The Increasingly Risky Web

by | Apr 28, 2021 | Cyber Security, Data Security, IT Managed Services, IT security, IT Support, Malware, Managed IT Services, Network Security, ransomware, Uncategorized

web security

The internet is an essential tool for any business. It’s used for marketing, social media, cloud services, storage and for accessing information. However, it is such a risky place. An employee could be visiting a valid website and still accidentally open up your business to trouble–such as ransomware, data breaches, malware, even confidential information leaks. It’s important for your business to have strong internet security in place. Are your employees accessing the internet safely? Are you mitigating these risks the best you can?

To best protect your business, it’s best you fully understand the internet dangers out there. With the help from our Email Security Partner, Mimecast, here is some information that should shed some light on how dangerous the internet can be:

There is Lots of Potentially Dangerous Content

When a user accesses even a single web page, there is typically a large amount of potentially malicious content that is downloaded to their desktop/laptop or mobile device. For example, as discovered by the HTTP Archive as of June 1, 2020, each internet page request results in a median of:

    • 1.8 megabytes (mobile) to 1.9 megabytes (desktop) of content.
    • Seventy resource requests.
    • Fourteen to 15 TCP connections.
    • Four vulnerable JavaScript libraries.

This means that every visit to a web page represents the potential for malicious content to find its way into the corporate network. The problem has been exacerbated dramatically by the work-from-home phenomenon that begin in the first quarter of 2020, since tens of millions of workers are now working from their home PCs, using often-vulnerable routers, with significantly less security infrastructure available than they had while working in an office environment.

Some Users Are Careless

Adding to the problem of users downloading such large quantities of content from the internet during the course of their work are the risky behaviors that many users perform. For example, many are not adequately trained about potentially dangerous behavior, such as downloading non-IT approved content from the internet or using consumer-focused websites like Facebook or gambling sites. Many users will click on links on various websites or on web advertisements, such as those that prompt them to download a software update, without thinking about the risks of doing so. Many users will log into non-secure Wi-Fi networks using their work computers, such as those in coffee shops, hotels or restaurants, potentially exposing the entire corporate network to damaging threats that can infiltrate through their internet browser when they access corporate resources.

What Could Go Wrong?

A variety of problems can result from internet browsing, even when employees access “good” sites:

    • Users will sometimes visit non-business-oriented websites and can accidentally or intentionally download dangerous content. For example, a scientist working for NASA has been accused of downloading child abuse images onto his computer in 2018, and in October 2018 the US Office of Inspector General reported that a single employee of the US Geological Survey had visited 9,000 pages of pornography websites. The images in the latter case were routed through Russian websites that contained malware, thereby infecting the employee’s computer and Android mobile phone.
    • It’s relatively easy for users to be directed to malicious websites or malicious pages on otherwise valid sites, which can result in a malware infection, client-side scripting and other serious problems. One firm estimates that at any given time there are roughly 18-19 million websites infected with some type of malware – about one percent of the total. A drive-by attack can occur in as little as half a second after a user visits a malicious page or site.
    • The poisoning of search engine results is a common technique for distributing malicious content. Cybercriminals use search engine optimization (SEO) techniques to have malicious content appear prominently in search results. One example was the use of keywords that were used in the 2018 US mid-term elections. In this case, more than 10,000 websites (mostly WordPress sites) were hacked to promote more than 15,000 different keywords.
    • Browsers will store login credentials from the websites that users visit. For example, some malware can be disguised as trusted software, such as those pretending to be updates to Adobe Flash. However, they are not from trusted sources and can serve up malware quite easily. One such fake Adobe Flash update installed a valid update of the Flash player – and cryptocurrency mining malware.
    • Malvertising is a huge issue. Many advertisements that appear on websites can deliver malicious content. One such campaign had compromised more than 10,000 WordPress sites and was generating about 40,000 attempted infections per week.
    • Most web browsers use autofill to improve the user experience, but this information can be captured by malicious actors to enable them to access login credentials, credit card information and other sensitive information.
    • Shadow IT, as noted earlier, has been a problem for IT and security functions for many years, but has become a much more serious problem because of the new work-from-home paradigm. Users employing untested and unproven applications is a common problem for organizations of all sizes, and is generally caused by employees trying to be more efficient and productive. However, when Shadow IT applications are accessing corporate network and data resources, they can introduce malware, cause data breaches, create data residency problems, and create other problems that can have serious repercussions. For example, the overall security posture of an organization can be put a risk by employees who reuse corporate passwords in their Shadow IT accounts, particularly if the app is not secure or experiences some type of data breach.
    • Other problems include the fact that geolocation data can be captured and analyzed, cookies can be captured and analyzed, and browser history can be captured and used to tailor phishing and/or spearphishing attacks.

Protect Your Business from the Internet

We all need the internet in order for our businesses to be productive. There’s no way around it. But if you can ensure that your employees are accessing it safely, your company will be that better protected. To help provide our customers with the very best internet security, Great Lakes Computer Corporation has partnered with Mimecast (a cybersecurity provider that helps companies worldwide make email safer and stand strong in the face of cyberattacks and human error). We have several layers of protection we can provide. Click below to learn more!