The Browser is the Real Battleground for Businesses

Guest post by David Kinsella, Technical Director, Qualcom

Irish organisations are, by now, all too aware of the rising risk of cyberattacks. Yet despite growing investment in cybersecurity tools and services, many businesses are still overlooking one of the most exposed parts of their IT environment – the browser. The browser has quietly become the central hub of the modern workplace. Employees use it to access emerging tools such as cloud platforms and artificial intelligence (AI) assistants and, as a result, attackers have shifted their focus accordingly by exploiting these processes that may be new or unfamiliar to businesses.

Traditional security controls typically focus on targeting malware on physical devices. However, the growth of cloud services and solutions has arguably made hackers’ jobs easier by enabling them to achieve the same outcome – gaining access to an organisation’s data or systems – via internet-based attacks without the same technical hassle.

Until now, organisations have treated the browser as little more than a gateway to the internet. However, though the browser is now functioning more like an endpoint in its own right, most businesses still lack visibility of what might really be happening inside browser sessions. That blind spot is being actively exploited by attackers, who understand that if malicious activity mimics normal browsing behaviour, it is far less likely to be detected.

One of the clearest examples is ClickFix attacks, also known as “fake CAPTCHA” attacks. These are deceptively simple. A user is shown what appears to be a normal verification prompt in their browser and is guided through steps that involve copying and pasting commands. In reality, they are unwittingly installing malicious code onto their device. The user becomes part of the attack itself, reflecting a broader and more concerning trend. Attackers are no longer trying to force their way in. They are finding ways to be invited in.

Phishing remains one of the biggest cyber threats due to its rapid evolution. However, it is no longer confined to poorly written emails. Today’s sophisticated and convincing campaigns targeting workers are increasingly delivered across multiple channels including social media (particularly through LinkedIn), messaging platforms and, indeed, search engines. These trusted platforms are increasingly being weaponised by attackers and used as entry points.

Advanced phishing methods in the browser, such as Attacker-in-the-Middle attacks, raise the stakes further. These allow attackers to intercept login sessions in real time via fraudulent webpages and effectively bypass multi-factor authentication. Because of this, organisations can no longer rely on multi-factor authentication as a secure line of defence, as most forms can now be circumvented by phishing attacks.

Another growing challenge is device code phishing. This happens when users are tricked into authorising a malicious application on a legitimate webpage, often without entering a password at all. In doing so, they grant attackers access to business systems. These attacks succeed because they take place within trusted websites, making them difficult for users to detect. A related risk comes from malicious browser extensions such as adblockers or password storage tools, which add further complexity. While most extensions are designed to enhance productivity, fraudulent extensions steal credentials to provide attackers with deep access to browser activity and enable the deployment of malware onto devices.

Organisations must respond by recognising the browser as a critical part of their attack surface. That means investing in security to increase visibility and control at the browser level. It also means reassessing how employees interact with cloud services and the extensions that are being used by implementing strict usage policies. Security awareness training is key here as it’s unrealistic to expect users to be aware of all of the possible threats that they could face. Furthermore, with the proliferation of AI tools, it’s essential that stringent processes are in place regarding its deployment.

At Qualcom, we are seeing a steady rise in browser-based attacks and, in order to combat this growing risk, we recently partnered with browser security provider Push Security to boost defences for businesses. The browser is now where most work gets done. Increasingly, it is also where many breaches begin. For Irish organisations, ignoring this reality is no longer an option. Businesses increasingly need to see the browser as a key cyber battleground – or risk losing the war.

See more stories here.