Tips to prevent drive-by download attack
Published on
26 Jul 2020
Published by
The Straits Times
Do not inadvertently download malicious code into your Internet-connected device when you visit or browse a website
Given that working remotely, usually from home, has become the new normal, most of us are online much of the time.
During your online foray, you may visit dozens of websites, browse through scores of Web pages and download a handful of text, image, audio or video files.
You may have visited legitimate websites and downloaded stuff only from highly recommended and supposedly secure Web pages.
However, without your knowledge and consent, malicious code may have attempted to automatically download itself to your device. If your device's security is weak, the download will be successful and you will become one more victim of the drive-by download (DBD) attack.
A DBD attack is the unintentional download of malicious code into your Internet-connected device, such as a computer or smartphone, when you visit or browse a website.
Singapore residents should be especially wary because the country has the third-highest number of DBD hits in the world after Iran and Russia, according to the recent Microsoft Security Endpoint Threat Report.
For the report, Microsoft culled data from various sources, including the eight trillion threat signals that it received and analysed every day in all of last year.
The other seven places in the top 10 worst-hit list were the United States, India, Vietnam, France, Ireland, Hong Kong and Taiwan - in that order.
Although the report tracked DBDs last year, the number of attacks would have escalated this year, given the surge of those working remotely. Singapore's DBD attacks were 138.5 per cent higher last year compared with in 2018.
Singapore is an attractive target due to its excellent financial standing.
"We usually see cyber criminals launch such attacks to steal financial information or intellectual property," says Ms Mary Jo Schrade, Microsoft's assistant general counsel of its digital crimes unit in Asia. "That is a key reason regional financial hubs such as Singapore and Hong Kong recorded the highest volume of such threats."
The DBD attack works because of weaknesses or vulnerabilities in three phases.
In the first phase, hackers scour the Web for the most popular websites, especially those with online gaming, music and video content. The hackers check for vulnerabilities - for instance, sites with sloppily written code that lack security protocols or are running on older versions of programming languages. Once such sites are identified, the hacker will inject them with an exploit kit or malicious DBD code.
In the second phase, innocent Web surfers who visit these websites and spend time browsing, clicking or downloading legitimate stuff are at risk. Sometimes, merely visiting an infected site will download a "cookie" or code that contains DBD malware. You will not know the DBD has been downloaded.
In the third phase, the DBD tries to install itself on your device. If your device has adequate antivirus and anti-malware protection, the DBD will not harm your computer or smartphone. If not, you are at risk of the DBD becoming a drive-by install or DBI. Once installed, your device is infected.
The crux of the issue is that the infected websites will not know they have been infected unless their security protocols are frequently checked and verified. And innocent Web surfers will not know their devices have been compromised unless the anti-malware software installed on their devices flags it. Corporate and government organisations should take note because attackers can infiltrate corporate intranets via the infected devices of employees working remotely.
Here are seven tips - listed in alphabetical order - to keep you safe from DBD attacks:
1. AWARENESS
The awareness that something like DBD exists is itself rare. So just being aware of how it works and what steps you can take to defend yourself and your loved ones are vital in keeping your browsing activities safe.
2. BE CAUTIOUS
As with all cyber-security measures, the best defence is caution. Do not take your security for granted. Avoid going to suspicious websites. Stick to the mainstream, well-established and trusted websites.
3. CLEAN UP
Delete unnecessary software and apps in your computer and smartphone. The more plug-ins you have, the more susceptible you are to infection. Keep only software that you trust and often use.
Use the "incognito" mode in Chrome or the "InPrivate" mode in Edge, so you do not need to clear browsing history. Your browser will not save cookies, temporary Internet files or your browsing history when you are in incognito mode, giving you some level of protection.
4. DEFENDER
If you use a Windows PC, keep its Microsoft Defender software updated and all patches current.
On your PC, go to Windows Security and ensure the following have green ticks: virus and threat protection, account protection, firewall and network protection, app and browser control, and device security.
5. END-POINT SECURITY
Invest in end-point security solutions, available from Trend Micro, Kaspersky, McAfee and other vendors. It is also a good idea to use an ad-blocker, as DBD attacks often use online advertisements to upload infections.
Also, auto-update your Web browser and operating system - DBD infections occur because operating systems are not current.
6. FIND ESSENTIAL SCRIPTS
Tech-savvy users can use script-blockers such as NoScript. You can add this to any browser.
A "script" is code that runs in the background to automate tasks such as uploading text, images or video on a Web page.
A "script-blocker" lets you disable all the scripts in a given Web page and then selectively enable individual scripts one by one, so you know which scripts are essential for the page to function.
7. GET A VPN
For businesses, equipping remote users with a secure virtual private network (VPN) is a must.
Most individual users do not use VPNs. Browsing websites via a VPN can almost ensure that your computer will not get infected because ending the VPN session after your work is done closes all pages instantly and it does not link your Web-browsing session to your computer.
• Raju Chellam is author of Organ Gold, published by the Straits Times Press, on the illegal trade in human organs on the Dark Web.
Source: The Straits Times © Singapore Press Holdings Limited. Reproduced with permission.
ALL views, content, information and/or materials expressed / presented by any third party apart from Council For Third Age, belong strictly to such third party. Any such third party views, content, information and/or materials provided herein are for convenience and/or general information purposes only. Council For Third Age shall not be responsible nor liable for any injury, loss or damage whatsoever arising directly or indirectly howsoever in connection with or as a result of any person accessing or acting on any such views, content, information and/or materials. Such third party views, content, information and/or materials do not imply and shall not be construed as a representation, warranty, endorsement and/or verification by Council For Third Age in respect of such views, content, information and/or materials.
