Courtesy of Shutterstock
NEW YORK (TheStreet) -- Are your Internet advertisements secure?
Online advertising has become a major component of the Web, leading to annual revenue of over $40 billion in the U.S. alone last year.
Everyone knows online advertisements are an effective means for promoting products and targeting wide audiences. But online advertisements also provide a convenient platform for spreading malware.
"Malvertising" attacks are the use of online advertising channels to infiltrate malware into the computers of unsuspecting users by embedding malicious code within legitimate advertisements on trusted Web sites.
A recent U.S. Senate report revealed troubling vulnerabilities in online ad networks that have exposed consumers to malware attacks and is the first step in a new bipartisan effort to tighten online security.
This problem is not a new but the stakes are getting higher and the implications more serious for ad networks, business advertising and consumers.
Clearly the issue is significant due to the potential for negative impact and monetary loss. Consider the impact on advertisers if a business and users start blocking advertisements on their browsers as a way of reducing their risks.
The impact on consumers is clear. By simply visiting a site, users can get infected via "drive- by download." There is no visible indication the trusted site is compromised.
As most advertising on trusted sites comes from a variety of ad networks -- different visitors will see different ads from different places, not all of which will be malicious -- malvertising attacks are particularly hard to detect.
How do attackers infiltrate the Web sites? Attackers use various techniques to add malicious content to the ads on legitimate websites. These include:
Direct Purchase: Criminal syndicates often disguise themselves as legitimate organizations and purchase ad space directly with the website. Typically this is the first time the syndicate has engaged the publisher and they will usually purchase a short-term campaign at the last minute in an attempt to evade detection.
Leverage Ad Exchanges: Attackers position their malicious ad within an ad network or exchange, which automatically distribute ad space on Web sites. This automated ad distribution process through a complex network of exchanges makes it incredibly difficult to track down the original source of the ad, as well as determine on which sites the ad was published.
Exploit Technical Vulnerabilities: Attackers leverage vulnerabilities in the ad servers or other infrastructures to compromise ad networks, DSPs, etc., and through this compromise, replace legitimate ads with malicious ads, which are then sent out to any number of destinations.
So what can be done?
This risk can only be eliminated if addressed systematically, at all points of the porous online advertisement supply chain.
Large advertisers are the ones most affected but are in a position to leverage a strategic approach to the solution, such as the following:
- First, ensure online advertising networks are following strict security controls and processes around content creation and sharing. This includes a secure scheme that relies on cooperation between web servers and advertising networks to thwart in-ﬂight modiﬁcation of ad trafﬁc -- it must provide a means of proving authenticity and integrity of the trafﬁc.
- Second, perform appropriate and regular checks of advertisements to verify the advertising content providers for all types of active or malicious code. If any unexpected or unwanted behavior is detected, such as automated redirections, the ads should not be published to the end users.
- Finally, malware monitoring system should be used on dedicated and shared hosting servers in order to trace malware infections at inception.
In conclusion, all entities involved in the advertising networks (advertisers and publishers) have to secure their internal systems internally and perform due diligence on their partners' systems. Merely signing an SLA does not ensure security and integrity in a shared network. There is a pressing need to ensure that there are rigorous security policies and procedures in place to curb these risks.
This article represents the opinion of a contributor and not necessarily that of TheStreet or its editorial staff.
Pamela Gupta is President of OutSecure Inc., a cyber-security strategy creation company that focuses on creating strategies that are unique to the company.