Thumbnail-craig
As CSO of Neoscope I’m regularly visiting with SMB’s discussing their security posture.  We start with

“Have you performed a Risk Assessment?”

and then move on to

“Are you guiding employees with Security Policies?”

followed by

“Are you training your employees on those policies and security best practices?”.

It’s during this last question where clients turn to me and ask:

“Can I get a malware infection simply by browsing the Internet?”

To which unfortunately, I reply:

“Yes! And increasingly so due to Malvertising! Or Malware embedded in Advertising”

 

It use to be a rare exception where the simple act of web surfing could compromise your computer.  However, all that is rapidly changing now.  Over the last 12 to 24 months, enterprising Hackers have begun attacking Advertisement Networks and Servers to plant malware code into their advertisements!  I’m not suggesting this wasn’t possible before…  security researchers will remind me of various graphical buffer overflow vulnerabilities from 2004 and 2005 and more recently Adobe in 2011. Sophos explains in recent articles on Malvertising (unpatched Ad servers and Daily Mail) how Malvertising is becoming a growing threat.

Given this sorry state of affairs, what can I do to protect myself?

Four Defense-in-Depth Layers of Computer Protection 

Note:  Before taking these actions, if you’re at work, check with your system administrator to get permission to install and run any of these solutions!  Many have EULA’s prohibiting their use for free in a corporate environment, and instead requiring a paid version (hey they have to pay the bills to bring us great products right?).  All of them allow a free version for home use.

 

  • Antivirus: ensure your Antivirus software is installed, all signatures are up-to-date, and active protection is enabled.
  • Patch:  ensure your computer is patched for ALL software – not just Microsoft.  For home users you can check all software patches by downloading and scanning Secunia’s Personal Software Inspector (PSI) This automates 3rd party software patching of 3rd that you might otherwise miss.
  • Protect:  Install OpenDNS protection via DNS on your enterprise network and home computers (it’s free for Home users).  Neoscope provides OpenDNS as part of its Neoscope Shield service offering to clients.
  • Guide: Consider installing McAfee’s SiteAdvisor   This solution provides a rating for the Google or Bing search results as shown below.

 

Ctl

 

It’s important to know that none of these recommendations is full-proof.  Short of cutting the Internet CORD to your computer, there are NO guaranteed solutions out there!  Besides what fun would that be to be offline…???

Consider these things like risk reduction strategies and enjoy your web surfing with a little less anxiety.

Craig Taylor

Chief Security Officer, Neoscope, LLC