Protecting your organization against malware via web ads

Over the years, delivering advertisements to web pages has become a major source of revenue for web site operators, especially social media sites. The entire business plan and revenue stream for sites like Facebook is based on delivering targeted ads to users via their browser, phone, or tablet computer. Billions of ads are served each year.

Unfortunately, malware can be and is being delivered via these ads. Sophisticated Javascript and other browser tricks are used to deposit malware on user's devices with nary a click needed. The malware can spy on users, read browser history, lift passwords and logins stored in the browser, intercept logins to other sites and copy the credentials, open pages and perform clicks in the background, and even redirect users to different websites that look real. Browser companies try to keep up with the crafty attacks, but so far have had limited success. Several of the big browsers have taken the route of becoming spies and traffic-interceptors themselves in the name of protecting users, which, in a way, just moves the problem.

The NSA, CIA, FBI, DHS, and other agencies in the US Intelligence community use ad-blockers to combat the problem. Your organization should, too.

The costs of a single malware or ransomware attack now average over a million dollars for small and medium-sized organizations. Due to the shifting cyber attack landscape, the real choice SMB's face now is: do I allow an open, known avenue of attack to operate on my organization's computers and possibly infect my network, workstations, and laptops with ransomware and malware, or do I let a content site gain a few cents by casting an ad onto my screen? Most ads aren't malicious. Of course, some of them are. The problem has been getting worse.

Until advertising networks and browser platforms can provide a completely safe and secure ad delivery mechanism that can't be abused by malicious actors to infect user browsers and machines, organizations simply cannot be expected to risk accepting these adverts. It's a shame that many good content and service providers will suffer from this. These are just one of the costs inflicted by cyber attackers and foreign agents.

Options for protecting your organization's network include using a Pi-hole -- software that blocks requests for the adverts and automatically updates the lists of ad servers and files -- or using a set of ad-blocker and security extensions on all of your organization's machines and devices. Check our membership content for TechKits for both of these options, or do web searches to learn more.