White House

A US senator has asked the White House to look into the threat that malicious ads —also known as malvertising— pose to US government networks and computers.

In a letter sent by US Senator Ron Wyden to White House Cybersecurity Coordinator Rob Joyce, the former is warning that malvertising has often been used by cyber-espionage groups to deliver malware to specific targets.

In particular, Sen. Wyden cites media reports from August 2016 that claimed that "Russia attempted to distribute malware-laden internet advertisements to at least one state election agency."

Wyden: If ad networks can't stop malvertising, then block ads

The Oregon Senator is urging the White House cyber chief to coordinate discussions with members of the advertising industry and develop a plan to end the delivery of malicious ads to computers on government networks.

"After 180 days, if you are not completely confident that the advertising industry will effectively address this cyber threat, direct the Department of Homeland Security to issue a Binding Operational Directive requiring federal agencies to block the delivery to employees' computers of all internet ads containing executable computer code," Sen. Wyden wrote in his letter.

The letter did not enter into technical details if the ads should be blocked by installing ad blockers on employees' computers, or if the blocking should take place at the network level through firewalls.

Malvertising could be used to aim malware at govt. PCs

"Using targeted ads, it is simply far too easy for foreign governments to deliver malicious code directly to the computers of government employees," Sen. Wyden added. The Senator is not wrong in his assessment.

Most malvertising campaigns are blind and random when it comes to targeting, taking whatever PC they can infect, but even so, they are usually carried out based on precise geo filters that could be easily tweaked to target the known IP ranges of government networks.

But ads can also be used to hone in on specific targets. Research carried out by experts from the University of Washington have shown that it is easy and cheap to target specific individuals with mobile ads with an accuracy of 8 meters and for a budget of $1,000 or less.

Ads, overall, present a clear danger to government computers. Malvertising campaigns like Stegano, DNSChanger, or AdGholas have shown how efficient and sometimes extremely creative they can be at delivering all sorts of malware, and how hard was it for cyber-security platforms to detect ongoing attacks in time. Blocking ads could actually be a very clever proposal on Sen. Wyden's part.

The full letter, first obtained by ArsTechnica, is available in full, here.