of work in their lives, their skills, abilities, tools and workspaces, and their expectations of leadership. The study also examined the impact work has on employee well-being, productivity, engagement, and culture. Through this, HP developed its Work Relationship Index, which is a measure of the world’s relationship with work to be tracked over time. It found that just 27% of knowledge workers currently have a healthy relationship with work; more details on the Index can be found here.
Unhealthy Relationships with Work are Impacting Employees’ Well-being
In this first-of-its-kind study, HP engaged with business leaders, IT decision makers, and knowledge workers to gain insights into the factors that drive meaningful, productive, and purposeful work experiences. The findings spotlight the negative impacts an unhealthy relationship with work has on an employee’s life and an employer’s business.
When employees are not happy with their relationship with work, it takes a toll on business:
Morale and Engagement: Knowledge workers report less productivity (34%), more disengagement at work (39%) and greater feelings of disconnection (38%).
Retention: Even when employees feel neutral about their relationship with work, more than 71% consider leaving the company. When they’re not happy at all, that number rises to 91%.
Unhealthy relationships with work can impact employees’ well-being:
Mental: More than half (55%) of these employees struggle with their self-worth and mental health, reporting low self-esteem and feeling like they are a failure.
Emotional: These issues naturally affect other aspects of their lives, with 45% noting that their personal relationships with friends and family suffer, and more than half (59%) are too drained to pursue their personal passions.
Physical: Mental and emotional health can make it harder to maintain physical well-being. 62% of employees report trouble with maintaining healthy eating, working out and getting sufficient sleep.
Identifying the Drivers Behind a Healthy Relationship with Work
Employees’ expectations of work have changed significantly, particularly over the past two-to-three years, according to nearly 60% of respondents. 57% surveyed noted their expectations of how they are treated at work and in the workplace also have increased.
The research examined more than 50 factors contributing to a healthy relationship with work, identifying 6 core drivers that represent critical focus areas – and key imperatives – for business leaders, and comprise the Index that will be tracked over time.
Fulfilment:Employees yearn for purpose, empowerment, and genuine connection to their work, but just 29% of knowledge workers currently experience these aspects consistently. To adapt to evolving workforce expectations, businesses must prioritise employee fulfilment.
Leadership:New ways of working demand new leadership styles, according to 68% of business leaders; yet only 1 in 5 workers feel leaders have evolved their leadership styles accordingly. Cultivating emotional intelligence and transparent, empathetic leadership is crucial for today’s workplace.
People-centricity:Only 25% of knowledge workers consistently receive the respect and value they feel they deserve, and even fewer are experiencing the flexibility, autonomy, and work-life balance they seek. To address this, leaders must put visible emphasis on putting people first and placing their teams at the centre of decision-making.
Skills:While 70% of knowledge workers value strong power and technical skills, only 31% feel consistently confident in their proficiency in either. ‘Best-practice’ businesses have an opportunity to gain a vital skills-development and employee engagement edge by investing in holistic training and support.
Tools:Today’s workers want a say in the technology and tools their employer provides– and want that technology to be inclusive.However, confidence that companies will implement the right tools to support hybrid work is low, at just 25%. No longer just a utility, the technology portfolio is emerging as an important driver of employee engagement, as well as connection and enablement.
Workspace:Knowledge workers want a seamless experience as they move between work locations – and a choice in where they work each day. Effective hybrid workspaces, easy transitions, flexibility, and autonomy will be pivotal in demonstrating trust in employees and fostering a positive work experience.
Trust and Emotional Connection are Key in Attracting and Retaining Workers
The Work Relationship Index shows that this is a pivotal time to redefine the world’s relationships with work. Greater trust and emotional connection in the workplace were strong and recurring themes across the 6 core drivers.
Almost 3 in 4 business leaders acknowledge that emotionally intelligent leadership is the only way a leader can be successful going forward. Significantly, the study found that emotional intelligence – and increased trust and agency – hold considerable weight with employees: 83% say they’re willing to earn less money to find an employer that values these factors.
Strong workplace culture: Knowledge workers would take an 11% pay cut to work somewhere with empathetic, emotionally intelligent leadership, and above-average employee engagement and fulfilment.
Flexibility: The same group would give up 13% of their salary to work somewhere that lets them work where or when they want.
HP Ireland today issued its quarterly HP Wolf Security Threat Insights Report, showing how threat actors are chaining different combinations of attacks together like toy bricks to sneak past detection tools. It comes as the Government has published the Mid-Term Review of the National Cyber Security Strategy 2019-2024 plan to boost cybersecurity, which includes measures to support the potential growth of the cybersecurity industry.
