» Subscribe Today!
More of what you want to know.
The Daily News
X

Forgot your password?
Skip Navigation LinksHome >
VOL. 129 | NO. 96 | Friday, May 16, 2014

Senate: Firms Must Protect Against Malicious Ads

JACK GILLUM | Associated Press

Print | Front Page | Email this story | Comments ()

WASHINGTON (AP) – The Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would force them to do so.

In a new investigative report, the Senate Permanent Subcommittee on Investigations said hackers in some cases are infecting computers using software or programming commands hidden inside online advertisements. It suggested tougher U.S. regulations or new laws that could punish the ad networks in addition to prosecuting the hackers.

Yahoo's chief information security officer, Alex Stamos, on Thursday described ways that Yahoo tries to protect Internet users, such as blocking deceptive ads that mimic operating system messages to trick users. He called the problem "a top priority for Yahoo."

"We successfully block the vast majority of malicious or deceptive advertisements with which bad actors attack our network, and we always strive to defeat those who would compromise our customers' security," Stamos said.

Google's George Salem, a senior product manager, called the problem "badware," and said Google was working diligently but sometimes reluctant to publicly discuss its efforts.

"Our goal is to stay one step ahead of mal-vertisers and not tip them off to our activities," Salem said.

The subcommittee highlighted a December 2013 incident in which an Internet user visited a mainstream website and had all of her personal information stolen via an ad on Yahoo's network. Even worse: She didn't have to click on it to deliver a virus that gobbled up her information. And as many as 2 million others may have been exposed to the attack.

The online advertising industry has grown complicated "to such an extent that each party can conceivably claim it is not responsible when malware is delivered to a user's computer through an advertisement," the Senate report said.

The panel said it found no evidence that Google or Yahoo's ad networks are more vulnerable to malware attacks than other major ones. It said the industry as a whole remains vulnerable to such forms of attack.

Several bills in Congress aimed at strengthening Internet privacy and security have stalled, and there currently is no federal data-privacy law for Internet companies. One measure, the 2011 Commercial Privacy Bill of Rights Act, would have allowed the Federal Trade Commission to require security measures for sites that collect personal information.

Follow Jack Gillum on Twitter at twitter.com/jackgillum

Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Sign-Up For Our Free Email Edition
Get the news first with our daily email


 
Blog Get more from The Daily News
Blog News, Training & Events
RECORD TOTALS DAY WEEK YEAR
PROPERTY SALES 69 311 15,028
MORTGAGES 83 338 19,668
FORECLOSURE NOTICES 0 43 3,838
BUILDING PERMITS 0 512 35,842
BANKRUPTCIES 65 247 14,281
BUSINESS LICENSES 16 120 5,111
UTILITY CONNECTIONS 70 316 21,749
MARRIAGE LICENSES 18 93 4,650

Weekly Edition

Issues | About

The Memphis News: Business, politics, and the public interest.