Following the news that hackers targeted German parliament using a malvertising campaign to direct a compromised Israeli news site to redirect users to a malicious site. Dr Malcolm Murphy, Technology Director at Western Europe at Infoblox commented below.
Dr Malcolm Murphy, Technology Director at Infoblox:
“This recent attack adds to the growing trend for malvertising attacks, in which compromised ad servers are used to display fake ads which expose consumers to malware. We’ve seen a number of high profile online publications used to harbour these attacks, including the New York Times and BBC in 2016.
“Clearly cybercriminals are targeting high-traffic sites to try to encourage a larger number of clicks, and consumers are probably more likely to trust ads which are displayed on well-known, trusted websites. Meanwhile, the malware itself continues to grow in sophistication, often exploiting an organisation’s domain name system, or DNS, as a pathway to connect to a malicious destination or botnet.
“To combat this growing threat, organisations should be making DNS security a top priority. In reality though, DNS servers are often neglected, leaving organisations open to these types of attacks. Reliable threat intelligence will also enable organisations to disrupt malware as it communicates through the DNS, protecting customers from malvertising in the process.”