10.07.2009

FICORA's CERT-FI information security review 2/2009: Malware spread through web ads

Malicious software can be spread on websites also through advertisements. For website maintainers, preventing this phenomenon called malicious advertising or malvertising is difficult, because the contents of the ads are often downloaded from external servers not controllable to the maintainer. For website users, malvertising is extremely undesirable, as websites, which in general are considered safe, may also be infected.

Malware can also be spread through hacked web servers by utilizing the website or server vulnerabilities or stolen maintainer IDs to feed malicious contents to the servers without authorization. It may be difficult for the user to notice malware being downloaded onto his or her computer but it is possible to reduce the risk of being infected by keeping the browser, operating system and anti-virus software updated at all times.

Patches to be released to TCP protocol implementations

CERT-FI has actively coordinated the patching of vulnerabilities related to TCP protocol implementations. In the near future, patches will be released for dozens of software flaws and active network devices.

Threats to smart phones becoming increasingly interesting

So far, smart phones have generally not been affected by the harmful side effects in information networks. As telephones start to resemble computers, both to their features and purposes, they become more and more interesting for attackers. Information security threats, such as problems related to set up messages and WAP push messages have been discussed publicly more than before. Reason for the livelier discussion is not necessarily an increase in information security problems but rather a growth in information security research pertaining to smart phones.

Continued efforts to clamp down on spam

Towards the end of last year, the amount of spam was cut by half, when operators providing malicious contents were disconnected from the network. Since that the amount of spam rose to the previous figures. Nine out of ten messages in the network are ads or hoax attempts, or have other malicious contents.

International cooperation bodies show increasing interest in finding a solution to the spam problem. There are, however, not enough commonly agreed methods to intervene in malpractice. The International Corporation for Assigned Names and Numbers (ICANN) and the Anti-phishing Working Group (APWG) will intensify their cooperation with national CERT units, like CERT-FI.

CERT-FI publishes a quarterly overview of information security, which deals with the most significant threats to information security. The objective of the reviews is to support companies and organisations in their attempts to improve the management of information security risks. The CERT-FI information security review 2/2009 is available in Finnish on the CERT-FI website at http://www.cert.fi/katsaukset/2009.html. An English version will be published soon.

Further information:

CERT-FI Duty Officer tel. +358 9 6966 510
Erka Koivunen, Head of CERT-FI, tel. +358 50 309 8094