Drive-by download attack is one of the most popular methods employed by hackers nowadays. What is it? How can you protect your organization from it? Keep reading to learn!
Malware attacks have been preserving their popularity amongst the hackers for a while. They are relatively easy to implement when targeting medium to small scale organizations, they can go unnoticed for a very long time and extract information from the target quietly. In order to implement malware (or sometimes ransomware) into the target’s device and/or network, drive-by cyber attacks have been being used very often. In this article, we will explain what a drive-by cyber attack is and how you can protect your organization.
What is a drive-by download attack?
Also known as drive-by, drive-by cyber attack and drive-by download, this type of cyber attack is related to triggering an unintended download of a software from the Internet. Often, two different definitions are associated with drive-by download:
Both definitions refer to the download of a malicious software. Due to the strategy employed by malicious attackers, the user may or may not be aware of the fact that they are downloading something from the Internet, yet regardless, the drive-by download manages to harm them.
How does drive-by download happen?
Drive-by downloads can happen when the user visits a specific, ill-intended website, clicks on a link, clicks on a button on a web page, clicks on a malicious pop-up or opens a suspicious e-mail attachment. Sometimes, the download window of drive-by attacks can look like an **error report from the computer’**s operating system and when the user clicks on approve, they consent the download of malicious software without being aware of what they are doing. In such cases, the hacker or cyber-criminal behind the drive-by attack may claim that the user gave their consent to downloading and installing the software.
The aim of a drive-by attack is to take advantage of the browser, app or operating system that has serious security vulnerabilities raised by either the lack of updates or failed updates. A drive-by attack aims to gain access to your device or network to accomplish one or more of the following:
How to protect yourself and your organization
If you want to avoid drive-by downloads,
Stateful packet inspection is also known as dynamic packet filtering and it aims to provide an additional layer of network security.Learn more