Deadly ransomware and zero-hour exploits have been making headlines over the past few months. But while you've been wringing your hands over protecting your clients' files, cyber criminals have been building out attacks on one of the fast-growing malware platforms: malvertising. According to security firm RiskIQ, malicious ads have increased by 260% in the first half of this year compared to the same timeframe in 2014.
What Is Malvertising?
Malvertising is a form of malicious code that distributes malware through online advertising. The code can be hidden within an ad creative, such as a swf file, embedded on the web page itself, or bundled with software downloads. Malvertising can be displayed on any website, even those considered the most trustworthy. Gone are the days when your clients could simply avoid P2P and pornography sites and stay safe. Malvertising is everywhere, from YouTube to Reuters to Yahoo!
How Does It Infect Users?
One of two ways. Some forms of malvertising utilize classic social engineering tactics in order to persuade users into infecting themselves without knowing. A pop-up might appear telling users they are infected and need to download software to prevent it—only to actually install the malware. Or malicious ads tailored to user browsing habits will entice them to click and then deliver the payload.
The second, and more frightening, technique is the "drive-by download." Just loading the web page that contains the malicious ad results in infection. Most users won't even realize it's happening. No amount of safe browsing habits will save you and your end users.
Why Is Malvertising Scary?
Malvertising represents a huge threat not only because of the size of the campaigns, but also the ease of deployment. Attacks are now happening at "Internet scale" with massive reach. Most recently, Malwarebytes discovered a colossal malvertising campaign targeting Yahoo!, which receives nearly seven billion visits each month. In addition, attacks are easy to get away with because of a decentralized adspace online, which makes them difficult to flag—and especially effective.
Small business owners should be aware of the potential fallout from a malvertising attack. Computers may be susceptible to the following:
- Identity, financial, or data theft, as well as extortion via ransomware
- Computers that can be hijacked into a botnet and manipulated into being used for criminal activities
- Exploit kits delivering even more lethal malware that can render machines and servers useless
How to Protect Your Clients
There are several steps you can take to protect your end users and their businesses from malvertising. Check browsers regularly for the latest security patches, and modify their browser settings to block Flash and Java ads from running automatically. Use a firewall with unified threat management (UTM) service, and invest in strong endpoint security that includes anti-exploit technology that blocks malvertising attacks. Finally, educate your clients about this very real threat.
By Hunter Smith
By Mark Cline
By Meaghan Moraes