A Quick Start Guide to Sandboxes for Securing Your PC in 2021
Imagine the following scenario; you download a pdf file you received from an unknown source in your email. You open the file and see some gibberish that doesn't make much sense. When you try and start your PC the next day, you find out that it isn't booting or is working really slow.
If this has ever happened to you, you know what it is like to be infected with a virus or a malware. But if you had a software called a Sandbox, you could have totally avoided that malware attack!
In this article, we shall be exploring just this and how you can use a sandbox to stay safe on the internet. So, please allow me to explain to you what a Sandbox is.
Table of Contents
- What is a Sandbox?
- The Need for Sandboxes
- Quick Start to Your Very Own Sandbox!
- Not a Windows User? No Problem!
With the constant rise in malware activity, with almost a 57% increase in 2021 compared to 2020, everyone has to be more careful on the internet. This doesn't refer only to large companies or conglomerates but also to regular individuals like you and me.
According to various trusted sources, cybercrime costs will reach $10.5 trillion by the year 2025, and I sure wouldn't want to be part of that statistic.
This requires every user on the internet and using a computer to become increasingly careful while dealing with any files and applications.
A sandbox is an isolated environment where one can test apps, run programs, and execute files without the fear of having the entire system compromised in case of any software errors or third-party Malware.
In the absence of a sandbox, such malicious programs or processes could potentially have access to unlimited system resources as well as user data on the system or the network. This could lead to corruption, deletion, and even theft of such sensitive data or resources.
Image Source – techcommunity.microsoft.com
A sandbox is used by a variety of types of users; a software developer could use it to test new applications that they wrote; a cybersecurity analyst could use it to analyze suspicious applications that might be Malware; and a user could use it to safely access files received from unknown or suspicious sources.
Basically, what this means is that if you ever feel suspicious of a file that you downloaded off the internet, you simply have to open it in a sandbox first to find out whether it can cause harm to your computer or not.
With the constant rise in the rates of malware attacks and cybercrimes, it is necessary that everyone is more careful while browsing the internet and downloading content from unknown sources.
Image Source – nuspire.com
The simplest way to ensure the safety of such a file or content is to use a sandbox. Even professional cybersecurity analysts use a sandbox to analyze Malware and suspicious software. However, their use is more research-based and educational to find out how the Malware works. But I digress.
A sandbox is vital for one main reason. The isolation it provides to open a file or run an application without accessing important resources of your PC. This ensures that your PC remains safe in case the file or program turns out to be malicious.
While various other software can detect these threats, modern Malware has evolved and adapted to these. One key feature they've picked up is the use of obfuscation, meaning the attackers encrypt the code of the Malware to become undetectable by antimalware software.
Such encryption would require detailed reverse engineering to, for the lack of a better term, “de-obfuscate”. Or, you could simply run it in a sandbox and see how it behaves. Based on how it behaves with other files, we then decide whether it is a malware or not.
- System Requirements
- Enable the Windows Sandbox
- Accessing the Sandbox
- Using Files and Applications in Sandbox
- Handling Malware using the Sandbox
Like every other software, there are a variety of choices in the market for sandbox applications. You simply have to download and install the software to start using your own personal Sandbox; it is as simple as that.
But what good would this article be if I left you off with those vague instructions? So, let's jump right into it.
Like I said before, there are quite a lot of applications available to run your own Sandbox. However, I will be exploring Windows' own sandbox tool due to its ease of use and also because it is freely available.
Don't be upset; Mac and Linux users, I will also look at another sandbox tool that you can use, too, so read on.
While the Windows sandbox is not as advanced as many other tools in the market, I highly recommend giving it a shot if you are a beginner due to its simplicity and efficiency.
First things first. In order to use the Windows Sandbox, you need to be running the Windows 10 Pro, Enterprise, or Education OS with the Windows 10 May 2019 update or higher. If you are running an older version of Windows 10, get out from under your rock and install the latest updates.
Access the updates by going to Settings > Update & Security > Windows Updates and click on the Check for Updates button. Once the latest updates have been installed, you are all set to go.
The following requirement that you need to check is whether or not virtualization is enabled on your computer or not.
To check this, open the task manager by pressing Ctrl+Shift+Esc, go to the Performance tab and check whether virtualization is enabled or not. 99% of the time, this would be enabled on your system by default.
But if you are the 1% who has virtualization disabled, you can enable it by accessing BIOS setup.
Image Source – tutorialspoint.com
To do this, restart your computer and press the F2 key on start-up; this will open the BIOS setup. Now, press the right arrow key to access the navigate to the advanced tab and select virtualization. Once you set it to enabled, press the F10 key to save changes and reboot.
