About three-quarters of businesses polled in a recent survey have experienced a type of cyberattack that involves online advertising.
Adware is software that displays ads, sometimes through pop-ups or redirecting the user. When used for malicious purposes, attackers can combine it with harmful applications that can change the user's browser settings, track location, or exfiltrate credentials, among other actions.
Broadly, cyber threats are evolving rapidly to stay ahead of cyber protections, according to Cisco's 2017 Cybersecurity Report, which polled 3,000 chief security officers and security operations leaders in 13 countries for its benchmark study. For instance, three very popular exploit kits, known as Angler, Nuclear and Neutrino, disappeared almost completely in 2016, "leaving room for smaller players and new entrants to make their mark," the report noted.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Cisco researchers noted exploit kits "poised for growth" included Sundown, Sweet Orange and Magnitude, which target Flash, Silverlight and Microsoft Internet Explorer. They recommended uninstalling Flash and disabling extraneous browser plug-ins.
Here are a few other findings from that report:
- Spam makes up about 65 percent of total email volume, partially driven by botnets that send spam messages. Cisco researchers say up to 10 percent of global spam is malicious.
- "Suspicious Windows binaries," which propagate spyware and adware, were among the top attack methods in 2016; "potentially unwanted applications," such as harmful browser extensions were also widespread. Facebook scams, including fake offers and surveys, were third most popular.
- More than a third of companies said constrained budgets prevented them from adopting more advanced security products; about 28 percent said product compatibility was a challenge and 25 percent cited lack of cyber talent as a barrier.
- Overall, organizations Cisco researched could generally only investigate 56 percent of security alerts they got on any day, and of those, only half are categorized "legitimate" after investigation. Generally, fewer than half of the legitimate alerts are ever remediated.
- About 44 percent of security operations managers Cisco polled receive more than 5,000 security alerts in a day.