03/03/2015

By Jan Wielenga, Product Manager for Data Networks at Daisy Group


In life, it is generally very easy to identify security threats. We are instinctively cautious of our surroundings when entering our pin code at the cash machine and keep a close eye on our belongings when we use public transport. However, when it comes to technology, criminal threats are often much more difficult to identify. When it comes to visiting websites we are often unaware of the risks, and that what is staring us in the face could actually be criminal activity in disguise.

Information, software and content held on the web is often sponsored through advertising. The content creation and delivery of advertising are often unrelated and the content owners therefore have few means of influencing or controlling the advertising hosted on their site. The responsibility for making sure the content is safe therefore lies with the advertisers.

Beware of false advertisement

Although advertisements don’t generally contain malicious content when hosted on the sponsored websites, threats often occur via third party networks when the advert is clicked on, which can result in the user’s device becoming attacked by viruses or ransomware – malicious software which is made by the hackers in order to blackmail the user to regain access to their device.

This can be an easy way for cyber criminals to breach security systems and is referred to as malvertising. This is understandably a huge problem for online businesses with third party advertisers on their site. If they don’t have a rigorous vetting process for third party advertisers, to assess their anti-malvertising credentials and identify just how legitimate a company they are, they could be bringing their customers and hackers together.

As a general rule, the more valuable the information on the website and the more reputable the company, the more attractive it is for cyber criminals to take advantage of the security flaws in its advertising, as the data and financial gains will theoretically be more rewarding. That said, the less sophisticated security tools implemented at smaller online firms can also create ample opportunities for malvertisers.

Scope for concern

Attacks on the Huffington Post, the U.S. military, Google and YouTube have dominated much of the media recently and highlighted the scale of the problem, with as many as 20 per cent of devices being targeted worldwide.

The impact of unintentionally hosting corrupted advertising on your website can be drastic. First and foremost is a loss of revenue, due to the damage caused to your system, and the time taken to remove the threats from your site resulting in a period of inactivity. A secondary disadvantage, and perhaps of more importance to a SME, which has worked hard to build a rapport with its customers, is the irreversible harm to reputation. If your customers are attacked by a virus originating from your site, they are likely to lose confidence in your brand and could potentially make their feelings known to other prospective customers.

So what can be done to prevent the risk?

Since advertising is a vital source of income for most businesses, unfortunately we are not able to mitigate the risk altogether. Anti-virus software and online protection tools certainly help and good web browsers with plug-ins that validate end-point security can also aid in combatting the threat.

At a network level, good appliance-based firewalls and regularly updated anti-virus software are invaluable investments. However, as with any web security strategy, the costs, risk and exposure need to be carefully balanced. Undoubtedly, large organisations handling a lot of sensitive data are better positioned than, for example, a small retailer with a limited budget. The good news, however, is the ‘trickle through effect’ which is resulting in us seeing many more sophisticated security tools being made available for SMEs that were historically only affordable by large enterprises.

When considering using a third party advertiser, assessing the quality of the products/services they are offering is vital. You should also check out all domain names and associated URLs before allowing anything on your site and maintain awareness of any suspicious behaviour, for example a rush to sign contracts or the presence of encrypted code.

The threats of malvertising differ on an organisation-by-organisation basis and the impact had is totally dependent on how seriously you take the issue and the preventative measures you are willing to employ. However, making yourself aware of the problem and just how real it is, is the first step.