Updated: May 11, 2022
The browser is the gateway to the internet, and most of us spend several hours a day either surfing to consume content, working using web-based applications or for social media. But how secure is the browser?
In this article, we will cover:
Before we delve into the attacks and risks it is worth spending a little time demystifying a few common beliefs:
Browsers are not secured
Out of the box, your browser is not secured. Google, Apple, Microsoft, and Mozilla build their products to provide maximum browsing speed and convenience. The browser has evolved to support the development of web applications and with it, opened up many more risks exploited by hackers.
Browser Security Setting
Browser security settings are very limited and mostly focus on privacy. Some browsers, like Duck Duck Go and Brave, have even made it their main feature. Guaranteeing your privacy means that your activities are not being tracked. Your searches are not logged and identified, your personal information isn’t stored, and every website you visit drops a tracker on you. These features are dealing with your privacy to make it harder for advertisers to target you. What they do not do is keep you secure. You can still be phished, leak your personal or business data, or download a malicious file that can turn into a full-blown ransomware attack on your business or place of work.
That little padlock beside the URL
Another misconception we often hear is about SSL. SSL is that little lock you see in the browser’s address bar. The lock means that the site has an SSL certificate and that the traffic is encrypted. You would want to ensure all sites have this but this does not mean the site is legitimate and not used for malicious purposes.
Browser-based attacks can commonly be categorized as:
Drive-by Downloads — the attack could take many forms but most often the user is being tricked to visit a rouge website. This can be done through regular search results, search ads, referrals, affiliated sites or email. Once the user lands on the site a malicious code is being downloaded to the user’s computer without his knowledge.
Clickjacking — Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web page
Browser Redirection — once a user enters a certain address in the browser the server on the other end redirects the user to another address with a malicious site. In some cases, the original address and the malicious address are very similar in their appearance.
Phishing Attack — in this a website is set up to trick the user to provide his username and password for a specific account. Typically these malicious sites copy the log-in appearance of the legitimate sites (online banking, Office 365 login page, Gmail....). The unsuspecting user types his credentials which are now visible to the attacker who sits on the server-side. These credentials are then used to access banking, personal, medical, or business accounts by cybercriminals.
Magecart — the name “Magecart” refers to several hacker groups that employ online skimming techniques to steal personal data from websites—most commonly, customer details and credit card information on websites that accept online payments. Magecart groups have successfully breached well-known brands.
Browser password theft – anyone gaining access to the computer, can see the passwords stored in the browser. It is often a first step employed by hackers gaining access to a computer.
How to prevent web-based attacks?
The most effective attack prevention combines two elements: browsing best-practices, and a technology solution to detect and prevent threats humans are not able to recognize on time or at all.
Browsing best practices include:
Keep your browser up to date. Turn on automatic updates. Just in 2021 google patched 308 vulnerabilities some identified as critical.
Never save passwords in your browser. Use a password manager.
Minimize the number of plugins and add-ons you have. If you don’t use it, remove it.
Practice safe behaviour online - think before you click.
Check the browser’s address bar for typos or the wrong site address.
Only download files from official App stores and sites you trust.
Do not share details or fill forms on unsecured sites (no padlock)
While some of the above are easier to implement, attackers are very sophisticated and it is often hard to detect. Even security veterans will miss a malicious site when presented in the right context.
For these (and other) reasons we layer on a Browser Security solution.
How does a Browser Security solution reduce your risk?
A Browser Security solution is a small agent (extension or plug-in) that is installed in your browser and acts as a barrier between your device and the digital world. Think of it as the screen you have in your windows at home. You can see and hear everything on the outside, but the bugs can’t come in (pun intended!).
The agent is connected to a cybersecurity cloud that’s continuously being updated with the latest cyberattacks information from around the globe with machine learning engines that analyze and produce preventative insights. The agent sits quietly in your browser but is always one step ahead — preventing you from making a mistake.
The agent blocks users from accidentally downloading malware, visiting phishing and malicious sites, restricting access to certain sites, preventing employees from reusing passwords on different websites, and blocking the sharing of sensitive data by employees on the web. The solution is always on, protecting you anywhere you are accessing the web from.
How does it work?
Download protection — every file downloaded using the browser undergoes a threat emulation process. In this process, the file is automatically inspected in an isolated environment. The file is executed and analyzed for known indicators of threats and malicious behaviour.
Block Phishing sites — the technology inspects every site within the user’s browser analyzing the domain, text, visuals, and other anomalies and discrepancies. This all happens in nanoseconds as the page is being displayed on the browser. When the page is malicious a warning is shown and the user is blocked from entering her credentials and any other information (based on company policy).
Business passwords abuse — the Browser Security solution prevents your employees from using the same passwords time and time again, keeping your business secure.
Company policies — allows you to restrict access to certain websites deemed inappropriate based on various categories. This enforces a safe browsing experience and increases employee productivity.
Choosing the right solution for you:
Coverage for both known threats and zero-day (unknown) threats.
Cloud-based with global knowledge
Performance. When the verdict (safe/not-safe) takes too long your business productivity will be affected.
Coverage – a solution that will work on different browsers.
If you are interested in a demo or a free proof of concept, our experts are here to help.