The Rise of Malvertising

Hilary Tuttle


October 1, 2015


One of the hottest topics in cyberthreat detection right now is the rise of malvertising, online advertising with hidden malware that is distributed through legitimate ad networks and websites. According to research from enterprise security firm Bromium, more than 58% of malvertisments were delivered through news and entertainment websites, including Yahoo, CBS News, NBC Sports and

With that in mind, IT and cybersecurity teams have to adapt to meet these new threats, which are evolving far faster than detection tools.

“The key takeaway from this report is that, at large, the internet is increasingly becoming ‘untrustworthy.’ Attackers are now using popular websites to launch malware via online ads, which makes things difficult for IT security teams,” explained Rahul Kashyup, senior vice president and chief security architect at Bromium. “This risk should be well understood and factored in for any organization while building a ‘defense-in-depth’ security stack. Regular patching and updates definitely help to limit the exposure to potential attacks, but that might not be feasible for large organizations. It is advisable to evaluate non-signature based technologies that can thwart such attacks in a reliable way and prevent infections on end-user devices.”

Hilary Tuttle is managing editor of Risk Management.