A recent study by Cyphort has suggested that cases of Malvertising have increased 325 per cent in an year.
We have already seen some high profile attacks this year on major networks like Yahoo and Google as well as publishers like New York Times and Reuters.
“Combating malvertising is difficult due to the large layered setup of the bidding platforms currently in place. With specific schemes such as real-time bidding, malicious advertisements can remain hidden for extended periods of time,” said the writers of the report.
An example, also quoted in the report, concerns New York Times. In 2009, the banner feed of The New York Times was hacked for a weekend, causing some readers to see advertisements that told them that their systems were infected and instructed them to install malicious software in disguise. The report states that the culprit had approached the newspaper as a national advertiser and had provided apparently legitimate ads for a week.
“While it is very difficult to quantify malvertising, it is a very real threat. Given the havoc that malvertising can create there needs to be focus on finding a solution,” said Debraj Tripathy, MD , MediaCom India.
The head of an ad tech company opined that malvertising is costing digital ad companies and networks 5-10 per cent in revenues. A study conducted by the Association of National Advertisers said ad-fraud will cost global advertisers around $ 6.3 billion dollars in 2015.
Earlier this year, Adadyn, an ad tech company, partnered with The Media Trust, a company specialized in monitoring and protecting the online and mobile advertising ecosystem to provide 24*7 real-time malware protection through the continuous of all ad tags served via Adadyn’s programmatic platform.
Speaking to exchange4media on the topic of malvertising, an Adadyn spokesperson informed us, “The number of unique malvertisements in June of 2015 (80,000) has jumped 60 per cent in comparison to the same period last year (50,000).
He said that malvertisements have increased 260 per cent on a pro-rated basis in the first half of 2015 (450,000) compared to all of 2014 (250,000)
So is this because of the increasingly connected and layered nature of the digital advertising ecosystem due to programmatic and ad tech platforms? The Cyphort report does insuate that this might be the case.
“While it is true that hackers have attempted to infect the publisher’s side, a practice that started as soon as online advertising developed, we don't believe that ad tech platforms are making it easier for hackers to infect advertising. Technology providers such as ourselves deploy stringent screening process to keep malicious ads out of the system. As gate keepers to advertising, technology platforms have the responsibility to protect users, advertisers and publishers. So we will constantly adapt our solutions to protect against malvertising,” said the spokesperson.
However not everyone is convinced that it’s ad tech that is to be blamed but one reason that might be more troubling is that not everyone is comfortable talking about this topic. As a senior executive at one ad tech company told us, “Not everyone wants an open discussion on this topic.” Though individually networks and digital ad agencies do have stringent screening processes, as an ecosystem more work is needed.
“Planner and buyers do understand the effects of malware’s on their campaigns. Monitoring through 3rd party tools to differentiate non-human traffic will help in addressing a part of this. Publisher’s needs to agree on financial adjustments post campaigns based on delivery reports by third party tools. This will go a long way in convincing planner/ buyers and advertisers that their investment is been put to effective use,” said Tripathy.