As we near the end of 2018, cybersecurity remains a top priority and significant cause of concern for businesses everywhere. Data breaches continue to occur at an alarming rate (e.g., the recent Facebook breach that affected almost 50 million users). As of November 2, the Identity Theft Resource Center had identified 1,027 breaches in the U.S. this year, exposing approximately 57.7 million records.
Large and small businesses alike must continue to take proactive steps to fend off cybercriminals and reduce their data breach risk level going into 2019. One strategy that hackers use to get past IT security defenses involves drive-by downloads, which can allow malicious code to infiltrate a computer or mobile device without the user even clicking on anything or realizing they’ve been infected. Here’s an overview of the essential things every business leader should know about this type of IT security threat.
How Drive-by Downloads Work
When you think of downloading something, you probably imagine yourself deliberately clicking on links and prompts. However, a malicious website doesn’t need your approval to initiate a download. A drive-by download happens when you simply stop by/”drive by” a site and unintentionally download a virus or malware onto your computer or mobile device, according to McAfee.
These downloads typically exploit browsers, operating systems, or apps that have security flaws and/or are out-of-date. Unlike a phishing campaign or other hacking tricks, it doesn’t require the user to click on a suspicious link or file. The code is usually so small that you might not even notice it, McAfee explains. Once the code successfully downloads to your device, it will contact another computer and bring in more code to finish its job.
Additionally, this code can lie in wait on otherwise normal looking web pages, although it does help to avoid going to sites that seem suspicious (e.g., file-sharing sites).
Steps You Can Take to Stop Drive-by Downloads
Fortunately, there are steps you can take to lower your chances of experiencing a drive-by download, according to Kapersky Lab. Here are just a few ways you can avoid this type of cyberattack:
- Make sure your browser and OS are up-to-date.
- Avoid installing an excessive amount of plug-ins and programs.
- Use an ad blocker, since drive-by downloads often occur via online ads.
It also helps to have a content filtering solution in place. On top of limiting employees’ access to suspicious sites and boosting network protecting, content filtering can increase productivity.
If you’d like to know more about drive-by downloads or other types of cybersecurity threats and how to defend against them, our team of IT security experts can help. We work with a wide range of cybersecurity solutions from various vendors, which allows us to serve as a trusted advisor to clients seeking offerings that fit their specific business needs. Connect with us today by calling 877-599-3999 or emailing sales@stratospherenetworks.com.
