Trade bodies urged to lead the fightback against malware

Publishers are chiefly responsible for preventing the spread of malware, but a widespread lack of education over the risk is a major barrier to successfully stomping it out, according to research which urges trade bodies to more proactively tackle the issue.

Malware is on the rise, but there is little coherent thinking on how to deal with it among media players

The findings were unearthed today (6 July) in a study commissioned by The Media Trust, and conducted by ExchangeWire Research, which found that less than a fifth (19 per cent) of media professionals feel ‘very well informed’ about the threat of malware.

Almost two thirds felt (65 per cent) ‘somewhat informed’, while 16 per cent claimed to have little awareness of the matter, according to the study which probed of 138 media professionals from various tiers of the industry, with opinions sourced from across the globe (see chart below).

Entitled ‘The perceptions and realities of malvertising in the digital publishing and advertising industry’, the study also revealed a widespread agreement that the threat posed by malware is on the rise, with varying opinions the success of currently available solutions (see charts below).

Almost a third of respondents claimed that publishers are chiefly responsible for dealing with the problem (see chart below) while 36 per cent of publishers participating in the event claiming they are ‘very confident’ that their organisation ‘has the ability to verify the successful placement of each ad in every campaign’

“Looking at responses by organisation type, non-publishers (brands, ecommerce companies, DSPs [demand-side platforms], SSPs [supply-side platforms], ad exchanges and media agencies) are more educated about malware, one quarter (24 per cent) report they are ‘very well informed’, compared to only 10 per cent of the publisher group (including ad networks),” reads the report.

Speaking with The Drum, Rebecca Muir, ExchangeWire’s head of research, noted the differences in the responses from publishers in the different regions surveyed, adding that those in continental Europe are more likely to claim to be in control of the site.

For instance, US publishers think 63 per cent publisher websites are at risk of malware attacks, with their German equivalents believing this figure to be less than half that (29 per cent). Similarly, French publishers think the threat on publisher sites is low (28 per cent), whereas UK publishers think the threat is relatively high (62 per cent).

According to Muir, these contrasting results can be read in a number of different ways, with one reading of the scenario being that the crowded nature of the US and UK markets meaning publishers there are more exposed to the threat of malware.

Alex Cravero, an Associate at legal firm Kemp Little, and participant in the study, said: “The larger size of the US technology market, and the companies of which it comprises, amplifies the risk and effect of cyber incidents including the threat of malware. In addition, the greater maturity of the US market means industry professionals will have been aware of, or may have otherwise experienced, the threat of malware for a longer period of time than may be the case in other markets.”

Muir added: “French and German publishers also think they are much better protected due to things like publisher collectives, as well as the [more stringent] privacy laws there.”

With such diverse opinions (these diverse opinions could be read as confusion) both ExchangeWire and The Media Trust used the study to recommended trade bodies provide more guidance on dealing with malvertising.

“Regardless of geography, there is an urgent need for deeper understanding and better education so the online and mobile ecosystems can effectively fight digital fraud,” said Muir.

Richard Reeves, managing director, AOP, and participant in the study added: “Divided perception of a problem is one of the biggest barriers to solving it effectively. Although opinion on which platform is most affected by malware is fragmented, what the industry can agree on is that malware in any form must be eradicated.”

The publication of the report marks the arrival of The Media Trust in the UK, with the security outfit drafting in ad tech veteran Matt O’Neill to head up its European operations. He went on to cite research demonstrating that up to 85 per cent of code on an average publisher’s website is beyond their control.

O’Neill further painted a theoretical scenario on how malware can infect ecosystem to The Drum. “Malware comes into the ecosystem through a variety of different ways. This can be via demand partners [such as open ad exchanges, etc.] with the software then being able to install itself on a user’s desktop, and then potentially creating a botnet that runs in the background without the user knowing,” he said.

“From instances you can see that this is not just an issue for publishers, because the threat of malware is one of the mains reasons for the rise of ad blocking. We commissioned this piece to see just what the awareness and perceptions of the problem were,” added O’Neill.

Click here for a free copy of the full report

Ronan Shields

I'm the digital editor at The Drum, and cover adtech and martech. Prefer news and analysis, over opinion pieces. Current fascination(s) are blockchain and media futures trading; also curious about transhumanism on a personal basis. NYC-based, but really London Irish.

All by Ronan