LCI Security

Less burden, more security

Using Ad Blockers to Improve Security

We've all been there, surfing the Web, when a screen pops up to warn us that our computer is infected with a virus. We are then prompted to install some software to clean up the virus or to call a support number and get help fixing the problem. Unfortunately, this is a common scam, installing the software will compromise your computer and calling the number will often end with you being scammed out of your savings.

Why does this happen?

In a word, ads. When you open a web page each of the ads running on that page has the potential to do something malicious because ads are essentially programs that run in your browser. In most cases, the program is simply gathering data from your browser that allows it to better track you for future ads, which is an invasion of privacy. In other cases, the ads attempt to execute malicious code that attacks your browser or pops up fake warnings about your computer being compromised.

You may be wondering, "why don't web sites block malicious ads?". That would be nice, but they can't. When a web site uses advertisement services like Google Ads they have no control over what ad gets shown or what code the ad runs. While Google Ads likely has controls in place to identify and remove malicious ads, it's nearly impossible to identify malicious ads and scammers are constantly placing new malicious ads.

What's the fix?

In July of 2018, the National Security Agency (NSA) released guidance recommending the use of ad blocking technology to protect against malicious advertisements because:

[A]dvertising has been a known malware distribution vector for over a decade. This attack, known as "malvertising," allows a malicious actor to target users based on location, interests, browsing habits, and system specific identifiers, such as software version.
Based on their document, malicious ads have been common place for nearly seventeen years now and the best way to prevent them is through ad blocking software.

The NSA recommends blocking advertisments at the network, on the host, and on the browser. There are a number of good solutions for blocking malicious ads and malicious sites on the network. Some endpoint protection software includes the ability to block malicious advertisements from running on the host but not all systems on the network can run endpoint protection software. Running ad blocking software in the browser is probably the most effective method for blocking malicious ads. A comprehensive solution would include one or more of these solutions.

At LCI Security we recommend using a network-based ad blocking solution along with a browser-based solution. If you are interested in learning how ad blocking can save you time and money by preventing malicious software on your computers, please contact us to discuss your options.

Caveats

Web sites that depend on online advertisements for revenue and companies like Google who make billions of dollars a year selling advertisements, don't want you to use ad blockers so you may run into sites that don't work properly or at all with an ad blocker enabled. In that case, it may be best to find an alternative site to use. If that is not possible, most ad blocking software can be configured to allow ads for specific sites.