• All Articles

Latest Ransomware attacks in ad tech: How to stop Ransomware attacks with AdSecure

By Anna

July 10, 2023


How does Ransomware affect end users? According to Techtarget, ‘Last year was a breakout year for Ransomware as the cybersecurity attack vector wreaked havoc on individuals and organizations around the world. It's a trend that is likely to continue in 2023 and beyond.’ In fact, Ransomware is expected to cost the world $265 billion by 2031, according to Cloudwards. Whilst not a new cybersecurity risk, Ransomware continues to pose a threat to online end users across the globe - Here are 3 of the latest 2023 Ransomware attacks in ad tech and across different industries:

-Huge multinational company and American television provider Dish Network had to pay a ransom after being hit by a Ransomware attack in February.
-The fruit-and-veg trader giant Dole suffered a Ransomware attack in March which gave hackers access to sensitive employee data!
-US payments giant NCR has also recently been hit by a ransomware attack that targeted one of its data centers causing an outage and affecting software functionalities.
-Emerging new threat 'Big Head' Ransomware was found in Malvertising and fake Windows updates, according to Hackread.

If you look the terms 'Ransomware attack dish network', 'NCR Ransomware attack', 'Dole Ransomware', and even 'Royal Mail Ransomware' on Google, you will quickly see that, whilst they are 3 of the most popular latest Ransomware attacks in ad tech and across industries, they are not the only ones, rather, the first few pages of Google are CRAWLING with news of big and small companies being hit this online threat. And, if huge companies such as NCR can be affected by Ransomware, so can your business, and your end users. Keep reading to learn what is a Ransomware attack and how it affects websites and ad networks, and how to stop Ransomware attacks with AdSecure's Ransomware protection and ad security tools:

What is Ransomware and how to stop Ransomware attacks with AdSecure?

So, what is a ransomware attack and how it affects websites? Ransomware is a type of malware that encrypts the files on an end user's device, rendering them inaccessible. The malvertiser behind the Ransomware attack then demands a ransom payment from the victim in exchange for providing the decryption key or tool necessary to restore access. Once Ransomware infects the end user’s device, it typically displays a notification informing about the encryption and demanding payment. The notification may also show a deadline for the payment, threatening to delete the files if the ransom is not paid within a specified time frame.

Ransomware can be distributed through malicious links on a corrupted ad within an advertiser campaign. Then it shows on a publisher’s website, where the unsuspecting end user may click it and get their device infected. There are several kinds of Ransomware attacks, but here are 4 that commonly lurk within the ad supply chain:

#1 Double extortion: Typically, cyber criminals encrypt information found on a system and then demand a ransom in exchange for a decryption key. With double extortion, they also send the data to a separate location, where it can be used for other purposes, such as leaking the information online if a payment is not received.

#2 Ransomware as a service (RaaS): Back in the day, cyber criminals had to write their own Ransomware code… But these simple times seem to have passed! RaaS is pay-for-use malware which enables malvertisers to use platforms that provides Ransomware code and infrastructure to launch and maintain Ransomware campaigns - We could describe it as a variation on a SaaS business model, where a Ransomware group licenses out their Ransomware program for use by another party or affiliate.

#3 Attacking unpatched systems: Some Ransomware attacks target systems and platforms that have known vulnerabilities on unpatched systems. For example, ad networks that haven’t got a proper ad security tool designed to protect their business, their clients, and ultimately, the end user!

#4 Phishing: A phishing attack is an end user security violation which leads end users into a fake website pretending to be an official one, in order to trick them into revealing personal and sensitive information such as passwords, phone numbers, or credit cards. Phishing attacks are often combined with other cyber attacks targeting end user’s personal information - Ransomware is commonly used in combination.

How does Ransomware affect end users?

When an unsuspecting end user clicks on a malicious ad that contains Ransomware, it can very quickly escalate from a simple scare to a disturbing and stressful situation where the end user’s financial well-being gets impaired - According to Cloudwards, in 2021, the average ransom demand reached $220,298! This average comprehends end users and businesses, ranging from ransoms of 150 USD ransom, all the way to millions! But monetary loss isn’t the only consequence to these online attacks. Let’s look at some other ways in which this attack affects the end user:

Loss of personal files: Out of all Ransomware victims, 32 percent pay the ransom… But even then, they only get 65 percent of their data back! Ransomware can encrypt personal files and sensitive information stored on the end user’s device. If they don’t have backups or cannot recover the files, these may be permanently lost.

