Ransomware Served Through Online Ads

Reading Time: 3 minutes

Cyber criminals have resorted to another sophisticated way of infecting user systems with ransomware and other malware. Malvertising or compromised advertising looks legitimate but serves malware that locks the systems. The malware – ransomware either locks the screen and access to the system or encrypts files on the system. The ransomware is so sophisticated that in many cases there is no option but to pay up in order to regain access to the system or decrypt the files. However, payment of ransom does not guarantee that the cyber criminal would provide the decrypting key. Cyber security experts do not recommend payment of ransom.

Online Ads

A couple of months back visitors to prominent websites such as the New York Times, BBC, MSN, AOL, Newsweek and others has got infected with ransomware as the websites served malicious ads. These authentic websites ended up inadvertently serving up dangerous ads. The ransomware infection took place even if the visitor did not have any interaction with the ads. The infection takes place even without the ad being clicked on.

Most website users believe that just visiting any webpage with ads would not lead to any infection. However, cyber security researchers have stated that ransomware infection can take place just within a few seconds after the ad gets loaded/ displayed on the web page. And such ads on a high visited website would lead to widespread infection within a very short time

The online ad industry has to survive against ad blockers, regulations and competitive ad rates. And if it is not able to block malvertising, then its survival will be in question. The first set of guidelines to help ad companies inspect ad content and ensure that malicious ads are not spread has been released by the digital ad industry group – Trustworthy Accountability Group (TAG). This is a good attempt born out of necessity to ensure survival of the on-line ad industry.

Traditionally, cyber criminals have attempted to distribute malware through spam emails, phishing, spear phishing and malicious links and attachments in emails. With users becoming more security aware cyber criminals having been attempting newer ways to unleash infiltration. Many online ad distributors do not have the technology or resources to detect malware in ads, so it is quite easy for infiltration with malware.

Worldwide regulators are laying out stricter privacy and data security laws on how companies must handle data. Customer data must be kept secure and any data breach would lead to severe implications for the company. With this fear in mind, ad companies have the responsibility of ensuring that the ads are free of malware.

However, this is easier said than done. Globally, thousands of companies deliver billions of ads everyday to websites. Cyber criminals have deceptively set up seemingly full-fledged companies, that are difficult to identify as malicious. The responsibility now falls on website owners to ensure their website’s security.

Websites must be regularly scanned for possible infection. Only verified safe ads must be allowed to run on the website and possibly maintained by the website owner. A robust antivirus solution with sandboxing and real-time scanning could help mitigate the risks associated with malicious ads.