Hacking has long been thought of as a sort of black magic whose incantations are made using keyboards . That is , until 2016 , when the John Podesta email hack made big enough news that hackers ’ dirty secret got out : many breaches have less to do with coding skills and much more to do with classic trickery , albeit in digital form . Web users simply get duped Attack.Phishing into entering their username and passwords onto fake websites . With that information , it doesn ’ t take any special cleverness to hack a system . The attacker has the keys . The chief tool hackers use to lure Attack.Phishing unsuspecting people to these phony websites is email . When the victim works at a company of some kind , those credentials might provide cyber-criminals with access to more than just email . The same credentials might also provide access to intranets , servers and sensitive data . Executives are looking hard for ways to protect their operations today without cramping employee productivity . One method many might be looking at is virtual machines , workspaces that run software on the cloud but looks to the user just like a normal desktop . As counter-measures go , muckraking news outlet The Intercept has sung its praises . As it happens , Amazon Web Services announced a new offer on its blog Thursday—40 hours of virtual machinery free to users and companies that might want to try it out . Windows 7 and Windows 10 experiences are available . Working inside a window into the cloud protects physical devices from evil code a user might get tricked into initializing . Called WorkSpaces , it can give staff access to all of a company ’ s data and tools from anywhere . If an employee is working from home and gets hit Attack.Ransom by ransomware , it encrypts everything on the hard drive and demands payment Attack.Ransom in bitcoin to set data free . If the ransomware got run on the employee ’ s actual machine , all the music , photos and personal documents stored there would be locked up too . On a virtual machine , though , only the virtual device gets hit . All that personal data stays safe . If a user clicks on a link in a malicious email and accepts a prompt to enter their user name and password on a phony website , there is nothing about a virtual machine that will prevent that information from getting lost . That ’ s why it ’ s good for companies to have more robust sign-ons , such as using two-factor authentication . More sophisticated hackers might try to get specific credentials for high level employees in order to impersonate them digitally . For example , an attacker could send Attack.Phishing an email from an executive ’ s email address , Jakobsson explained , directing bookkeepers to wire money to a specific account for phony services , Jakobsson explained . The FBI has estimated that such scams have cost companies $ 5 billion over the last few years . A virtual machine can ’ t prevent that trick . Carbon Black delivers security services over the crowd , spotting attacks and detecting intruders . “ The majority of leading cybersecurity researchers are not yet ready to give all the power to the machines just yet , ” Rick McElroy , a security strategist there wrote the Observer , via a spokesperson . “ User awareness and education continue to major best practices when it comes to defending against phishing attacks Attack.Phishing . Computers will help , but not yet replace , human decision making. ” Desktop-as-a-service systems like WorkSpaces can turn clunky computers into lean , mean , totally updated machines . They might even be digital Sir Lancelot ’ s , protecting companies ’ IT castles well , but one knight won ’ t be enough—firms will still need a full roundtable .