Web visitors can be ultra-cautious and avoid websites that commonly contain malware. Don’t visit pornographic, gaming, betting, file-sharing, and streaming websites, and you will be able to reduce the risk of encountering malware. However, that doesn’t mean that you will never come across phishing websites and malware-ridden webpages.
Even very large, reputable websites are sometimes infected. How large? How about Yahoo: One of the biggest search engines and webmail providers on the Internet. Recently Yahoo was found to contain adverts that attempted to install malware on users’ computers.
Code was installed that examined users’ computers and checked to find out if the latest Java version was installed. Earlier versions of Java contained vulnerabilities that could be exploited. The latest version has fixed the security holes, but many users have not yet installed the latest version.
It is estimated that as many as 2 million people visited Yahoo and had their computers infected. A great many more individuals would also have had their computers compromised had they visited the website instead of Google. In this case, the individuals behind the infections – malvertisers – were putting users’ computers to work performing bitcoin calculations: a very profitable business if you have 2 million or more computers at your disposal.
Of course this is nothing new. Many websites are infected with malware. They just are usually not as big as Yahoo. However, hackers are getting bolder, and are now succeeding in infecting large websites with very good security measures in place.
Advertising networks are increasingly being infiltrated by malvertisers
Legitimate advertisers use advertising networks to syndicate their adverts across many thousands of websites. They are able to put their adverts in front of tens of millions of potential purchasers. Malvertisers, individuals or disreputable companies, are now doing the same. They make their adverts look respectable and get accepted by an advertising network. However, their ads contain links to malware-ridden websites, or code that probes for security vulnerabilities in users’ computers. They then inject their malware and put it to work.
Unfortunately, it is not a difficult process. In fact one doesn’t even need to be a hacker in order to do this. All that is required is an exploit kit that can be rented online. Take the Black Hole exploit kit for example. Using this kit, online criminals are able to inject code into the web browsers of site visitors. The renting of exploit kits is now commonplace and developers will even show people how to use the exploit kits to achieve their aims. Even people with very little knowledge of programming are able to use the kits to infect computers with malware.
The threat from these wannabe online criminals is considerable. If your company’s employees visit websites while at work, they could inadvertently click on an advert that directs them to a site containing malware, or one with advertising code on the page that probes for vulnerabilities. Even viewing an advert may result in a computer being infected.
There is a solution that protects against rogue adverts
There may be a high risk of infection, but that doesn’t mean that the risk cannot be effectively managed. In fact, managing risk is surprisingly easy. All that is required is software that contains an ad-blocker, and there is plenty of choice (NoScript, AdBlock and ScriptSafe for example). All of these are capable of blocking adverts and, if no adverts are displayed, users will not be able to click on malvertiser’s adverts.
Unfortunately, with all of these ad-blockers there is a problem. First of all, they are all browser-specific. That means every browser in an organization will need to have the ad-blocker installed to offer protection. They are also only available as plug-ins. This poses another problem for Sys Admins. Plug-ins are only safe if the latest version is installed, and updates are frequently released. Even these “safe” plug-ins contain vulnerabilities that can be exploited.
That means that every browser on every computer that connects to the network must have the plug-ins installed and then be frequently updated. On a small network of 20 computers this would be a considerable task. On a network with 1,000 desktop computers, 500 laptop computers, numerous tablets and mobile phones, it could potentially be a full time job for a small team of Sys Admins. Not a very practical solution it has to be said.
Is there a less labor-intensive alternative?
Fortunately, there is. The solution is to install a web filtering solution that contains an Ad-blocker. SpamTitan web filtering solutions for the enterprise contain an ad-blocker that will block adverts on all users’ devices, which includes mobile devices as well as desktops. A Sys Admin can configure the web filter to protect all users, but the software is not only about blocking adverts.
SpamTitan’s web filter will also prevent users from visiting websites known to contain malware and will block undesirable content such as pornography, gambling and file-sharing sites. SpamTitan’s web filter has been developed to give Sys Admins an exceptional level of control. Permissions can be set for the entire organization, groups of users or individuals.
A user in the IT department could be allowed to view any site, while a member of the accounts department could be prevented from visiting virtually all websites. Different web filtering settings can even be assigned for different times of the day, if required.
Such a granular approach is important as each member of staff may require different levels of access. Social media websites could be blocked for all members of staff except those in the marketing and IT departments for example.
Having all of these controls could potentially require a Sys Admin to spend hours learning how to operate the system, and weeks configuring it. Not with SpamTitan. The controls are intuitive, easy to set up, there is no steep learning curve, and configuring users’ settings is a relatively quick process. Protecting a network from malware, and users from viewing undesirable content, has never been easier.