Greater Security Could Prevent Persistent Adware

Our long-time friend and collaborator, Craig Spiezle, Chairman Emeritus of the Online Trust Alliance, called our attention to yet another issue involving the digital advertising ecosystem and malware, this one involving real national security concerns. While this particular problem goes far beyond advertising, it could impact the industry simply because it is such an important security threat. In a sense, adware just uses our industry as a vehicle to purloin information.

Researchers have discovered an uncommonly advanced form of adware that raises questions about the potential dangers posed by an often overlooked digital scheme, called Advanced Persistent Adware by the consulting firm Booz Allen.

Booz Allen detailed in a blog post right before Christmas how this works and called for far greater threat detection capabilities than are currently used by American cybersecurity.

Adware has been traditionally used to inject advertisements into an unsuspecting user’s browser, which then secretly gathers browsing information. That in and of itself is enough to make it out of synch with 2018’s new data privacy regulations. But the Advanced Persistent Adware Booz Allen uncovered is like a dystopian science fiction movie, because it is designed to evade detection and take orders from a command-and-control server.

It also apparently randomizes its file name to hide detection from anti-virus software, and the APA’s communications with the command-and-control server are encrypted. If directed, the APA can morph and exfiltrate data from its victims. This would not only be a violation of GDPR, but a threat that would quickly be recognized by all governments that enforce privacy rights.

Booz Allen compared this new threat to another pernicious form of adware that cyber firm Carbon Black recently discovered last year. It is no wonder that consumers are tempted to cut off ads altogether. All the research we’ve read has had that what consumers dislike are not ads themselves, but the propensity to be “stalked” if they don’t run an ad blocker. And by stalked, most consumers only think about being followed around by brands, not by rogue nations trying to exploit our government. It’s pretty awful that advertising has become a vector for much more dangerous cybercriminal operations.

We concur with the conclusion of Booz Allen that these examples demonstrate the growing need for advanced detection as the playing field continues to evolve in favor of these advertising related threats.  Collectively they are undermining ad-supported content and services. We’re in a New Year, and perhaps we should make this year the year of better cybersecurity.