A new cybersecurity industry report released this week revealed that online and mobile ads were some of the biggest threats to IT security in the first quarter of 2015.
The report, "Bad Ads and Zero-Days: Reemerging Threats Challenge Trust in Supply Chains and Best Practices", was released by Trend Micro and discovered that mobile adware is the largest threat in the mobile category, with 5 million threats already identified for just Android devices alone. According to the study, that number is likely to rise to 8 million by the end of 2015. In the desktop category, zero-day exploits were found to be the biggest threat, but cyberattacks taking advantage of these vulnerabilities are related to advertising, especially in Adobe software. This makes the malware much more dangerous, as it can infect a victim's machine even if they aren't visiting a malicious site.
"It is clear 2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks," said Dhanya Thakkar, managing director of Trend Micro's Asia-Pacific region. "It is clear businesses and individuals alike need to be proactive in protecting against threats. As a business, how would your IT-Security policies look like in a Zero Trust Environment? An aggressive and different security posture is critical to keep financial, personal and intellectual property safe."
Lack of preparation exacerbating effects of malvertising
While everyone is at risk for cyberattacks launched through malvertising, the report suggests that the health care sector is in the most danger. Malware targeting iOS and POS system applications are especially vulnerable, but the study does point out that because these types of threats have been widespread in recent years, many companies that suffer a breach are affected because they were not prepared for such cyberattacks.
For many organizations, it can be difficult to know how to protect against malvertising and other surreptitious cyberthreats without completely eliminating access to outside websites. However, managed SIEM providers can help. Using a detection and response managed service like FireBreak from ArcticWolf, organizations receive constant monitoring of enterprise networks in order to detect signs of a security breach. Security event information is continuously collected and analyzed, resulting in actionable security intelligence specific to an organization's networks.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.