The research has found that by isolating threats that have evaded detection tools on PCs, HP Wolf Security has specific[i] insight into the latest techniques used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 30 billion email attachments, web pages, and downloaded files with no reported breaches.
Based on data from millions of endpoints running HP Wolf Security[ii], the researchers found:
It’s playtime for cybercriminals using building block style attacks: Attack chains are often formulaic, with well-trodden paths to the payload. Yet creative QakBot campaigns saw threat actors connecting different blocks together to create unique infection chains. By switching up different file types and techniques, they were able to bypass detection tools and security policies. 32% of the QakBot infection chains analysed by HP in Q2 were unique.
Spot the difference – blogger or keylogger: Attackers behind recent Aggah campaigns hosted malicious code within popular blogging platform, Blogspot. By hiding the code in a legitimate source, it makes it harder for defenders to tell if a user is reading a blog or launching an attack. Threat actors then use their knowledge of Windows systems to disable some anti-malware capabilities on the users’ machine, execute XWorm or the AgentTesla Remote Access Trojan (RAT), and steal sensitive information.
Going against protocol: HP also identified other Aggah attacks using a DNS TXT record query – typically used to access simple information on domain names – to deliver the AgentTesla RAT. Threat actors know the DNS protocol is not often monitored or protected by security teams, making this attack extremely hard to detect.
Multi-lingual malware: A recent campaign uses multiple programming language to avoid detection. Firstly, it encrypts its payload using a crypter written in Go, disabling the anti-malware scanning features that would usually detect it. The attack then switches language to C++ to interact with the victim’s operating system and run the .NET malware in memory – leaving minimal traces on the PC.
Val Gabriel, Managing Director of HP Ireland, comments:
“In Q2, we welcomed the Government’s plan to boost cybersecurity in Ireland but there is still a long way to go. We have observed that the top threat attack vectors that can be exploited to break into an IT system, is email (79%) and browser downloads (12%). Our research shows thattoday’s attackers are becoming better organised and more knowledgeable. It’s easier for attackers so exploit any security gaps by knowing the best entry points and how to easily navigate systems. To limit the chances of a security breach, businesses and users should avoid downloading files from untrusted sites or clicking on any suspicious links.”
The report details how cybercriminal groups are diversifying attack methods to bypass security policies and detection tools. Key findings include:
Archives were the most popular malware delivery type for the fifth quarter running, used in 44% of cases analysed by HP.
Q2 saw a 23% rise in HTML threats stopped by HP Wolf Security compared to Q1.
There was a 4%-point increase in executables from 14% to 18% from Q1 to Q2, mainly caused by usage of the PDFpower.exe file, which bundled software with a browser hijacking malware.
HP noted a 6%-point drop in spreadsheet malware (19% to 13%) in Q1 compared to Q4, as attackers move away from Office formats that are more difficult to run macros in.
At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanner in Q2.
The top threat vectors in Q2 were email (79%) and browser downloads (12%).
Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc., comments:
“While infection chains may vary, the methods of initiation remain the same – it inevitably comes down to the user clicking on something. Instead of trying to second guess the infection chain, organisations should isolate and contain risky activities such as opening email attachments, clicking on links, and browser downloads.”
HP Wolf Security runs risky tasks in isolated, hardware-enforced virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that slip past other security tools and provides unique insights into novel intrusion techniques and threat actor behaviour.
HP has announced new pro-grade audio and video solutions with AI-driven software to bring meetings to life.
“HP is thrilled to bring the next generation of audio and video technology, enhanced with innovative AI capabilities to the Irish market, so everyone can be virtually seen and heard with clarity. We are committed to delivering solutions that eliminate the barriers inside and outside the room so users can look and sound their best,” said Val Gabriel, Managing Director, HP Ireland.
Be Seen
As more people return to the office, the Poly Studio X52 all-in-one video bar maximises the virtual meeting experience in mid-sized meeting spaces. New Poly DirectorAI smart camera technology offers automated camera framing modes like group, speaker, and people framing. The 4K, 20MP camera ensures clear visibility of every participant, reaching even the farthest corners of the conference room without any image distortion. Updates to the AI-driven software for group and speaker framing capabilities include the new Poly DirectorAI Perimeter feature and other audio enhancements. The Poly Studio X52 is certified for Google Meet, Microsoft Teams and Zoom, with pending certification for native support for BlueJeans by Verizon, GoTo, and RingCentral.
The Poly Video OS provides a unified experience across all Poly video conferencing devices. With its latest update, Poly Video OS 4.1 delivers new features and improvements:
For better meeting room experiences with glass walls, Poly DirectorAI Perimeter technology ensures precise participant framing. IT administrators can input room dimensions, allowing AI-powered technology to define parameters accurately and prevent capturing faces beyond glass walls or windows. Additionally, Sound Reflection Reduction minimises echo and reverberations caused by glass and hard surfaces.
The Poly Studio E70 smart camera can now connect directly to the Poly G7500 modular video conferencing system using a standard Ethernet cable for flexible room configurations and easier installation. The Ethernet cable can power the Studio E70 camera and extend up to 100 meters.
The Poly TC10 touch control panel now supports meeting control for Microsoft Teams Rooms on Android. It can also function as a room scheduling panel for Microsoft Teams, allowing better visibility into room availability and on-the-spot room reservations. The TC10 control panel is now certified for Microsoft Teams.
Poly Solutions for Large Rooms
The Poly G7500 Modular Video Conferencing System and the Shure Microflex Large Room Bundles deliver a seamless multi-vendor solution for large meeting spaces and have been jointly certified for Microsoft Teams Rooms on Android. Customers now have the option of a tested and certified multi-vendor solution that seamlessly integrates video, compute, and DSP audio solutions, ensuring an optimal Microsoft Teams Rooms experience.
The Poly Studio E70 and HP Mini Conferencing PC have been Zoom-certified for large meeting rooms, offering customers a complete intelligent solution for Zoom Rooms on Windows. The powerful combination of dual camera sensors and 12th generation Intel® Core™ i7 processor enable Zoom Room features, including a Zoom-verified Intelligent Director experience, to deliver more equitable meetings for in-person and remote participants.
Be Heard
The new Poly Voyager Surround 80 UC empowers employees to focus and sound their best with immersive rich audio and adaptive ANC. It is the first boomless headset certified for Microsoft Teams Open Office due to its outstanding performance in noisy environments. The Bluetooth enterprise headset offers a sleek design for complete comfort, featuring soft ear cushions and an adjustable headband for an ultralight fit. Users can stay in command with up to 21 hours of talk time, convenient on-ear controls, and smart sensors for automatic call answering.
IT Management – Poly Lens
With companies striving to enhance the in-office experience and adapt workspaces to evolving utilisation trends, the Poly Lens remote device management provides enhanced visibility and insights across company workspaces. IT professionals can remotely monitor, troubleshoot Poly devices, and streamline device management under one platform.
Poly has expanded its growing portfolio of API integration partners with Ubiqisense and Vyopta to deliver insights for customers leveraging the power of Poly Lens on the Poly Studio X30 and Studio X50 video bars.
Ubiqisense provides rich, actionable insights into room occupancy, usage patterns, and footfall across office floors, meeting rooms, open spaces, and shared desks.
Vyopta provides insights on space utilisation, UC device monitoring, troubleshooting, and meeting experience analytics.
“Organisations seeking to bridge the gap between on-site, remote, and flexible workers will need tools and technologies designed to meet the challenge,” said Val Gabriel, Managing Director of HP Ireland. “HP | Poly have extensive experience deploying a collective suite of AI-enabled audio and video solutions, which offer an immersive collaboration experience for all end users.”
Pricing and Availability
The Poly Studio X52 is expected to be available worldwide in late Summer for a starting price of €4,437.
The Poly Video OS 4.1 is expected to be available worldwide across the Poly Studio X Series of video bars and the Poly G7500 modular video conferencing systems in late Summer.
The Poly Studio E70 featuring Zoom’s Intelligent Director on Windows is expected to be available worldwide in October 2023.
The Poly Voyager Surround 80 is expected to be available worldwide in August for a starting price of €459.95.
The Poly Lens App is currently available worldwide.
Today, HP announced new global research revealing the serious actions many parents are taking due to climate change, from everyday decisions to long-term family planning.
The global study found 91% of parents are concerned about the climate crisis, leading to changes that reshape their lives and purchasing habits. More than half (53%) say it has impacted their perspective on having more children. The research also found many parents favour companies that are taking action to address climate change and expect businesses to lead on the issue. Nearly two-thirds (64%) of parents prefer products that are sustainably sourced and 60% say sustainable company practices play a large part in their purchasing habits.
This willingness to seek out sustainable products and decisions comes despite the fact that the vast majority of respondents (84%) acknowledge the cost of living is rising and more than half (57%) believe engaging in environmentally friendly practices takes up a lot of time.
