MPA Networks Logo

Malvertising: The Next Big Cyber Threat

July 16th, 2015 by admin

Two signs: 'Safety First' and 'www', against an ominous looking black web/network effect

We've spent plenty of time here talking about safeguarding your company against phishing and other forms of cyber-attack. As we've discussed, the first line of defense against phishing is to make sure your employees remain vigilant by avoiding email links and shady websites. But there's a bigger threat on the horizon for anyone who simply surfs the Internet. Hidden malware delivered via online ads, or malvertising, is rapidly spreading across the web—including the most trusted news and entertainment sites millions of us visit every day.

Via banners, pop-ups, and animated ads, cybercrooks can embed hidden lines of code that instruct a web browser to automatically retrieve and install malware programs from an unseen URL—literally a "drive-by download,” undetectable by most common anti-virus programs. Some malvertising scams entice viewers to click on an ad (most often pop-ups offering "software updates"). Others infect a computer simply by loading the page.

Successful malvertising immediately renders a computer susceptible to any of the following:

  • Outright theft (identity, financial, or data) or extortion via ransomware, such as CryptoWall or CryptoLocker, a high-encryption virus which can't be removed without paying off the crooks—usually in untraceable Bitcoin or wire transfer.
  • The computer can be hijacked into a botnet, a ring of "zombified" computers which are silently manipulated for criminal activities, such as repeatedly clicking on bogus pay-per-click ads, bilking websites out of artificially inflated profits.
  • The malvertising can leave behind a browser exploit kit, malicious code that constantly probes a computer for vulnerabilities within the browser as well as standard plug-ins including Adobe Flash Player, Java, and Microsoft Silverlight. When a weakness is found from the inside—as little as missing the latest security update—the door is open for even more lethal malware.

No Sheriff in Town

Most high-traffic websites outsource their advertising to third-party networks who sell space to advertisers—usually simply accepting ads from the highest bidder—and directly insert ad applets into a web page. You'd think these ad networks would bear the responsibility for screening ads against malvertising, but they're simply not responding fast enough. Like so much of the Internet world, the frenzied volume of online advertising grew much faster than anyone's ability to regulate it.

Everyone still assumes law enforcement can effectively police criminal activity in cyberspace… but there's literally no sheriff in town.

How Can You Protect Yourself?

There are a number of measures you can take right now to defend your company against malvertising:

  • Keep your anti-virus and anti-malware software up to date, and make sure the software continues to update on a regular basis. Some manufacturers update their software daily to combat new threats.
  • Use a Firewall with an activated subscription service for UTM (unified threat management). UTM is a service should provide at least two forms of protection:
  • Filtering out some viruses and malware as they attempt to pass through the Firewall into your office or home network (whether in an email or on a website).
  • Prohibiting you and/or your users from visiting sketchy websites—the kind a phishing email might direct you to, with or without your knowledge, in an attempt to infect your computer.
  • Regularly check your browsers for the latest security patches.
  • Modify your browser settings to prevent Flash and Java-based animated ads from running automatically, as well as to flag suspicious website content.
  • Create multiple user accounts for each computer, including a "web surfing" account without administrative rights to install or modify software, and to block malicious exploit kits. Some firms have all desktop accounts for their employees configured without administrative rights for this reason.
  • Consider installing anti-ad browser plug-ins restricting JavaScript, such as the free AdBlock Plus or NoScript for Firefox.
  • Consider signing up with a Managed Services Provider (MSP) for a Managed Services Program that supplies anti-virus, anti-malware, and security patching, keeps these systems up to date, and manages the process for success—so you can focus on actually using your technology.

To learn more about the dangers of malvertising and other emerging cyber threats, contact us.

Tags: Adobe, malware, managed IT services, phishing, ransomware, security threats, software updates, tips and tools

Posted in: Cyber and Data Security

Categories

Archives