Now that we have enabled virtualization let's move on to the next step.
Before you can start using the Windows sandbox, you do actually need to enable it.
In order to do this, simply search for Windows Features in the search bar, and click on Turn Windows Features on or off. Now scroll down the list of options, find the Windows Sandbox option and check it. Click ok and restart your PC.
To open the Windows Sandbox, you simply have to search for Sandbox in the search bar, right-click on the Windows sandbox app, and run as administrator.
The windows Sandbox is a fresh Windows 10 install that only has the built-in Windows apps installed in it, such as OneDrive, Microsoft store, Edge, etc.
Now that you've finally setup the Windows sandbox, you can start using it to isolate files and programs to check whether they are safe to use or not.
You can download files and applications simply by downloading them using a web browser in the Sandbox such as Microsoft Edge. Go to the link for the download and simply download the content as you normally would.
But I always prefer the simpler method of interacting with the Windows sandbox. All you have to do is copy a file from your PC and paste it into the Sandbox. It is that easy.
It isn't just enough that you can open files and programs in a sandbox; the main reason we went through all that trouble to use the Sandbox is to test whether a file or application is Malware or not.
You can use the Sandbox as the point of impact for all Malware. Use your Sandbox to open a suspicious file you received from an unknown email, use a sandbox to visit a link that you might think is infected, and you definitely run programs from unknown sources in the Sandbox.
In case that any one of the above creates an issue or corruption to any files or applications within the Sandbox, you can be assured that it was Malware. Thankfully, only the Sandbox will be infected, leaving your PC safe.
Once the Sandbox is infected, simply close it. On reboot, it would restore to the original clean windows without any infections. You should also delete all instances of the malware application from your computer, which you may have downloaded.
Even though this can help filter out 99% of the Malware you come across, some out there work differently and don't immediately show any problem. To learn more about Malware, give our other article How Malware Works a read.
Most such Malware would be sent to you via email, which is a process known as Phishing. You can learn more about this in our article Phishing: The Great Guide to Protection.
To my reader who doesn't use a Windows OS or doesn't have the Pro or Enterprise version, fret not; I am not finished yet. Below I shall detail a few other sandbox tools that you can run on your system as well.
Image Source – giga.de
As a browser addon, the BitBox or Browser in the Box allows you to browse the internet in a sandboxed environment. It is available for both Firefox as well as Chrome and acts as the first point of impact for any malware.
Technically, the BitBox is simply a VirtualBox instance of the Linux OS and is designed specifically for web browsing.
You can set the BitBox to disable any unauthorized access to your webcam or microphone while constantly monitoring interactions with the host PC. It also gives you the option to tweak settings allowing download of certain trusted files.
Honestly, with the functionality available and its simplicity to use, BitBox is one of my favorite sandboxes in the market since it can run on virtually any OS with a Chrome or Firefox browser.
However, one issue that I came across while using this was its high RAM consumption, which I guess is to be expected. But on the off chance that you run this tool in a Chrome environment, I hope you do have a good PC setup.
Image Source – ghacks.net
The most popular Sandbox in Windows OS, supporting systems running Windows 7 and above. The main reason Sanboxie is another favorite on the list, it is its lightweight and the fact that it is open-source freeware.
You might argue that it has a paid version with more features, but hey, the freeware gets the job is done, which matters to me.
Sandboxie can even run applications already installed on your PC in the sandbox environment. To do this, simply go to Sandbox > Default Box > Run Sandboxed > Run Application Name.
Even though it is not as user-friendly as the previous two sandboxes on the list, it is pretty good and efficient as a replacement for the Windows Sandbox. I believe, if you pay for it, it becomes better with the additional features.
Image Source – comeausoftware.com
I know what you're thinking. "Hey, aren't virtual machines entirely different from sandboxes?" Well, you aren't wrong.
Virtual machines have their own drivers, files, and settings compared to the host machine, while a sandbox shares these with the host machine.
But in their essence, virtual machines are quite similar to sandboxes since they too provide an isolated environment to run applications and files. Anything happening inside a VM does not affect the host system that it runs on.
To begin using the VM, you simply have to download a virtualization software such as VirtualBox, download an image of an operating system of your liking, and install it on the virtualization software.
You can use this virtual OS to test any suspicious files and software to see whether they are safe to use.
The need for sandboxes keeps rising with the rise in the frequency of Malware. Sandboxes aren't just a requirement for professional or enterprise use; they are also quite valuable for regular users.
This article discussed the scope of sandboxes and why they are essential in today's world. We then explored a quick start guide for you to start using your own Sandbox and finally looked at a few different types of sandboxes.
I hope you enjoyed the article. If you did or have other suggestions about sandboxes, please let us know in the comments below!