‘Malvertising’ shoots up as an IT concern

You know a cyberthreat is bad when even Congress is taking time to look into it. And with the rise of malicious advertising – or malvertising – they’ve had good reason to take note. 

A congressional subcommittee recently heard testimony by experts on the dangers of malvertising. In the last year, this vector for malware has shot up over 200%, according to the non-profit Online Trust Alliance.

What makes this attack so concerning?

  • It affects trusted pages. It’s not just shady websites or the dark corners of the Internet that are affected by malicious ads. Well-respected companies such as Yahoo have been fooled into hosting these ads. That lets it slip by firewalls and other protection methods.
  • It doesn’t require user interaction. Telling users not to click on ads won’t be enough. Some ads are drive-bys, meaning that just by visiting a page with a malicious ad the malware can be downloaded to a user’s system automatically.
  • It’s hard to track down. Many companies and fronts will have a role in purchasing these ads. So even if they’re discovered, it’s hard to track down who is actually behind them.

Preventing malvertising from hitting you

So what can your company do to stay safe?

Well, you could wait for Congress to act and pass legislation to make sites safer. And wait. And wait. And wait.

And while users can still be infected without clicking on some ads, other ads do require users opening them for malware to spread. So training them to avoid opening ads even on trusted websites will provide some protection.

Other important steps:

  1. Keep browsers up-to-date. The latest versions of most browsers provide some protection from these attacks. Make sure users are running updated versions of Internet Explorer, Chrome, Firefox, etc.
  2. Update third-party apps. Vulnerable versions of third-party programs such as Java and Adobe products could allow for easier attacks. Make sure your users have the most recent versions of these products.
  3. Urge ad-blockers. Installing or having users install ad-blocking software can help. It avoids the ability for users to even see the ads – and the temptation for them to click on them.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy