The present invention relates to the field of cyber security. More specifically, the present disclosure describes a system which automatically validates file downloads, web pages, etc. utilizing file hashes and other cryptographic values.
It is common for organizations to make files available for download to end users. Sometimes these files are available through a website operated by an organization. Other times these files are available through third-party websites. For example, the United States Treasury makes numerous tax forms and publications available for download through its website. Similarly, technology companies often make software programs and updates available to their customers as downloadable files from the company's website. Other downloadable files, such as freeware, may be found at the given software developer's site, but may also be found on one or more repositories of freeware available on the Internet.
After downloading a file from a website, the user's web browser typically gives the user the option to either open the file or save the file to their local system. One skilled in the art may immediately recognize the inherent security risk—execution of a malicious file may corrupt a user's device.
As a security measure, a cryptographic hash of the file is often published on the organization's website, so that the user can verify the integrity of the file, after downloading it, by confirming that the actual hash of the file downloaded matches the hash published on the site. For instance, computer manufacturers such as Dell, Hewlett Packard, Apple, etc. make numerous updates, drivers, and other types of files available to their customers to download from their web sites. Near the links to download these files, these manufacturers typically publish cryptographic hashes corresponding to these files. These hashes are typically calculated using a hashing algorithm such as MD5, SHA1, SHA256, SHA512, or another standard hashing algorithm.
While this process is very effective for verifying the integrity of files, it is often not utilized. Many users do not understand the process and may not have the tools or the know-how to apply it. Even users that do understand how to apply the process may find it too cumbersome or inefficient and opt not to apply it. However, failure to apply this process can result in a costly outcome if the file has been tampered with by a malicious actor. Such outcomes do not only carry monetary cost but also pose threats to local and national security as well as potentially revealing sensitive personal information.
As noted above, the fact that users are typically given the option to open downloadable files directly from their hosted location is a security risk. Accordingly, there is a need for an automated cybersecurity system which utilizes file hashes and other cryptographic values to verify the integrity of a downloadable file prior to enabling a user to execute the file.