Security Predictions for 2015: #1 – Malvertisers Will Dole out Trouble as They Infiltrate Ad Networks

A10 Networks Blog

Looking back at 2014, the two major themes that dominated security headlines were large-scale retail breaches and vulnerabilities in widely used software libraries. What cyber-security bombshells are in store for us in 2015? We count down the top security predictions for 2015 in this five-part blog series. Our first prediction: Malvertisers will dole out trouble as they infiltrate ad networks.

Malware distributors have zeroed in on a fast and effective way to infect millions of users: malvertising. With malvertising, cybercriminals distribute malicious code through online advertising networks.

Because the malware-laden advertisements are hosted by legitimate websites and the ads constantly change, traditional security tools that “black list” malicious sites cannot easily block malvertisers’ ads. Malware-laden ads often silently infect machines without users’ knowledge.

In 2015, we predict that malvertisers will take advantage of new exploits, known exploits like Dynamic DNS, and signature and sandbox evasion techniques to further propagate their malware across advertising networks. To prevent malware infections, organizations should install anti-malware software on client machines and enforce security controls on clients’ browsers. Advanced threat protection platforms can also help detect malware in web traffic. Since many web-based advertisements are now delivered over SSL, organizations should decrypt and inspect encrypted traffic.


Geoff Blaine
December 8, 2015

About Geoff Blaine

A 10-year veteran of the security space, Geoff serves as A10's senior communications writer and content manager. He brings a blend of real-world journalism experience, cybersecurity perspective and mainstream tech interest. READ MORE