Reflecting on the research findings, Val Gabriel, Managing Director of HP Ireland, said: “Our data reflects the growing trend of parents becoming more and more concerned about the climate crisis. It’s great to see that the majority of people (60%) say sustainable company practices play a large part in their purchasing habits. At HP, we are moving forward with our own sustainability targets, keeping climate change top of mind.”
While parents are taking personal action, most also believe key players in the corporate world must act, too. Most parents surveyed globally (51%) believe that companies have “a lot” of responsibility in holding themselves accountable on climate action, as opposed to customers (36%).
The findings come as HP releases its 22nd annual Sustainable Impact report, detailing the company’s progress toward comprehensive and bold environmental, and social goals.
HP has reduced its absolute carbon footprint by 18% since 2019.
Reduced single-use plastic packaging by 55% compared to 2018.
Counteracted deforestation for 41% of all paper used in HP products and services toward goal of 100%.
Accelerated digital equity for more than 21 million people in path to 150 million by 2030.
Building a pipeline of diverse talent, with 46% of U.S. new hires last year from racial or ethnic minorities.
“Keeping with the current trajectory we are on in our sustainability journey at HP, we aspire to be the most sustainable and just technology company. In holding ourselves accountable, it ensures we keep climate change at the forefront of many business decisions. We are proud that through our goals, we are edging closer to our bigger picture goal of achieving net zero carbon emissions by 2040.”
In 2021, HP set aggressive Sustainable Impact goals in three areas where the company believes it can make the most difference – Climate Action, Human Rights and Digital Equity. The 2022 report details progress toward all three focus areas including a net zero carbon value chain, giving back more to forests than we take, creating a more circular economy, building a culture of equality, and empowerment and accelerating digital equity around the world to enable traditionally excluded communities to thrive in a digital economy.
HP Ireland today issued its quarterly HP Wolf Security Threat Insights Report, showing threat actors are hijacking users’ Chrome browsers if they try to download popular movies or video games from pirating websites.
By isolating threats that have evaded detection tools on PCs, HP Wolf Security has specific insight into the latest techniques being used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 30 billion email attachments, web pages, and downloaded files with no reported breaches.
Based on data from millions of endpoints running HP Wolf Security, the researchers found:
The Shampoo Chrome extension is hard to wash out: A campaign distributing the ChromeLoader malware tricks users into installing a malicious Chrome extension called Shampoo. It can redirect the victim’s search queries to malicious websites, or pages that will earn the criminal group money through ad campaigns. The malware is highly persistent, using Task Scheduler to re-launch itself every 50 minutes.
Attackers bypass macro policies by using trusted domains: While macros from untrusted sources are now disabled, HP saw attackers bypass these controls by compromising a trusted Office 365 account, setting up a new company email, and distributing a malicious excel file that infects victims with the Formbook infostealer.
Firms must beware of what lurks beneath: OneNote documents can act as digital scrapbooks, so any file can be attached within. Attackers are taking advantage of this to embed malicious files behind fake “click here” icons. Clicking the fake icon opens the hidden file, executing malware to give attackers access to the users’ machine – this access can then be sold on to other cybercriminal groups and ransomware gangs.
Sophisticated groups like Qakbot and IcedID first embedded malware into OneNote files in January. With OneNote kits now available on cybercrime marketplaces and requiring little technical skill to use, their malware campaigns look set to continue over the coming months.
“To limit the chances of a security breach, businesses and users should avoid downloading files from untrusted sites. We have observed that threat actors are hijacking users’ Chrome browsers at times when downloading popular movies or video games from pirating websites. To protect against the latest threats, employees should be cautious of suspicious internal documents and check with the sender before opening. Organisations should also configure email gateway and security tool policies to block OneNote files from unknown external sources,” explains Val Gabriel, Managing Director of HP Ireland.
From malicious archive files to HTML smuggling, the report also shows cybercrime groups continue to diversify attack methods to bypass email gateways, as threat actors move away from Office formats. Key findings include:
Archives were the most popular malware delivery type (42%) for the fourth quarter running when examining threats stopped by HP Wolf Security in Q1.
There was a 37-percentage-point rise in HTML smuggling threats in Q1 versus Q4.
There was a 4-point rise in PDF threats in Q1 versus Q4.
There was a 6-point drop in Excel malware (19% to 13%) in Q1 versus Q4, as the format has become more difficult to run macros in.
14% of email threats identified by HP Sure Click bypassed one or more email gateway scanner in Q1 2023.
The top threat vector in Q1 was email (80%) followed by browser downloads (13%).
“To protect against increasingly varied attacks, organisations must follow zero trust principles to isolate and contain risky activities such as opening email attachments, clicking on links, or browser downloads. This greatly reduces the attack surface along with the risk of a breach,” comments Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc.
