Google Chromebookx2122; devices could rightly be called a game-changer for education. These low-cost laptops are within financial reach for far more families than their more expensive competitors, a fact that proved crucial with the outbreak of the COVID-19 pandemic at the beginning of last year.
During that period, Google donated more than 4,000 Chromebook devices to California schools and the sale of the devices surged, outselling Macs for the first time. They made remote learning possible for thousands of students who otherwise could have been quarantined without connections to the classroom. According to Google, 40 million students and educators were using Chromebook computers for learning as of last year.
Momentum is unlikely to slow anytime soon, especially since the Chrome operating system will now be the first many students are exposed to. The respected technology blog TechRadar has even referred to 2021 as “the year of the Chromebook.”
As a cybersecurity company, we naturally wonder what widespread use of Chromebook devices means for the online security of the general public. The good news is Chromebook security is pretty good compared to other devices and operating systems. Some interesting features like frequent sandboxing, automatic updates and “verified boot” go a long way to improve Chromebook security.
There are several common user errors that put users, their personal information and their devices at risk. Many third-party security solutions are designed to account for exactly this type of behavior. Even strong security can’t prevent an account from being hacked if account credentials are stolen in a phishing attack, one of the most common causes of identity theft.
In 2020, phishing scams spiked by 510 percent between January and February alone. Scammers used the beginning of the pandemic to spoof sites like eBay, where in-demand goods were being bought and sold. In March, as lockdown went into full effect, attackers began targeting users of YouTube, HBO and Netflix at unprecedented rates.
In short, phishing scammers use current events to target vulnerable users, like those who are inexperienced, compulsive or still developing critical thinking skills – traits that apply to many school-aged children.
To combat phishing scams, it helps to have filters that can proactively alert users if there’s a high chance that a form field or website is likely to steal credentials. Security companies can do this by determining the likelihood a site isn’t what it seems based on its connection to other dishonest sites. This information, known as threat intelligence, can help proactively warn when a user may be headed for danger.
There are plenty of examples of bad apps and sketchy Chrome extensions being downloaded from the Google Play Store. They vary in their seriousness from annoying, like constantly pushing ads to young users, to serious, like serving banking Trojans that target users’ personal financial information.
The Chromebook sandboxing feature will defend against many of these so-called “malicious apps” from invading devices through things like popular mobile games, but some will likely find ways to avoid the feature.
In the same way that threat intelligence can help proactively determine if a site is likely to be a vehicle for phishing attacks, it can also help determine if an app is likely to be malware disguised as an app based on how closely its related to other malware on the web.
The internet is littered with unsafe websites that host viruses, malware, ransomware and other online threats. Some can slip spyware – malware that tracks a user’s online movements – onto devices without a user, especially an inexperienced internet user, noticing.
The Chromebook verified boot feature can help to disable these threats – if a user knows they’ve got one on their device. But many types of malware aren’t immediately obvious. They can operate in the background, perhaps collecting data on user’s habits or logging their keystrokes to try to steal passwords or other sensitive information.
Here again, warning users of threats in advance can make the difference between addressing an infection and avoiding one altogether. By providing advanced warning of a risky website or a suspect browser extension, a good antivirus solution can stop an infection before it happens. Think of it like maintaining a healthy immune system through diet and exercise to keep from coming down from the common cold.
It’s hard to be too cautious on the web, especially with users who are just starting to use it to study, learn and explore. There are security gaps in any operating system, so it helps to layer defenses against multiple types of threat.