Technically, viruses hide as executable files in software programs or other files. For Windows, the extension is exe. for executable files. The user would need to run the infected program or open the file for the virus to be able to deploy its malicious code. The way the Chrome OS is built, it does not support the running of exe. files without a simulator or additional software, which means that, even if a virus were to make its way onto a user’s machine, it would be unable to perform the tasks it was designed for and cause any harm to the system.
Does that mean a Chromebook can’t get viruses? No matter how secure a system is, there is always a chance that security processes can be bypassed somehow.Â
In this article, we will look at Chromebook’s security features and security risks so that users can protect their devices from potential threats.
Also read: How to disable efficiency mode in Chrome?
4 things a Chromebook is vulnerable to
Even though it might be more difficult for a Chromebook to get infected by viruses, attackers can target the device and OS in other ways.
Malicious browser extensions
There are several thousand browser extensions available for Chrome. Attackers may use browser extensions as a way to access a Chromebook. They can use several techniques like hiding malicious files or malware in extensions so that users unknowingly download them alongwith a legitimate extension. Attackers can also create spoofed extensions to trick users into downloading the fake one.
Fake Android apps
Along with native Google apps, the Chromebook also supports Android apps. Although it is safe to download Android apps from Google Play, some malicious apps can bypass Google Play’s security policies and make their way onto your machine. Like malicious browser extensions, android apps can hide dangerous files or programs within a legitimate-looking app, or attackers may spoof a legitimate app.
It is a good practice to thoroughly research any app before downloading it. Look for reviews and ratings, which the app is developed, read all terms and conditions before accepting them, and review all the permissions the app needs. Always download apps from the official Google Play store rather than clicking on a download link on a website or from third-party apps.
Unsecured websites
Unsecured websites are the ones that do not have the SSL certification and do not follow the HTTPS protocol for an encrypted connection. This means your data is at risk when browsing this website.
Such websites may have pop-ups and links to download malicious software, apps and extensions, and sometimes download these files without the user’s consent in a drive-by download attack.
Attackers also use websites to trick users into giving away sensitive personal information, especially when phishing emails redirect users to a spoofed login page of an otherwise trusted website like a bank or social media account.
Phishing emails
Even with Chromebook’s ‘defence in depth’ security features like sandboxing and verified reboot, one can fall prey to phishing scams no matter their device. Security measures can be put in place to flag suspicious emails as spam, but even then, some might bypass the security filters.
Once you click on a phishing email, you could either be tricked into downloading a malicious file or software or give away your personal information such as financial details and login credentials.
Also read: How to sign out of a Chromebook?
5 Chromebook security features
Chromebooks are marketed as secure machines because they use the principle of ‘defence in depth’. The devices come with multiple in-built layers of security so that even if one layer is bypassed, the others can still protect the system and the device.
Threat containment with sandboxing
Sandboxing is a term used in computer security that refers to running a program or opening a file in an isolated test environment. This ensures that if the program or file is corrupt or infected, it doesn’t spread to the rest of the system and software. Chromebook uses this principle wherein each web page and application run in an isolated sandbox environment.
If a user does happen to open a malicious webpage, it won’t spread to the other apps or tabs on the system.
Self-check and repair with reboots
With each start-up, the Chromebook performs a self-check called the verified reboot. During the reboot, if it detects that the system is corrupt or has discrepancies, it performs repairs and returns the Chromebook to a new operating system.
Quick and easy updates
OS and software often have vulnerabilities or other issues patched with each new update. If the apps and OS are not set to auto-update on your system, an attacker could take advantage of the security vulnerabilities to cause damage to your device.
Updates are automatically made in Chromebooks. This ensures that the system is working with the latest OS and that there isn’t an open window between two updates where an attacker can target a user’s system to exploit a vulnerability.
Data encryption
Google claims that Chromebook is equipped with tamper-resistant hardware to encrypt data stored on the computer like downloads, cookies and browser cache files. This ensures that it is difficult for anyone to access your files.
Recovery mode
You can access recovery mode if you suspect that your Chromebook has been infected or is compromised in any way. Recovery mode enables you to restore your Chromebook operating system to the last known version that wasn’t tampered with. Ensure your files and data are backed up before recovering your Chromebook OS.
Also read: How to exit full screen on Chromebook?