HP Wolf Security runs risky tasks like opening email attachments, downloading files and clicking links in isolated, micro-virtual machines (micro-VMs) to protect users. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that might slip past other security tools and provides unique insights into novel intrusion techniques and threat actor behavior
At its Amplify™ Partner Conference, HP Inc announced HP Wolf Connect, an IT management connectivity solution that provides a highly resilient and secure connection to remote PCs, enabling IT to manage devices even when powered down or offline.
Using a cellular-based network, HP Wolf Connect’s robust connectivity helps ensure IT teams can readily manage a dispersed hybrid workforce. It can reduce the time and effort needed to resolve support tickets, secure data from loss or theft to mitigate a potential breach and optimise asset management.
“Hybrid work has made remote management at scale more complex for IT teams, yet even more essential,” comments Neil Dover, Country Manager at HP Ireland. “As we adapt to the hybrid work model the cloud has helped but hasn’t solved IT’s ability to manage devices that are powered down or offline. HP Wolf Connect’s highly resilient connection opens new doors to remote device management, enabling efficient and effective management of dispersed workforces.”
HP Wolf Protect and Trace with Wolf Connect is the world’s first software service capable of locating, locking and erasing a PC remotely, even when it’s turned off or disconnected from the Internet. This capability protects sensitive data on the move and helps lower IT costs by reducing the need for PC remediation or replacement.
Securing and managing the hybrid workforce is a top priority for organisations. New global research from HP Wolf Security found 82% of security leaders operating a hybrid work model have gaps in their organisation’s security posture. The global study of 1,492 security leaders found:
61% say protecting their hybrid workers will get harder in the year ahead.
70% say that hybrid work increases the risk of lost or stolen devices.
“Before today, solutions relied on PCs being on or connected to the internet, but HP Wolf Connect now provides a highly resilient mobile connection to find, lock, and erase lost or stolen devices even if they are disconnected or powered down. This is particularly crucial in industries where devices may contain PII (personally identifiable information) or intellectual property. Now, teams can accurately report where and when devices were lost, and how long it took to lock or erase them,” continues Dover.
Securing the endpoint is ground zero for attacks on hybrid workers
Beyond PC loss and theft, the endpoint i.e., laptops, PCs or printers – continue to face serious threat from ransomware and is ground zero for attacks on hybrid workers. This requires the creation of new cybersecurity strategies and innovative security tools in response to changing employee behaviours.
84% of security leaders say the endpoint is the source of most security threats and where the most business-damaging security threats happen.
66% say the greatest cybersecurity weakness is the potential for hybrid employees to be compromised; with phishing, ransomware, and attacks via unsecured home networks cited as the top risks.
65% say it is challenging to update their threat detection measures (e.g., Endpoint Detection & Response and Security Information and Event Management tools) to reflect the behavior of hybrid employees, making it harder to spot attacks.3
Three-quarters (76%) of security leaders agree application isolation is key to protect hybrid worker devices, but only 23% are benefiting from using it at present; with 32% planning to deploy in the next 12 months.
“The shift to hybrid work requires a move away from old perimeter-focused thinking. To close gaps, organisations must put the endpoint front and centre of any security strategy. Adopting hardware-enforced security features and protection above, in, and below the OS – such as application isolation – will be key for protecting users without impinging on the freedoms that hybrid work allows,” concludes Pratt.
Hybrid work security is a key focus for 2023
HP’s new hybrid security research details how security teams are prioritising securing the hybrid workplace:
Four-in-five (82%) security leaders have increased their cybersecurity budget specifically for hybrid workers. 71% expect this hybrid investment focus to increase further in 2023.
80% have deployed a different set of tools and policies to protect hybrid employees.
70% are limiting network access of people working remotely to minimise the risk of a breach.
This week at the Amplify™ Partner Conference, HP Inc announced new products and solutions to usher in the next era of hybrid work for everyone with a comprehensive set of computing solutions for hybrid flexibility.
With only 22%of workers describing themselves as ‘thriving’ in hybrid work, it’s clear companies are still figuring out how to make hybrid work. “Many companies want to move past the ‘forced return’ to the office era of hybrid work but the challenge is, they are unsure how to get the right balance,” said Val Gabriel, Managing Director of HP Ireland. “We believe the future is hybrid flexibility, which delivers the best of the home and the office to workers everywhere.”
