These browsers, cybercriminals’ favorite targets, will be more vulnerable now.
An EI coronavirus month of programmers’ work carried forward. As a consequence, Google has announced that it will stop issuing updates for Chrome. And has halted the release of version 81, which is in its beta phase. However, the company assures it will publish when the COVID-19 crisis is overcome. Microsoft will also stop updating Edge and Windows 10. Both companies say they will only stop updating non-essential options. Still, experts advise users to have extra tools to protect themselves from cyber-attacks.
The problem with computer security is that it improves when attackers advance. “Up to the cybercriminals don’t face a vulnerability, they will not start an attack. So, until this happens, programmers can’t work to patch that threat. Therefore, we will be just as unprotected or protected these months as ever. But with a possible slower advance when it comes to solving the attacks, “says José Luis Vázquez-Poletti. A professor in the Department of Computer Architecture and Automation at the University Complutense de Madrid (UCM). Sometimes, attackers discover a vulnerability, that is, a way to penetrate a browser.
“Behind the normal circumstances, few realize it. Suppose they don’t sell vulnerability on the black market to hackers for taking advantage of it. They report the incident to Google or Microsoft. And in a few hours, there is a security patch that blocks that hole.“ He adds Vazquez-Poletti.
The risks of infecting a computer when it does not have the latest update are higher. Phishing is one of the most used tools. Cybercriminals impersonate a company or a trusted person to collect confidential user information. “The most sought after are the keys to online banking, credit card or other service passwords,” warns Vázquez-Poletti. Malware (malicious software in Spanish) is the most common in browsers. These malicious codes infiltrate a system to steal or damage user data. “Ransomware in the recent past years was widespread. So, these cyberattacks can block the computer screen or encrypt essential files. And request a financial ransom in exchange for returning them, “Explains Eusebio Nieva. Technical director of Check Point in Spain and Portugal.
We are also not exempt from using our computers to perform electronic currency mining or cryptojacking. Cybercriminals use users’ computers to generate digital currencies.
“To create the money to make them, a significant amount of energy is necessary. In this way, cybercriminals save themselves the costs generated by hundreds of thousands of computers connected to the network, “explains Nieva.
For these cyber-attacks to be successful, hackers must fulfill three factors: stealth is essential. It has to be an attack from anonymity, where the user cannot identify who enters his computer. And cannot stop or report him. Effectiveness is another crucial factor: attackers try to achieve an end. On the right channel, using the proper means and investing the least resources. The reward is what every cybercriminal aspires to. “therefore, there are more attacks on Microsoft & Google than on Linux. The more users use an operating system or a browser, the more attackers will search for the keys to destabilize it. As there are fewer Linux users, it is not profitable for cybercriminals to find a way to penetrate for weeks or months to achieve few benefits, “says Nieva.