The Dangers of Browsing the Web

So browsing the web can actually be dangerous. I know, huh? So what are some of the risks there? There's something called a drive by download, which is basically a website that is infected with malware and when you visit it, it just basically drives by and hits you with malware immediately. There's also a related concept, something called Malvertising, which is when you're on a perfectly legitimate site and, you know there are lots of web ads that sort of run on the sides? That's usually not run by the site. It's run by say an advertising company they contract with and, if that gets infected, even though the site itself is legit, the advertising site is not. And should you click on that, that can attack you. There's another concept called search engine optimization or SEO poisoning. And with that is is trying to find popular topics - usually they'll use pictures - but the pictures are infected, sort of like a drive by download, but with a photograph file. It could be something like a famous celebrity. It can be something related to an issue in the news, something like that. You click on it, it attacks. Other things to look at here, where you're connecting. If, for example you connecting using an unsecured WiFi connection or what's called a rogue hot spot, the thing is the names of the networks you're connecting to can easily be faked. So something like Coffee Shop Free Internet, fake. Airport Free Internet, Bus Stop Free Internet, whatever it is, it's easy to fake those. Plus in general, if they're not encrypted in the first place, it's easier for someone nearby to sort of sneak in and what's called "sniff" your data. So they're sort of reading it as it's going back and forth. And another place to mention because we haven't had enough dangers of web browsing, of course. Social networks can be a real problem because you're sort of going with someone being who they claim to be as opposed to who they actually are.

 

It's an old joke, nobody knows you're a dog on the Internet. It's basically if you put up pictures of somebody else, you put enough of them to anyone who connects with you, you're going to appear to be that person. Scammers are well aware of this. So what should you do? First and foremost, keep all of your software as up to date as possible because anything bad is again trying to go through flaws in your software, which in most cases are not the most recent flaws. So if you've got it up to date, most attacks are just going to bounce off. Now another concept we've mentioned a few times now is application whitelisting. I mention it because it's very effective and that basically sets up your network so it's an invite only party as opposed to waiting for something bad to get in and then trying to get rid of it afterwards.

 

Also you can limit what's viewed on office computers. This used to be a bigger deal than it is now because it used to be people didn't have phones or they had phones with very limited data. It's not a bad idea to set this up and the company Forcepoint does it, and a few others, where they basically will limit what you can see and that's, that's a good thing. It both keeps people focused and it makes it less likely that malware is introduced onto your system. I mentioned the idea that communications going back and forth to the web can be unencrypted. There's a way to counter this. You may notice when you're looking at a webpage on the upper left there can be a little green blob with an "https" and a padlock. You see that more commonly now. That's a more secure version of the Internet and what that does is it basically encrypts the connection back and forth. The regular one is called http. I won't bother with the names. You've heard enough acronyms today. So a way to do this automatically; there's a free add on, which is called HTTPS Everywhere. Every browser has it. You can just take it, put it on the system. And what that does is you get the https, the secure version of every website that has it available. Plus Google a couple of years ago started making it a point to sort of de-emphasize sites that don't have the secure version, so more of them have it now, which is good. It's just a safer way to go back and forth. Also, when you're logging in remotely, don't hesitate to use virtual private networks or VPNs. We've discussed those a bit earlier. And again, when you're not actually using something, don't forget to log out because if anyone can access your systems when you're not physically there and you're still logged in, they're you. A related risk is web based social engineering.

 

This sounds like goofy stuff, but it does actually happen. This would mean something like fake LinkedIn or Facebook connections connecting to you - again not who they appear to be - and they're gleaning professional or personal information to use against you later when trying to attack your office; a voice phishing attack, pretext attack, spear phishing, whatever it is. They can use that to get a lot of the relevant information and make the other attacks sound more legitimate. And believe it or not, romance scams do exist. They can lead to blackmail. Think illicit affairs, sexting, pictures, compromising stuff like that. And it can be a threat, "well, we'll show this to your spouse if you don't give us x." Most people, ae human. They won't necessarily think in terms of protecting office assets versus the risk of being disclosed.

Web browsing risks include:

  • Drive-by downloads (a program that is automatically downloaded to your computer without your consent or even your knowledge)
  • Malvertising (online advertisements that incorporate or install malware)
  • SEO poisoning (also known as search poisoning, is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results)
  • Unsecured Wi-Fi connections and rogue hotspots
  • Social networks (sharing too much information)

Protective measures:

  • Keep software up-to-date
  • Application whitelisting
  • Limit what can be viewed on office computers
  • Use encryption, such as HTTPS
  • Use VPNs when logging in remotely
  • Don’t forget to log out