According to HP’s Future of Work study, 80%of workers want to be in the office some of the time, but many companies continue to struggle to get workers back in the office. HP research suggests that the most significant barrier to a return to office is a sub-optimal technology experience. In fact, 89% say technology is the most important factor driving return to office decisions. Similarly, of those who report thriving in hybrid work, 90%believe that access to the right technology and tools leads to a positive work experience.To accelerate employees’ return to work, the right technology is required for optimal work setups, enabling success for companies and their employees.
“Hybrid work does not equal remote work. True hybrid work creates a great culture that connects people, raises productivity, and builds engagement. Technology is the biggest factor in facilitating that. We’re going big with innovations to help keep people connected, productive, and secure,” said Val Gabriel.
HP Presence Enriches Collaboration Experiences in the Era of Hybrid Flexibility
Since 2021, HP Presence has enriched video conferencing experiences on the PC with intuitive collaboration innovations for people to truly feel connected while working together at home or in the office. HP Presence will be available across all HP commercial notebooks – from ProBook and Dragonfly series to Z by HP mobile workstations. This provides companies the critical solutions for revitalising collaboration, culture, innovation, and productivity to make working in or out of the office a seamless experience. Innovations include multi-camera experiences enabling users to be shown while whiteboarding at the same time and Auto Camera Select for face tracking makes meetings more engaging and natural. Work Seamlessly at Home, Office, Meeting Spaces, and On-the-Go.
The next generation of HP EliteBook and ProBook devicesare equipped for premium collaboration with HP Presence and next-level productivity. As users move throughout the day from home to office to meeting rooms, these devices are designed for hybrid flexibility:
HP EliteBook 800 and 805 G10 Series PCs: Featuring the world’s most advanced business convertible for collaboration,[vii] the lineup makes virtual meetings authentic and interactive with HP Presence technology.
HP EliteBook 600 and 605 G10 Series PCs: Equipping workforces with the latest technology at a cost-effective price point, the premium design, collaboration experiences, manageability, and security will empower users to be heard and seen whether in the office or remotely.
HP ProBook 400 and 405 G10 Series PCs: Enabling SMB leaders and employees to thrive in hybrid while getting the most out of their IT investment by offering built-in collaboration tools for productivity, multi-layered security, and a durable, serviceable chassis.
As the world’s most advanced business convertible for collaboration,5 the HP Elite x360 830 G10 empowers hybrid workers to unlock creation and collaboration from anywhere.
The HP EliteBook 645 G10 provides hybrid workers with the connectivity options and configurable ports they need to stay productive in the office, at home, and on the go.
Optimized for hybrid work, the HP ProBook 450 G10 features commercial-grade performance, built-in collaboration tools for productivity, and multi-layered security.
High-Performance Designed for Hybrid Flexibility
HP reinvigorates innovation with a focus on technology and solutions that not only deliver high-performance but address new challenges with hybrid work when collaborating on large projects with complex workflows. Since 2019, 71% of companies have increased workstation deployments to future-proof workforces with reliability, expandability, and remote access.[viii] Z by HP with HP Presence provides the collaboration tools and high-performance compute solutions needed to power today’s workflows.
The latest ZBook G10 mobile workstations — ZBook Firefly, ZBook Power, ZBook Studio, ZBook Fury — give power, performance, and battery life from anywhere.
ZBook Firefly G10 and ZBook Power G10: Both new workstations combine pro-level performance with mobility. Users can stay productive with pro-grade components, enhanced collaboration features, and color-accurate displays — everything needed to take on projects from anywhere.. The ZBook Firefly and ZBook Power will be the first in the ZBook portfolio to now offer AMD Ryzen™ and Ryzen™ PRO processors for mobile.
ZBook Studio G10: From 3D design to data science and AI computing, this PC delivers. Packed with pro performance in a sleek PC that fits in your bag, the ZBook Studio is engineered for building complex models, rendering in real-time or visualizing data, on the go.
ZBook Fury G10: Tackles intense workflows from anywhere by offering a desktop-class Intel Core HX processor for pro performance. The new ZBook Fury can simultaneously rendering 3D models, running simulations, analyzing large data sets, or training machine learning models from anywhere.
The recently announced Z by HP Performance Desktopsinclude the world’s most powerful single socket workstation with 4 GPUs,enablingcomplex, data-rich workflows for hybridworkplaces. These entry-level desktop workstations are for users who want to step into power and performance while remaining agile with remote access for high-end workflows.
