Google Chrome is the most widely used web browser on the market by a landslide, so bugs and other vulnerabilities can spell disaster if an attempted hack is successful. Recent reports that multiple bugs in the Chrome code were being actively exploited have raised flags about the risks associated with potential zero-day attacks.
As an IT admin, you should be aware of what implications the exploited vulnerability has for Chrome users in your company as well as what cybersecurity measures you can take to avoid disastrous consequences.
What is a zero-day attack?
A zero-day attack is a type of malware attack in which hackers identify a vulnerability in a piece of software before developers can release a patch update to address the issue. Then, the hacker can deploy malicious code by exploiting that vulnerability and wreak havoc on an end user’s computer, or more alarmingly, a broader business network.
It can often take developers months or even years to identify a vulnerability that has been exploited by a zero-day attack. Hackers can use the flaw in the code as an entry point to gain access to a company’s database, customer records, financial documents, and other sensitive systems and information for a considerable amount of time before the company realizes there’s been a breach. They are able to disguise their illicit activities and remain undetected until the software developers are able to recognize what’s happening and deploy a solution to fix the problem, at which point the hackers could have already inflicted significant damage.
Related: Types of DDoS Attacks
What happened with Google Chrome
A vulnerability in the Google Chrome web browser was reported by an anonymous user on March 9th, 2021. The source of the bug lies in Blink, a browser engine that translates a website’s HTML content into a dynamic user interface. Google released a Chrome update on March 12, 2021, and reported that it was aware of an active exploit of the bug in the wild, but didn’t provide any further information.
This is the third major event involving a zero-day vulnerability in Google Chrome since the beginning of the year. Google claims that more specific details will come as the majority of users update their browsers, according to the release notes of this update.
Implications for your business
Any software vulnerability poses a risk to your company’s infrastructure and data, regardless of the source or severity. However, Google Chrome’s large scale deployment means this attack has likely impacted more users than zero-day vulnerabilities in most other software applications.
Most web browser exploitations involve hackers casting a wide surveillance net and identifying individual users to target for further malicious activity. For example, a remote attacker might use the Google Chrome vulnerability to trick a user into visiting a seemingly innocent website that has been specially crafted for nefarious purposes. From there, the attacker can launch a Trojan, virus, ransomware, or other type of malware and bring all business operations to a screeching halt.
As evidenced by the recent history of Chrome updates, Google has a habit of only fixing these kinds of issues on the surface rather than addressing the root cause of the issue and actively resolving similar vulnerabilities before they become a problem. With this in mind, it’s possible that a similar attack will happen again in the near future, so you should ensure that you have measures in place to keep your systems protected.
What you should do next
Risks of this attack could linger if users don’t take appropriate action. First and foremost, you should ensure the Chrome app is up-to-date for everyone in your company by having each user follow these instructions. This will confirm that the relevant patches for this vulnerability have been deployed across all of the devices that use Chrome to access your business systems.
Second, consider reviewing your security policies on a company level to remind internal teams of what steps to take when faced with a suspected malware attempt. Your company’s employees are the largest line of defense against malicious attacks, and equipping them with the right information can go a long way toward preventing a breach. Remind them about cybersecurity best practices, including how often they should update their passwords, how to identify suspicious behavior, and who they should alert if they accidentally click something they shouldn’t have.
Finally, a strong malware detection platform will help you keep your business critical systems secured, even if one of your endpoints becomes compromised as a result of this attack. The measures above are by no means fool-proof, so you should have security measures in place to detect any malware that slips past your frontlines. Consider reviewing the systems you currently have in place and comparing them to our roundup of the Best Intrusion Detection and Prevention Systems.