InternetRansomwareSecurity

Yikes! You really DO want to be denied access to these sites!

We regularly receive reports from clients who are denied access to certain websites, all while in the course of performing their legitimate work duties. As this Ars Technica article explains, a number of very high profile websites, including The New York Times, the BBC, MSN, and AOL, were effectively compromised by their advertising partners’ ad networks being compromised. As shown in the diagram at right, it’s a fairly simple process for bad actors to leverage high-profile, legitimate websites toward their nefarious goals.

For this reason, we are strongly recommending that every business and home computer have some sort of web filtering enabled, and specifically to consider blocking of web ads, as these have now become one of the most popular ways to compromise systems. When combined with ransomware threats such as Cryptolocker, these exploits can result in a complete denial of access to your critical business documents within minutes.

That part depends on business owners and IT staff implementing these controls. The next part is on the end user. If you receive a message saying that your access to a website – even one you think is legitimate – was blocked, take a second to first read the error message that is displayed. Any good content filtering program will make an attempt to tell you why your access to a website was blocked. Here’s an example of a website being blocked by Sophos’ web filter. Website blockedYou can see from the message that the site in question was blocked for potentially serving malicious software. In this case, even if the website you are attempting to access is legitimate, you do not want to let it infect your system with malware!

If you receive such a message, you should report this to your IT staff immediately so that they can investigate. When you do, try an approach like:

Hi, I was attempting to access XYZwebsite.com and I got the following warning message. Can you tell me why I was blocked?

This will likely go over much better, and get you the desired results more quickly, than something like this:

I NEED ACCESS TO THIS WEBSITE BUT YOUR FIREWALL WON’T LET ME!!

Bear in mind that content filters block websites is because of how they are configured and – unless you have a real oddball of a system administrator – not because s/he is just trying to get in your way – they’re trying to protect you and your business.

Questions? Concerns? Call us for a quick chat about the risks and solutions.