These browsers, cybercriminals’ favorite targets, will be more vulnerable from now on.
An EI coronavirus month of programmers’ work carried forward. As a consequence, Google has announced that it will stop issuing updates for Chrome. And has halted the release of version 81 that is in its beta phase. Although the company assures that it will publish it when the COVID-19 crisis overcome. Microsoft will also stop updating Edge and Windows 10. Both companies say they will only stop updating non-essential options. Still, experts advise users to have extra tools to protect themselves from cyber-attacks.
The problem with computer security is that it improves when attackers advance. “Up to the cybercriminals don’t face a vulnerability, they will not start an attack. So, until this happens, programmers can’t work to patch that threat. Therefore, these months we will be just as unprotected or protected as ever. But with a possible slower advance when it comes to solving the attacks, “says José Luis Vázquez-Poletti. A professor in the Department of Computer Architecture and Automation at the University Complutense de Madrid (UCM). On some occasions, attackers discover a vulnerability, that is, a way to penetrate a browser.
“Behind the normal circumstances, few realize it. If they don’t sell vulnerability on the black market to hackers for taking advantage of. They report the incident to Google or Microsoft. And in a few hours, there is a security patch that blocks that hole.“ He adds Vazquez-Poletti.
The risks of infecting a computer when it does not have the latest update are higher. Phishing is one of the most used tools. Cybercriminals impersonate a company or a trusted person to collect confidential user information. “The most sought after are the keys to online banking, credit card or other service passwords,” warns Vázquez-Poletti. Malware (malicious software in Spanish) is another of the most common in browsers. These malicious codes infiltrate a system to steal or damage user data. “Ransomware in the recent past years that was very common. So, these cyberattacks can block the computer screen or encrypt essential files. And request a financial ransom in exchange for returning them, “Explains Eusebio Nieva. Technical director of Check Point in Spain and Portugal.
We are also not exempt from our computer being used to perform electronic currency mining or cryptojacking. Cybercriminals use users’ computers to generate digital currencies.
“To create the type of money to make them, a significant amount of energy is necessary. In this way, cybercriminals save themselves the costs generated by hundreds of thousands of computers connected to the network, “explains Nieva.
Hackers have to fulfill three factors for these cyber-attacks to be successful: stealth is essential. It has to be an attack from anonymity, where the user cannot identify who enters his computer. And cannot stop or report him. Effectiveness is another crucial factor: attackers try to achieve an end. On the right channel, using the proper means and investing the least resources. The reward is what every cybercriminal aspires to. “therefore, so many attacks on Microsoft & Google than on the Linux. The more users use an operating system or a browser; the more attackers will search for the keys to destabilize it. As there are fewer Linux users, it is not profitable for cybercriminals to find a way to penetrate for weeks or months to achieve few benefits, “says Nieva.