FBI Portland
Beth Anne Steele
(503) 460-8099
March 10, 2020

Oregon FBI Tech Tuesday: Building a Digital Defense with Browsers

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence.

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices.

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense with browsers.

Using web browsers and apps are essential for research and communications in any organization, but they could also be openings through which bad actors may intrude into your systems.

Web browsers are how your devices access the Internet. They are, by nature, open to the world through contact with other machines connected to the Internet. Because of this, they’re a natural place for hackers to try to break into your networks.

The default settings for browsers can leave you vulnerable, and each browser has differing levels of privacy and security built into their systems. Spend some time researching browsers to figure out which browser offers the privacy and security your staff is looking for.

Once you’ve chosen a browser, you can maximize your privacy and security by adjusting the default setting as follows:

  • Disable autofill, remembering passwords, and browsing histories.
  • Do not accept cookies from third parties.
  • Clear all forms of browser history when closing the browser.
  • Block ad tracking.
  • Enable ‘do not track’ requests to be sent to websites.
  • Disable browser data collection.
  • When certificates are requested, ensure the browser requests your permission to provide them.
  • Disable cache (or storing) of web pages or other content, or set the cache size to zero.
  • Enable browser capabilities to block malicious, deceptive, or dangerous content.

Some browsers support add-ons or plug-ins, which can handle some of these functions even better than the browser itself. There are many add-ons available that warn about malicious sites and content, block collection of certain information, and clear your browser of cookies. Before installing add-ons, though, do some research to check for any negative reports about the add-ons’ performance.

It’s critical that you keep your browsers as up to date as possible. Routinely look for and install the latest patches available. Also, make sure the browsers themselves are owned by reputable companies, preferably in the U.S. Other countries may have different laws about what browser companies must provide to foreign governments, which means your information on a foreign-owned app or browser may have less legal protection than it would in the United States.

These tips won’t protect your campaign against every kind of cyber attack, but they will make your organization a less attractive target for attackers.

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information.