US Senate says firms must protect against malicious ads

May 15, 2014 by Jack Gillum

The U.S. Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would force them to do so.

In a new investigative report, the Senate Permanent Subcommittee on Investigations said hackers in some cases are infecting computers using software or programming commands hidden inside online advertisements. It suggested tougher U.S. regulations or new laws that could punish the in addition to prosecuting the hackers.

Yahoo's chief information security officer, Alex Stamos, on Thursday described ways that Yahoo tries to protect Internet users, such as blocking deceptive ads that mimic operating system messages to trick users. He called the problem "a top priority for Yahoo."

"We successfully block the vast majority of malicious or deceptive advertisements with which bad actors attack our network, and we always strive to defeat those who would compromise our customers' security," Stamos said.

Google's George Salem, a senior product manager, called the problem "badware," and said Google was working diligently but sometimes reluctant to publicly discuss its efforts.

"Our goal is to stay one step ahead of mal-vertisers and not tip them off to our activities," Salem said.

The subcommittee highlighted a December 2013 incident in which an Internet user visited a mainstream website and had all of her personal information stolen via an ad on Yahoo's network. Even worse: She didn't have to click on it to deliver a virus that gobbled up her information. And as many as 2 million others may have been exposed to the attack.

The online advertising industry has grown complicated "to such an extent that each party can conceivably claim it is not responsible when malware is delivered to a user's computer through an advertisement," the Senate report said.

The panel said it found no evidence that Google or Yahoo's ad networks are more vulnerable to malware attacks than other major ones. It said the industry as a whole remains vulnerable to such forms of attack.

Several bills in Congress aimed at strengthening Internet privacy and security have stalled, and there currently is no federal data-privacy law for Internet companies. One measure, the 2011 Commercial Privacy Bill of Rights Act, would have allowed the Federal Trade Commission to require security measures for sites that collect .

Explore further: Yahoo! websites to get do-not-track tool

Related Stories

Yahoo! websites to get do-not-track tool

March 29, 2012

Yahoo! on Thursday said that it will soon add a tool to its websites that allows visitors to signal that they don't want their online activity tracked for ad targeting or other ends.

Yahoo! in online ad alliance with Google

February 7, 2013

Yahoo! on Wednesday announced an advertising alliance with Google, the company that dethroned the pioneering Internet firm in the world of Internet search.

Yahoo email account passwords stolen (Update 2)

January 30, 2014

Usernames and passwords of some of Yahoo's email customers have been stolen and used to gather personal information about people those Yahoo mail users have recently corresponded with, the company said Thursday.

Recommended for you

Smart home heating and cooling

August 28, 2015

Smart temperature-control devices—such as thermostats that learn and adjust to pre-programmed temperatures—are poised to increase comfort and save energy in homes.

Smallest 3-D camera offers brain surgery innovation

August 28, 2015

To operate on the brain, doctors need to see fine details on a small scale. A tiny camera that could produce 3-D images from inside the brain would help surgeons see more intricacies of the tissue they are handling and lead ...

Team creates functional ultrathin solar cells

August 27, 2015

(Phys.org)—A team of researchers with Johannes Kepler University Linz in Austria has developed an ultrathin solar cell for use in lightweight and flexible applications. In their paper published in the journal Nature Materials, ...

Interactive tool lifts veil on the cost of nuclear energy

August 24, 2015

Despite the ever-changing landscape of energy economics, subject to the influence of new technologies and geopolitics, a new tool promises to root discussions about the cost of nuclear energy in hard evidence rather than ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.