As if Internet use wasn’t already troubled with cyber perils, users now have to add “malvertising” to the list of things from which they need to protect themselves.
“Malvertising,” like the name suggests, means “ads that contain malware.” Some mal-ads aren’t dangerous unless you click on them – but others can do “drive-by downloads,” sneaking their malware onto your computer simply because you’re viewing the page on which the ad appears.
While most malvertising is on websites, it can also show up on other ad-displaying apps, such as Facebook, Skype, some email programs, and many games.
The reason that malvertising is more of a problem than other malware approaches is that it can be spread through online advertising delivery networks like Google DoubleClick to legitimate sites that users routinely visit, like the New York Times, Huffington Post, and Yahoo, as well as routinely-used mobile apps that show ads. Malware-bearing ads can be “injected” either by hacking ads at the provider end or by buying and providing mal-ads. In most cases, there’s no way for a user to tell just by looking that an ad has been compromised.
The Potential Damage
The dangers of advertising-delivered malware are the same as those from malware you get any other way. Malware can steal account usernames and passwords, bank and credit card information, and other sensitive data.
It can encrypt your data and “hold it for ransom.” It can, in turn, infect other computers on your network and turn your computer into a “zombie,” spewing out spam and malware to the Internet.
Like other viruses and malware, malvertisements take advantage of security vulnerabilities on users’ computers and mobile devices. These may be anywhere from the operating system, to web browsers and other applications, to add-ons and extensions like Java, JavaScript, and Flash.
How do you know if your computer has been infected by malware? One sign is that your web browser shows unexpected pop-ups or seems to be running slower. But many malware infections remain “stealthy,” possibly even eluding anti-malware scans.
Legitimate ad creators and ad delivery networks are working on ways to detect and prevent malware from getting into the digital ads they serve. Otherwise, people have even more reason to not look at ads or block ads entirely.
But, assuming it can be done, this won’t happen for a year or more. The burden is on companies and individuals to do their best to protect their networks, computers, and devices.
What Can Companies and Users Do?
Although malvertising is a relatively new vector, the best security practices still apply; if you’re already doing things right, keep doing them. But what does “doing things right” look like?
- Avoid clicking on those ads, even accidentally.
- Maintain strong network security measures. Next generation firewalls at the gateway can often detect malware payloads delivered by ads, block the ads entirely, and/or detect communication from already-infected devices.
- Regularly backup systems and critical files so you can quickly restore to a pre-infected state if your systems and data are compromised.
- Deploy endpoint security software on every device so that it’s protected on and off the network.
- Ensure that all operating systems and client software (especially web browsers) are fully patched and up to date.
- If you suspect a computer has been infected, stop using it for sensitive activities until it’s been “disinfected.” Again, many security appliances can help you identify and quarantine infected devices.
It’s unfortunate that even more of everyday Internet use is potentially unsafe, but the steps to fend off malvertising are essentially security precautions that companies and individuals should already be following.