Directive Blogs
Malvertising: Hackers are Paying For Ad Space on Popular Websites
A good business practices extreme caution when using the Internet, thanks to hackers using any means possible to unleash threats against organizations of all sizes. You teach your employees how to avoid threats and to avoid suspicious websites, but what if that’s not enough to keep hackers out of your network infrastructure?
Some businesses are finding it increasingly difficult to separate the bad from the good when it comes to online security. This is thanks to a number of new and emerging threats, with the latest one being “malvertising.” This potential threat focuses on using advertising space on websites to inject malicious code into unwary users. This malware often takes advantage of zero-day exploits (problems that haven’t been patched), which means that these threats are difficult to defend against, even under the best circumstances. Take, for instance, a threat described by ComputerWorld:
[...] the source of the infection was a malicious advertisement, one that was running on a mainstream news service! The news website sells ad space served up by an advertising company, which in turn sells that ad space to anybody willing to pay for it. In this case, the bad guys were paying for it. They signed up for ad space just like any other customer, but the advertisement they created — known as “malvertising” — exploited a zero-day (unpatched) vulnerability in Adobe Flash to run commands through the browser to the victim computers’ operating systems, without any knowledge or intervention by the end users.
While taking advantage of multiple avenues of cyber security can be an effective means to combat threats that can compromise your organization’s network, what happens when threats are capable of making themselves invisible to your efforts? This is essentially what happened in the above scenario. Because the malvertisement literally needed no user interaction whatsoever, it was capable of infiltrating the system without being detected, simply because any and all training that employees might have can simply be ignored. Something like this wouldn’t be blocked by a web content filtering system because it’s on a legitimate site.
Thankfully, with the latest cybersecurity tools at your disposal, we can identify and resolve problems like these relatively quickly, should they infiltrate your defenses and set up malware on your network. The important thing to remember about cyber threats is that they will almost always leave some sort of sign that they were there. Be it a virus or piece of malware that’s detected by a firewall, or a phishing email that’s blocked by a spam filter, you’ll know that you’re getting attacked. Even in cases where administrator credentials are used for remote access to your network, you can use your access logs to determine whether or not the account activity is legitimate or not.
Malvertising is a concerning trend to watch out for, to be sure, but in the face of powerful security solutions designed to take proactive measures against online threats, you can bet that it will have some significant difficulty running amok for your business. By taking full advantage of enterprise-level security solutions, your business can detect and eliminate threats in the most secure way possible. For more information, contact Directive at 607.433.2200.