Just when you thought you had anti-virus and anti-spam under control, the cyber-criminals have taken a huge leap forward in how they infect your machines. In fact; you don’t have to do anything ‘wrong’ to get hit with a malvertisement.
You may think it would be relatively easy to keep away from the ‘dark alleys’ on the Internet by practicing safe browsing habits, but alas! The cyber-criminals are now imbeding malware into web ads and succeeding in placing these ads on very popular and main stream web sites.
Web sites like;
- The New York Times
- The Drudge Report
- WhitePages.com
In fact, a recent study by dasient.com found that;
97% of Fortune 500 web sites are at a high risk of getting infected with malware due to external partners (such as javascript widget providers, ad networks, and/or packaged software providers)
You see; the folks that run huge web sites long ago ceded control of web ad content management to outside firms. When you land on a web page you are often being fed content from multiple sources without even knowing it.
Lately, the cyber-criminals have found that they can place ads with content providers that ‘look’ real then switch them out for malware without anyone even knowing it.
It happened to the New York Times recently undoubtedly infecting thousands of users pcs. See (http://www.nytimes.com/2009/09/15/technology/internet/15adco.html).
The most effective way to prevent such malware if by using a Content Filtering system that reviews EVERY packet of data that goes into your network; looking for know issues and threats and cutting of the flow of data before damage is done.
Some folks say they are ‘protected’ because they use such free tools as OpenDNS but if the ad is served to your browser via IP address (which they often are) then these requests don’t even go through a DNS request, leaving you completely open and vulnerable.
The bottom line is that your IT vendor should be locking down your network connection before you become an unwilling recipient of a nasty piece of malware (most of them breeze right on by even the best anti-virus software around!)
If you network is NOT protected by content filtering, give me a shout (our NetAssure Services includes content filtering)
Good Networking!
Eric Hobbs
Technology Associates
ehobbs@technologyassociates.net
919-459-0109 – Direct
Things to Think About…
- Anti-Virus is not enough Today’s threats often circumvent even the best anti-virus software on the market
- DNS protection is useless Ad content is often served using IP addresses, avoiding DNS lookups.
- Protect the network edge Installing a centrally managed device or service is the easiest and most secure way to go.
