Online advertisements are a part of our daily browsing experience as they are also an essential part of companies’ online marketing strategies. So how do we know, when visiting websites that carry these networked advertisements, whether we are opening ourselves up to criminal compromise through malicious ads?
Web site owners use trusted content networks to provide advertisements for their websites, and criminals are actively targeting this trust relationship as it represents a weak link in the chain of content control. Criminals create shell companies to place advertisements that hide malicious content in ads that are subsequently placed with high profile advertising networks. These malvertisements are then syndicated across many hundreds of web sites silently infecting as many victims as possible, as these examples illustrate.
So where does the responsibility lie? Is it with the web site that is hosting the malicious adverts, the network distributing them, or the consumer who visits the website? Really the responsibility, as well as the potential for damage, is shared. Web site owners and ad-networks alike suffer embarrassing brand damage when their customers are infected and the victim of course suffers the pain of information or identity theft and financial loss.
It is certainly true to say that if the right checks and balances were in place the problem would largely cease to exist, at least on legitimate websites. Clients of ad-networks should be applying pressure to their provider of choice to ensure that the appropriate checks are made before the advert goes out. Ideally, automated systems need to be in place at the advertising content providers, to run the ads through a sandbox before they are released into the public domain, checking for any kind of active or malicious code. Third party providers should perform specific checks to verify URLs and detect any unexpected or unwanted behaviour such as automated redirections, even if not malicious no web user wants to be bounced off to a third party website simply as a result of rendering an ad in their browser and no website owner would want their visitors stolen in this way either!