"Malvertising": The Hidden Hazards to Consumers' Online Security and Data Privacy

Today the Senate Permanent Subcommittee on Investigations of the Committee on Homeland Security and Governmental Affairs held a hearing on “Online Advertising and Hidden Hazards to Consumer Security and Data Privacy.” The hearing, and accompanying investigation report, focused specifically on online advertising and the “data collection processes and security vulnerabilities that have inflicted significant costs on Internet users and American businesses.” The Subcommittee calls this malicious phenomenon “malvertising.”

Today’s hearing heard testimonies from five witnesses in the online advertising field, including representatives from both Yahoo! Inc. and Google Inc. Other representatives included an online self-regulatory organization, an online advertising expert, and an official from the Federal Trade Commission. Senator John McCain, Ranking Member of the Subcommittee and head of the investigation, offered opening remarks. Integral to his remarks was the idea that “consumers who venture into the online world should not have to know more than cyber criminals about technology and the Internet in order to stay safe.”

According to the Subcommittee’s report, “[t]he Internet as a whole, as well as all the consumers who visit mainstream websites, is vulnerable to the growing number of malware attacks through online advertising. While there are many other significant vulnerabilities on the Internet, malware attacks delivered through online advertising are a real and growing problem.” In fact, a recent study released by the security firm Symantec found that “more than half of Internet website publishers have suffered a malware attack through a malicious advertisement.”

Following its investigation the Subcommittee offered six main findings on online advertising:

“Consumers risk exposure to malware through everyday activity[;]
The complexity of current online advertising practices impedes industry accountability for malware attacks[;]
Self-regulatory bodies alone have not been adequate to ensure consumer security online[;]
Visits to mainstream websites can expose consumers to hundreds of unknown, or potentially dangerous, third parties[;]
Consumer safeguards are currently inadequate to protect against online advertising abuses, including malware, invasive cookies, and inappropriate data collection[;]
Current systems may not create sufficient incentives for online advertising participants to prevent consumer abuses.”

Article formerly posted at https://www.hsdl.org/blog/newpost/view/malvertising-the-hidden-hazards-to-consumers-online-security-and-data-privacy

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

“Malvertising”: The Hidden Hazards to Consumers’ Online Security and Data Privacy

More from the HSDL Blog

Identify and Tackle Online Extremism

Space Diplomacy and U.S. Leadership

A Shot of Resilience

2023 Cyber Strategy Fact Sheet