Election Security Spotlight – Secure Web Browsing

What it is:

Secure web browsing involves the use of tools and techniques to protect users from cyberattacks, malware, or other cybersecurity vulnerabilities. Web browsers allow users to view sites on the internet by displaying images and text, executing code, rendering animations, and saving information. Malicious actors can leverage these functions to gain access to a user’s system. Major web browsers, such as Microsoft Edge, Mozilla Firefox, Apple Safari, and Google Chrome, are not always set up in a secure default configuration. Some common features of web browsers are:
  • Extensions are software programs that allow you to customize the browsing experience. These programs, built using website code, typically serve a single purpose, and vary widely. They include things like ad blockers and embedded video conferencing functionality.
  • Cookies are files placed on a system to store data for specific websites, often used to uniquely identify the computer visiting the website. Some viruses and malware disguise themselves as cookies or exploit cookie tracking capabilities.
  • Browser Cache is a temporary storage area in a computer’s memory or disk that saves information from a web page, allowing you to quickly re-visit a website without having to download the information again.
  • Private Browsing is a feature offered by web browsers that does not retain temporary browsing data, such as cookies. Some versions of private browsing offer tracking protection and disguise a user’s location. However, private browsing does not completely protect a user’s privacy, nor does it offer complete data security.
  • Password managers, which are incorporated into most modern browsers, save your login information for multiple websites. Password managers built into browsers, as opposed to third party options, are not recommended as a security best practice as they are not all programmed to store password information securely.
  • Automatic downloads can improve user experience by simplifying the process of
  • downloading something to your device, but can also serve as means for malicious actors
  • to quickly infect a system. These features can improve a user’s browsing experience, but they also offer malicious actors an opening to a user’s system if they are not sufficiently guarded, or if there are known vulnerabilities that are not patched.

Why it matters:

Failing to properly secure a browser could result in a malicious actor stealing information, encrypting or deleting files, or using the computer to attack other systems. Among other threats, vulnerabilities in a web browser can allow:
  • A malicious web page to drop malware or spyware into the browser,
  • Exploitation of features such as cookies to track users or otherwise compromise a system,
  • Theft of information tnsferred through a browser, such as banking information or sensitive voter information, and
  • Theft of private information that has been stored in a browser’s cache.
Extensions and toolbars can function as spyware, particularly if they are downloaded from non- reputable sources. Failing to keep extensions up-to-date, or to remove extensions that are no longer supported, can allow a malicious actor to gain access to a user’s information – similar to how a malicious actor can exploit other outdated software on a system. Many extensions do not update automatically when you update your browsers, and in many cases these programs are maintained by individuals who do not have regular maintenance schedules. Malicious actors seek to exploit these vulnerabilities.

What you can do:

Election officials should undertake an audit of their systems to understand what software is installed and how these programs interact with each other, as well as establish secure browsing guidelines outlining what features should be limited. Election officials should coordinate with IT officials to implement technical policies that enforce secure configurations including:
  • Disabling automatic downloads and requiring users to acknowledge a pop-up prompt before allowing a download.
  • Limiting or tracking which extensions are running in a browser, and ensuring they only come from trusted parties.
  • Exploring the use of a virtual machine (VM) or sandbox as a way to securely browse the web while reducing the risk of a system-wide compromise.
  • Some major web browsers have a sandbox – an area separated from the rest of the computer – that users can run while browsing the web to reduce the risk to the broader system.
  • Having employees use a Virtual Private Network (VPN) for privacy or encryption.
  • Implementing a patch management program to limit the chance of an exploit, as well as the principle of least privilege to reduce what a malicious actor is able to access.
  • Reminding users not to trust redirects or links as they can be shown as one thing, but the code itself can redirect to an entirely different website or document.

Spotlights provide election officials with an overview of common cybersecurity topics, and how they relate to election infrastructure security. Please reach out to [email protected] to request a topic.