Identity theft and unauthorized transactions: Some forms of Ransomware specifically target financial information, such as banking credentials or credit card details, which can result in unauthorized transactions, and potential identity theft.

Privacy and security risks: Ransomware attacks can compromise the privacy and security of the end user. Cybercriminals may gain unauthorized access to personal information, including sensitive data like social security numbers, addresses, and passwords. This information can be used for various malicious purposes, including fraud.

Psychological impact: Being a victim of Ransomware can have psychological effects on individuals. The loss of personal data, privacy violations, and the feeling of being targeted by cybercriminals can lead to stress, anxiety, and a sense of violation.

Ransomware prevention in ad security: How does Ransomware affect your business?

How does Ransomware affect your business? Ransomware malvertising attacks are terrible news for your business both as an ad network and a publisher, because it compromises not only the financial and privacy safety of the end user, but also plays a detrimental role in the health of your brand reputation.

The effects of Ransomware in ad networks and how to stop Ransomware attacks with AdSecure:

Ransomware is inserted into malicious ads within ad networks or third-party ad vendors, making these platforms especially sensitive to their reputation being affected by this malvertising technique - When the ad network unknowingly approves an ad that has been corrupted with Ransomware and it gets served through any number of sites, it compromises the safety of thousands of end users and websites.

If the issue isn’t resolved before affecting the end users, this can seriously tarnish said ad platform’s online brand reputation, eroding trust in the network's security practices.

Advertisers and publishers may be hesitant to continue working with an ad network that has experienced a significant breach, potentially leading to a loss of business and partnerships. Also, once an online brand reputation has been damaged, it is very difficult to restore.

Also, Ransomware attacks can lead to legal and regulatory consequences: We are talking about an attack that specifically targets end user finances and private data, potentially resulting in HUGE losses! Ad networks (And also publishers!) associated with this data and financial loss may need to engage legal counsel to navigate potential legal issues and regulatory compliance requirements.

What is a ransomware attack and how it affects websites: How Ransomware affects publishers

As stated above, legal and also financial consequences may come to publishers if an end user’s safety becomes impaired by Ransomware found on their website. Also, if word gets out online that a website isn’t safe, the news can spread like wildfire! Picture it: Forums, social media channels, Google reviews stating that people are getting their data and money stolen through your website!… End users will be driven away from the website instantly, causing a huge traffic loss, and advertisers will choose other websites to promote their brands - All leading to serious revenue losses and brand reputation damage. Also, once hundreds of bad reviews and angry forum entries are online, it is very difficult to change the public’s perception, and it takes a long time.

Lastly, the association of publisher sites with Ransomware can not only seriously damage the image of the site, but it can also lead to Google penalties, with the site being ranked down, or even completely blocked from relevant browsers such as Chrome.

So, how do I remove ransomware from my ad supply chain? In order to prevent all of these nasty consequences, it is a good idea to find an ad security and quality solution to prevent a Ransomware prevention for ad networks and publishers that helps you remove ransomware from your ads and from your website. Continuing on we tell you how to stop Ransomware attacks with AdSecure!

AdSecure: Ransomware protection and ad security for publishers and ad networks

So now you know what is a ransomware attack and how it affects websites - here's how to stop Ransomware attacks with AdSecure: If you are an ad platform or a website publisher, in order to prevent your end users and brand being affected by Ransomware attacks, integrating a great Ransomware protection and ad security tool to your platform is simply a must. AdSecure is specially designed to monitor your advertising supply chain or website content and flag any ads that could cause issues for you and your brand, real-time. This way, you make sure all ads are compliant and safe pre and post launch, and at all times, helping you keep online threats such as Ransomware away from your end users, and protecting your brand’s image. Want to join ad networks such as Evadav in protecting your online business, making it Malvertising-proof? Contact us for more information on how to stop Ransomware attacks with AdSecure and how to prevent Ransomware for publishers and ad networks, or why not try AdSecure for free now?

Share this article on