6 ways to protect your business from drive-by downloads
Mention anything to do with the term ‘drive-by’ and you’d be forgiven for thinking it was something out of an American gangsta (sic) movie, but the reality is it also has a very serious implication for your data security, says cyber security commentator Pete Roythorne.
Drive-by downloads are an increasing concern in the cybersecurity world, and they’re particularly dangerous because they’re so stealthy. As the name suggests, they automatically install software on end users’ computers without them knowing. This is usually done in one of two ways: either a person clicks on a link to a malicious website (encouraged by a carefully crafted email or from a pop-up that appears on a website they visit); or where they visit what looks like a legitimate website and malware is downloaded onto their computer unknowingly.
The problem is so serious that malicious links and web-based drive-by downloads reportedly account for somewhere in the region of 54% of security incidents. According to Dasient, a company that makes software to prevent web-based malware attacks, something like four million web pages, across half a million websites, are newly infected with malware every month.
The threat of malvertising
Malvertising is also a growing problem. This is even more pernicious than specifically constructed malicious website as would-be attackers inject code into display ads that are then unwittingly sent by legitimate advertising networks to high-profile websites. The ads then infect victims who do little more than visit the site.
As a case in point, in May of 2015, MadAdsMedia, a US-based advertising network was compromised by cybercriminals. They planted what looked legitimate ads that took visitors to websites that downloaded Adobe Flash exploits onto their machines. It’s estimated that up to 12,500 users per day may have been affected in this manner. More recently a malvertising campaign dubbed AdGholas is believed to have pulled in as many as one million victims per day during its year-long run.
The internet is a critical part of modern business and modern life, so infection by drive-by download can be a very serious concern for businesses. No matter how big your company is, your staff are going to browse the internet, and if they’re duped into visiting compromised sites you have a very serious problem.
But all is not lost, there are a number of different things you can do to protect your business and your data, and here are six tips to get you started.
- Spam filtering – Email is still the number one way in which malware is delivered and links to suspicious website are distributed. Cut this out and you’re on the right path.
- Web protection – This is software that enables you to prevent users from visiting known malicious sites and trouble hotspots. While some may see this as a bit ‘Big Brother’, it greatly reduces your threat surface, your exposure to risk and therefore the chance of a malicious infection.
- Use multiple browsers – If there’s a known security flaw in a browser, instructing your users to switch to a different, untainted browser until the patch is issued means that productivity isn’t affected and security problems are averted.
- Patching – As most drive-by downloads rely on vulnerabilities in web browsers or their plugins, keeping your browsers up-to-date with the latest patches and only using trusted plugins is a critical method to mitigate a potential disaster.
- Restrict administrative access – By removing admin privileges from staff or machines where downloading software is not absolutely essential to workflow, you can prevent the majority of drive-by download threats from executing successfully.
- Make people aware of the problem – Security awareness training is one of the most effective weapons against drive-by downloads. Make people aware of the issue and what to look out for and you’ll have a substantial impact on your risk of infection.
The internet can be dangerous, but using simple methods like these can help you keep your data safe.