Cyber Security Blog

Cookies & Cybersecurity: What's the Connection?

Written by Rene Mulyandari | 26 August 2022

Browser ‘Cookies’ are a very important tool on the internet today. Their emergence dates back to 1994 and discussions around Cookie Consent are more than a decade old now. However, even today, many avid internet users do not understand why they are used and when they should be enabling Cookies and when they should definitely not be accepting them.  

In this guest blog, we discuss all about Cookies and their connection to internet safety and data privacy. 

A thorough understanding of Cookies and GDPR Cookie Consent is essential to making sure you use them the right way. By ensuring that you’re using Cookies correctly, you can make a huge difference to the safety of your sensitive data and confidential information.

On the other hand, recklessly enabling Cookies can have the exact opposite impact. You could be risking how your sensitive information is stored and shared if you accept Cookies on every site you browse.   

When you visit a site, you will usually find a pop-up message containing an agreement to use Cookies on that website. Technically speaking the technology is supposed to make your online browsing experience on the site better. For example, the site will remember your username, password, and activity preferences that you generally do on the website.

Basically, the website will always remember who you are so you won’t have to enter certain information again and again every time. 

But what exactly are Cookies and how do they work? The next few sections will answer all your questions. 

 

What Are Browser Cookies? 

Cookies are small files that are placed on a user's computer when they visit a website. Basically, Cookies are created so that the website can find out what activity the user has done in the past.

For example, Cookies allow a site to track the buttons or pages that have been opened by the user in a previous session. Cookies may also store information such as name, email address, and home or work address. 

This will be recorded if you have entered this information on a website. And, there is often confusion between Cookies and cache.

The main difference between the two is that cache only stores data online for the purpose of speeding up access to the browser or application. Meanwhile, Cookies store information about the activities you do on a website so that the site can display content that suits you.

Cookies are often seen as harmful because there's speculation that one of the methods that malicious cyber criminals use to obtain personal data is through them. As a preventive measure, you can hide your IP address. The natural next question is - how to hide my IP address?. By using a VPN. But remember, always use reputable services so you can always have the best possible protection.

Functions of Cookies

The presence of Cookies will make your experience in browsing websites or applications more comfortable. The reason is that this technology offers a variety of advantages that can benefit users and site owners. 

Here are some of the functions: 

  1. Save login information: First of all, one of the main functions of Cookies on websites is to store user login information. This is quite important, especially to improve the user experience on the website. 
    With Cookies, users do not need to write username and password repeatedly when visiting the same website. 
  1. Provide personalised content and references: Cookies are a technology on the site that is able to provide content and references to users. For example, Cookies will remember the type of content you have often seen and will then recommend similar content to you. This is supposed to improve your user experience and enhance the engagement with the site. 
  1. Remembering site settings: Cookies are a technology that can remember site settings after being modified by users. For example, it will remember language preferences, colour modes, and resolutions selected by users on the site.

    So, later, when the user accesses the website again, it will automatically provide the settings according to the previous choice, thereby keeping the user experience seamless and enjoyable. 
  1. Enabling targetted marketing: Finally, Cookies are a technology that can drive the marketing needs of site owners. Most companies, in particular e-commerce sites, tend to use Cookies to target products to their customers. Very often, your preference data could be used for incentive marketing purposes. 

    Information such as search terms, keywords, and geographic locations are collected for their marketing campaigns. In fact, social networking sites like Facebook use Cookies to serve ads that are relevant to each user's needs.

Types of Cookies

There are three types of Cookies that are most commonly used today. These are:

  1. Session Cookies: This means the Cookies will be deleted after you close a site. Session Cookies do not collect information from the device you are using. 
  1. Persistent Cookies: In contrast to the previous type, this one is a Cookie that is stored on the hard drive permanently until you delete it manually. Persistent Cookies are used to find out things like user behaviour or preferences on certain sites. An easy example is the use of language, the theme used, and so on. 
  1. Third-party Cookies: The next type is third-party Cookies, which means that a third party places Cookies on a site for a specific purpose. This means the Cookies are being created by a site you are not even browsing. Usually, this is for advertising purposes. With these Cookies, don't be surprised if you often see ads that match your search on search sites or online shopping sites. Third-party cookies present the highest cybersecurity risks. Several cyber attacks, and even ransomware attacks, are often the result of exploiting third-party cookies. 

Should You Erase Cookies? 

Cookies on their own are not a serious security threat as such. However, it is important to understand that the information stored in Cookies can be easily hijacked and lead to serious consequences. 

For users, using Cookies safely and smartly should be one of the most important security measures undertaken on a regular basis. One must always use an updated browser and also frequently delete Cookies where required. It’s certainly a good idea to block third party Cookies as this presents the most significant security risk. 

Businesses should also provide cybersecurity training to their staff about using Cookies wisely and thereby protecting the business’ systems networks against serious cyber threats. Using a VPN and removing Cookies on a regular basis is a great way to stay safer online, while enjoying a good browser experience.