The Z2 Mini G9, Z2 SFF G9, Z2 Tower G9, and Z1 Tower G9 are built for designers, engineers, and students working in multiple applications at once. The new HP Anyware Remote System Controller will now also be supported on the Z2 Mini G9, Z2 SFF G9, and Z2 Tower G9. As the world’s most advanced remote management peripheral, it is built for out-of-band management, allowing ITdepartments to monitor and manage a workstation fleet from anywhere. The Z by HP entry desktop workstation portfolio continues to bring performance and broad expandability to keep users in the creative zone.
Be Seen, Be Heard, and Be Productive in Any Workspace
Hybrid work is not just working remotely – it’s about delivering an experience that works seamlessly for those in the room and for those joining remotely. HP and Poly are now delivering the world’s most comprehensive set of commercial video conferencing devices for hybrid work.
The latest Poly software update, Poly Video OS 4.0, delivers powerful experiences like AI-driven multi-camera mode that can keep multiple speakers in the frame for the most engaging remote collaboration experience. The Poly Video OS 4.0 is now available across the Poly Studio X Series of video bars and the Poly G7500 modular video conferencing system. The Poly Studio X70 is the first and only video bar for large rooms certified for Microsoft Teams, along with the Poly G7500. Additionally, the Poly Studio X Android-based video bars are available and certified for Google Meet.
Whether you’re taking a personal call, a conference call, or listening to your favorite playlist, the recently announcedPoly Voyager Free 60 Series of wireless earbuds provide an elevated pro-grade experience. HP is introducing an entry-level model – the Poly Voyager Free 60 – designed for use with mobile devices and comes with a standard charge case. The series includes three versions: the Poly Voyager Free 60, Poly Voyager Free 60 UC, and Poly Voyager 60+ UC. The Poly Voyager Free 60 UC and 60+ UC versions are now certified for Microsoft Teams and Zoom. All models are compatible with leading audio and video conferencing applications.
With nearly 70% of mouse users experiencing pain around the wrist, the HP 920/925 Ergonomic Vertical Mouse helps keep your hand in a more relaxed, natural upright position. The world’s most versatile ergonomic vertical wireless mouse, the HP 920/925 features a detachable wrist rest to make it just as useable on the go. Users can feel good about its recycled materials and plastic-free packaging.
When you want to be as connected to your peripherals on the road as you are at home, stay powered and productive with the HP 4K USB-C Multiport Hub. With an ultra-compact design, the multiport hub features four versatile USB-C® ports[xv] with multi-OS support – a 65W port to power laptops, two ports to connect and charge accessories, and another port to charge or connect to a 4K display with full functionality.
With DECT™ [xvi]considered one of the most reliable forms of mobile communications for retail and verticals[xvii], the Poly Rove 20 wireless DECT™ IP phone delivers the freedom to move and the flexibility to scale as companies grow. Built for on-site employees, the Poly Rove 20 is an entry-level single-cell DECT handset with robust and secure communications and connectivity with an extensive range. Equipped with up to 35 hours of battery life, it pairs easily with the Poly B1 Base Station to support concurrent calls and expand voice range. The Rove 20 handset is compatible with all Rove IP Phones, utilizing the latest standards in DECT™ wireless security so you can speak freely.
Part of the recently announced Poly Voyager Free 60 Series line-up of pro-grade wireless earbuds, HP is introducing an entry-level model designed for mobile devices with a standard charge case – the Poly Voyager Free 60.
Designed to reduce muscle activity by 12%, the HP 920/925 Ergonomic Vertical Mouse with detachable wrist rest is certified by the HP Human Factors team and US Ergonomics
Wherever you find yourself in the world, get a powerful connection anywhere with the HP 4K USB-C Multiport Hub.
Expanding the Boundaries for Remote PC Management
Hybrid work has made remote PC management at scale more complex, yet more essential. To address this challenge, HP is announcing HP Wolf Connect an IT management connectivity solution that provides a highly resilient and secure connection[ to remote PCs, enabling IT to manage devices even when powered down or offline. Using a cellular-based network, HP Wolf Connect’s robust connectivity helps ensure IT teams can readily manage a dispersed hybrid workforce. It can reduce the time and effort needed to resolve support tickets, secure data from loss or theft to mitigate a potential breach and optimize asset management.
HP Wolf Connect with HP Wolf’s Protect and Trace is the world’s first software service capable of locating, locking, and erasing a PC remotely, even when it’s turned off or disconnected from the Internet. This capability protects sensitive data on the move and helps lower IT costs by reducing the need for PC remediation or replacement.
HP Home Delivery Streamlines Hybrid Worker Setup
As IT teams now manage hybrid workers both at home and in the office, setting up employees with the right devices wherever they are in the world can be an unreliable, complicated, and inconvenient process.
