Internet browsers are the windows of software through which we view the online world- like Google Chrome or Mozilla Firefox; and the bad guys have learned to exploit them.
It’s no surprise that web-based threats have been on the rise over the past few years. From phishing sites to drive-by downloads, the dangers have never been more serious.
The Nature of a Web Browser
Like much of the Internet, browsers operate on a client/server model: the web client (fancy word for browser) runs on your system and contacts a server to request data or resources. The server responds by sending the requested info back to the web browser, which displays the results.
As browsers grow more sophisticated, they also blur the line between your local computer and the Internet—in essence, they can make your computer and the Internet function as a single computer system.
And that is precisely what hackers are counting on.
The Nature of Online Threats
In order to protect something, you must first understand the threat at hand. A good place to start is threat origination- where do breaches come from?
If we can find the hole they are slipping through, we just might be able to cover it up.
- Email attachment: 39.9%
- Email with malicious link: 37.4%
- Drive-By downloads: 16.6%
- Direct install: 3.6%
- Download by malware: 2.2%
- Others: 2.2%
Let’s take a closer look at each type of threat.
1. Email Attachment: 39.9%
Email attachments are still the number one cause of data breaches. As with web browsers, Email also works on a client/server model- a mail client communicates with its mail server to send and receive messages.
Malicious attachments are thus able to find their way onto your computer with ease, lying dormant until a user clicks.
How to Defend Against:
Antivirus software is designed to scan for, detect and remove malicious files from their host, and Sentry AntiVirus features industry-leading, proprietary technologies to protect against both known and unknown threats.
2. Email with Malicious Links: 37.4%
Once again, mail clients take center stage, albeit this time posing a different threat. Rather than containing malicious attachments, these emails contain links to malicious websites. These sites are built to spread malware or trick you into giving up sensitive information they can use against you, such as online banking info or your social security number.
It is important to understand the difference between the two types of email threats. Although the links are malicious, your computer doesn’t know it. Antivirus doesn’t help unless the user clicks on the link and is exposed to malware.
But that doesn’t mean we’re defenseless. In fact, the game has just been changed…
How to Defend Against:
Sentry Web Protection blocks malicious sites before they load by adding a proactive layer of security between the web browser and the computer. When a user clicks on a link, Sentry compares it to a database before granting or blocking access. Read more here.
Blocking the site prevents any code- malicious or otherwise- from loading, keeping threats at arm’s length.
3. Drive-By Downloads: 16.6%
These breaches occur when unwanted, malicious software is unknowingly installed alongside another program. An important statistic to take note of: threats #2 and #3 both require interaction with a web browser in order to infect.
That’s 54% of total online data breaches. Web Protection- don’t use the internet without it!
How to Defend Against:
Layered Security: Maximum Protection, Minimum Exposure
We’ve covered quite a bit, so let’s review:
- Email attachments account for almost 40% of data breaches. Because these files are already on your computer when you read your email, a strong antivirus engine is the best defense.
- Whether through a drive-by download or a malicious link in an email, Internet browsers are used in 54% of total data breaches.
- Sentry Web Protection proactively blocks access to malicious websites, stopping threats before they reach your system.
- Together, Sentry Antivirus and Sentry Web Protection provide multiple layers of protection against data breaches:
- Layer 1 blocks browser-based threats before they ever load.
- Layer 2 blocks any unauthorized download or file transfer.
- Layer 3 prevents a malicious file from executing.
- Layer 4 removes the malicious software.
Suffice to say, no matter how strong of an antivirus you use, it shouldn’t be the only layer of protection against modern threats. In fact, antivirus does not even protect against web-based threats; an additional layer of web protection is needed.
But no security model is complete without a final layer of disaster recovery— your backup system. For more on Sentry’s hybrid backup solution: