Hello! Welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.
Today’s discussion involves web browsing. Web browsing requires a web browser, which is defined by Oxford as “a computer program with a graphical user interface for displaying and navigating between web pages”. If you have ever heard the term “surfing the web” or navigating the web, that is another way of saying web browsing.
Web browsing allows the subject to view content all across the world wide web. Geographical boundaries are not tough to cross within cyberspace; content from other countries can be easily accessed if the subject knows the address of the international content they wish to view, or it can be searched for through a search engine.
A search engine, according to Oxford, is “a program that searches for and identifies items in a database that correspond to keywords or characters specified by the user, used especially for finding particular sites on the World Wide Web”. Search engines are used to locate specific content the person wishes to find, visit, or purchase.
Why the definition of search engines? Isn’t that the same thing as the browser? The short answer is no. The browser views the content, the search engine is something that the browser uses to FIND the content. The search engine runs on the browser. Let’s use Google for example, since it is widely known throughout the industry for the search engine capabilities.
Many of you have heard the term “Google it”. Well, there are two pieces here. Google has a web browser known as Google Chrome, and the Google search engine runs in it. You can use Google as a search engine on Mozilla Firefox as well (a different web browser), and there are many different web browsers out there and different search engines.
Now, depending on which web browser you use and what search engines you use, your web activity can be tracked by third party organizations. Have you ever searched for something, then all of a sudden you see advertisements related to that search on other web pages you visit? This is indicative of the browser, search engine (or both) tracking your activity. Some people like this feature, some do not. If you do not like your activity being tracked, look for browsers and search engines that do not track you.
Many people also use web browsers to do online shopping. Technology has made it easier to find otherwise tough-to-locate items that can be purchased at the click of a few mouse buttons or a few taps on the smart phone. This has made shopping for many extremely convenient, since long trips to stores are no longer required.
Do we remember what convenience has taken priority over within the technological arena? Security. Why is that relevant in this discussion? How many of you truly pay attention to the web sites you visit when making purchases? What do purchases require? They require personally identifiable information like names, addresses, bank account or credit card numbers, etc.
Think of that information for a moment. Would you hold up a sign with all of that information in the middle of a busy street so anyone or everyone could copy it down? If the site you are visiting is not a secure site, that is the equivalent of what you are doing.
Thinking that “it won’t happen to me, I’m only going to be on the site for a moment” is not the correct approach; unsecured sites can have malware droppers that will adversely impact your workstation, laptop, or smart device, they can have adware droppers that will create pop-up ads (impacting your ability to perform any timely functions), there are numerous logical hazards to browsing to unsecure sites.
This won’t necessarily happen every time you visit an unsecure site, but the risks outweigh any possible benefits. Browse the web securely; do your due diligence and find out if the sites you commonly visit are secure or not. If the URL (the website address displayed in the address bar of the browser) begins with HTTPS that is a good indicator that the site is secure.
Each secure site has some sort of indicator of the security that has been employed; typically, you can view this information by clicking a security icon to the left of the website address (typically indicated by a lock icon).
Does this mean every HTTPS website is secure and safe to browse? Well, no; threat actors have done a lot of work to trick even security professionals to browse to sites believed to be secure that were, in fact, not. HTTPS sites are, however, a much safer way to browse the web than HTTP sites. The acronym of HTTP is Hyper Text Transfer Protocol, and in HTTPS the S stands for Secure.
Knowing the acronym is helpful, but that is not as necessary as understanding the difference between secure and unsecure. The best way you can protect yourself when browsing the web is to understand where you are browsing. Secure web browsing will help protect you and your data.
We here at GuardSight thank you for taking the time to listen to this TomCast. Please share this if you believe it would be of assistance to anyone in your contact list, and please provide us some feedback in the comments so we can continue to improve. Thanks!