On average, at least 13 Adware components can be found on every user’s machine. Its prevalence is becoming more of a threat than email-borne worries because most consumers use Internet Service Providers that proactively scan and clean email viruses before being delivered to the consumer. But they cannot do the same for Web traffic.
How do you prevent this insidious Adware taking hold of your machine?
Content filtering is the best way forward. But the market penetration of Content Security products is about 30%. So, 70% of users don't have protection in place, despite needing it now. Ironically, the market penetration of firewalls is far over 90% - but firewalls don't help prevent Web Ad attacks. Firewalls check authentication but not transmitted content. Antivirus scanners have no signature file in the AV database for most Adware and do not analyse content or provide any customisable filters to stop it.
There is really no other way of protecting against Adware than adopting proper perimeter and desktop protection, putting proactive filtering defence in place. To take an analogy, proactive filtering is the moat that guards a mediaeval castle. The castle also has high walls and a drawbridge to protect it, but it is the moat that is the first line of defence, the deterrent for any would-be attacker.
The risk posed by Web traffic means that all traffic can be considered to be potentially harmful. No company can afford to allow these threats to get access to its network, and even SSL encrypted Web traffic must be considered.
By using proactive filtering, you prevent Adware by effectively deploying a shield, proactively stripping the content and code that enables Adware to be downloaded, installed and executed from Web based traffic at the gateway – i.e. before it can cross your moat and mount an attack.
Proactive filtering does not replace conventional anti-virus technology, but complements it to maximise protection and performance. A classic virus pattern can only protect against one particular attack after it has been found, perhaps already spreading via the Web.The proactive scanner does not look for a known virus that can be caught faster by a pattern-based scanner. Instead, proactive filtering offers a three way approach that verifies digital signatures and in so doing, blocks any untrusted program code; screens and blocks any suspicious code based on its potential behaviour; and finally, filters out any potentially harmful code that tries to exploit any vulnerabilities on the client.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.