Online:
Visits:
Stories:
Profile image
By Dickinson Mackaman Tyler & Hagen PC
Contributor profile | More stories
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Nowhere is safe: Ads hit New York Times, BBC, MSN and more

Wednesday, March 30, 2016 5:35
% of readers think this story is Fact. Add your two cents.

(Before It's News)

Over the last two weeks, websites including the New York Times, BBC, The Hill, Newsweek, AOL, and MSN were the platforms for malicious advertising (“malvertising”). According to online data security analysts at CSO, these major websites were injected with malvertising that allowed hackers to install malicious software likely designed to hold an organization’s data for ransom.

So-called ransomware attacks are on the rise. It was recently reported that a California hospital had its systems hijacked and was forced to pay a ransom in order to retrieve all of its data. Hackers allegedly demanded over $3 million for the return of the hospital’s data. However, it was later reported that the amount the hospital paid was closer to $17,000. Nevertheless, the hospital was in a tight spot because it apparently failed to sufficiently back up its data, so it was completely beholden to the hackers.

The breaches at major websites like MSN and the New York Times, with their millions of daily page views, are particularly dangerous. Malvertising is insidious because it does not necessarily require users to click on an ad in order to download malicious software. These “drive-by” attacks can occur in the background of a computer’s normal operations, so the user may not be aware that their computer is being compromised.

One of the most significant steps an organization can take to guard against these kinds of attacks is making sure their software is up to date. The recent attack at MSN and the New York Times is reported to have taken advantage of security flaws in Adobe Flash and Microsoft Silverlight.

This blog has previously discussed the importance of patching organization software to avoid known security flaws. This is one easy step organizations can take to minimize the risk of a ransom attack or a data breach.

This recent malvertising campaign also illustrates the risks that employees may cause when they access websites on organization computers. This blog recently reviewed a case where a bank was the victim of a cyber-attack involving over $485,000, and employee conduct almost prevented the bank from having insurance coverage.

Organizations need to be aware of the serious threat posed by all internet websites. Even mainstream websites can be platforms for the distribution of malicious software, so organizations need to make sure they are taking steps to minimize the risk of attack. Legal liability may depend on these actions.

The material in this blog is not intended, nor should it be construed or relied upon, as legal advice. Please consult with an attorney if specific legal information is needed.



Source: http://www.dickinsonlaw.com/2016/03/safe-ads-hit-york-times-bbc-msn/

Report abuse

Comments

Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.