Advertising on the internet is changing. It’s becoming more focused, which is good and bad. When it helps sellers and buyers come together, it can be a good thing. But when the results include malicious software, it’s a bad thing for everybody. Read on to learn about how internet ads can be hijacked by attackers.
Where these ads appear
What advertisements appear on various websites depends on a number of factors. Some of the factors are location, the domain of the network (.mil or .edu), browsing history, posts made on social media, and how much is paid to place the advertisement. Search engines operate in a similar manner. Notice that in many cases the top few results include an icon that the link is an ad even though links just below the ad may be the same link. Google, Bing and other websites make money for putting information on your computer screen.
How it works
Hackers are among those that will pay to have their information viewed. The information, in this case, will include malicious code, called malvertising. When users land on any website, their device is actually connecting to many other URLs too, imperceptibly, as browsers accept connections to render pop-ups, video files, and even stealthier interactions. Attackers are preying on users’ implicit trust of sites, like YouTube or ESPN, to infect the device via the third-party ad content quietly displaying there, and sometimes infecting before users even click on anything. Low recognition of this indirect attack method is the first advantage malvertising has in getting a jump on victims. As the fight against phishing has revealed, using familiar and comfortable jargon, geography and other nuances in a socially engineered attack, makes the attack much more likely to hit the target.
Defending against malvertising is part of information security
Typical defensive strategies don’t apply to malvertising. Still, you can utilize a number of tools as a defense to minimize the exposure to malvertising.
Tactics to consider are:
- Adjust the browser’s settings to not automatically run Flash and Java objects
- Install specific plug-ins to keep the device from making connections automatically, like Disconnect.
- Install software that specifically monitors the browser for malvertising techniques, like MalwareBytes (since normal antivirus doesn’t).
- Disable unnecessary or unused plug-ins.
- Keep the browser and plug-ins updated.
- Lastly, consider which browser to use to provide an acceptable level of security and protection, especially if something like MalwareBytes isn’t installed. Chrome and Firefox have good built-in information security.
About the author
Chuck Danley is an instructor at LeaderQuest with 30+ years of experience. He has a Masters of Engineering in Aerospace Engineering and a BS in Electrical Engineering. Chuck’s focus is on network and information security, but he has some experience in most aspects of IT from designing a LAN to the configuration of network resources to making prototypes for software acquisition. His primary focus is on ensuring the operation of IT resources in the most secure way possible.
Are you interested in cyber security training?
LeaderQuest offers cyber security training programs, including Network Security Specialist, Information Security Analyst, Cyber Security Specialist and many more. Check out our cyber security offerings below, and contact us today if you’re interested in pursuing a career in this growing industry!