As part of HP Logistics Services, the HP Home Delivery solution securely delivers HP commercial PCs, displays, and peripherals directly to employee residential addresses across the globe so hybrid workers can get their devices conveniently up and running right out of the box. Updates to HP Home Delivery enable more efficient ordering, tracking, and proof of delivery.
Pricing and Availability
The Poly Voyager Free 60 Series is available for pre-order on Poly.com, and expected to ship in late April. The Voyager Free 60 UC is available for €261, and the Poly Voyager Free 60+ UC is available for €307.
The HP Elite x360 830 G10 is available at hp.com for €1,320.
The HP EliteBook 830 G10, HP EliteBook 840 G10, and HP EliteBook 860 G10 are available at hp.com starting at €1,210.
The HP EliteBook 835 G10, HP EliteBook 845 G10, and HP EliteBook 865 G10 are expected to be available in May. Pricing will be made available closer to product availability.
The HP EliteBook 630 G10, HP EliteBook 640 G10, and HP EliteBook 650 G10 are available at hp.com starting at €990.
The HP ProBook 440 G10 and HP ProBook 450 G10 are available at hp.com starting at €935.
The HP ProBook 445 G10 and HP ProBook 455 G10 are available at hp.com starting at €825.
The ZBook Firefly G10 is available starting at €1,150 at hp.com.
The HP 920/925 Ergonomic Vertical Mouse is expected to be available in May for €139.99.
The HP 4K USB-C Multiport Hub is expected to be available in May for €79.99.
HP Ireland has today issued its latest quarterly HP Wolf Security Threat Insights Report, showing hackers are diversifying attack methods, including a surge in QR code phishing campaigns. By isolating threats on PCs and mobile devices that have evaded detection tools, HP Wolf Security has specific insight into the latest techniques being used by cybercriminals in the fast-changing cybercrime landscape. To date, HP Wolf Security customers have clicked on over 25 billion email attachments, web pages, and downloaded files with no reported breaches.
From February 2022, Microsoft began blocking macros in Office files by default, making it harder for attackers to run malicious code. Data collected by the HP Threat Research team shows that from Q2 2022, attackers have been diversifying their techniques to find new ways to breach devices and steal data. Based on data from millions of endpoints running HP Wolf Security, the research found:
The rise of QR scan scams: Since October 2022, HP has seen almost daily QR code “scan scam” campaigns. These scams trick users into scanning QR codes from their PCs using their mobile devices – potentially to take advantage of weaker phishing protection and detection on such devices. QR codes direct users to malicious websites asking for credit and debit card details. Examples in Q4 included phishing campaigns masquerading as parcel delivery companies seeking payment.
HP noted a 38% rise in malicious PDF attachments: Recent attacks use embedded images that link to encrypted malicious ZIP files, bypassing web gateway scanners. The PDF instructions contain a password that the user is tricked into entering to unpack a ZIP file, deploying QakBot or IcedID malware to gain unauthorised access to systems, which are used as beachheads to deploy ransomware.
42% of malware was delivered inside archive fileslike ZIP, RAR, and IMG: The popularity of archives has risen 20% since Q1 2022, as threat actors switch to scripts to run their payloads. This is compared to 38% of malware delivered through Office files such as Microsoft Word, Excel, and PowerPoint.
“We have seen a rise in scan scams, malvertising, archives and PDF malware recently, and we would encourage everyone to look out for emails and websites that ask to scan QR codes and give up sensitive data, as well as PDF files linking to password-protected archives. Being aware of the signs to watch out for is the first line of defense when it comes to detecting and eliminating any breaches, it ensures these threat actors don’t gain access to sensitive data and move throughout systems,” explains Val Gabriel, Managing Director of HP Ireland.
In Q4, HP also found 24 popular software projects imitated in malvertising campaigns used to infect PCs with eight malware families – compared to just two similar campaigns in the previous year. The attacks rely on users clicking on search engine advertisements, which lead to malicious websites that look almost identical to the real websites.
“While techniques evolve, threat actors still rely on social engineering to target users at the endpoint,” comments Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc.
“Organisations should deploy strong isolation to contain the most common attack vectors like email, web browsing and downloads. Combine this with credential protection solutions that warn or prevent users from entering sensitive details onto suspicious sites to greatly reduce the attack surface and improve an organisation’s security posture.”
HP Wolf Security runs risky tasks like opening email attachments, downloading files and clicking links in isolated, micro-virtual machines (micro-VMs) to protect users, capturing detailed traces of attempted infections. HP’s application isolation technology mitigates threats that might slip past other security tools and provides unique insights into novel intrusion techniques and threat actor behavior.
