Mercifully, Futurama’s dystopic vision for the future of advertising, in which offers and sales are beamed directly into our eyeballs, is still a thousand years in the future. However, that doesn’t change the fact that modern advertising can be just as ubiquitous and intrusive.
Online, many ads tend to be delivered by dedicated groups, rather than on a personal or site-by-site basis. The recent actions of a group of hackers known as Tag Barnakle have revealed several holes in this method though, by infecting ad servers en-masse. These compromised advertisements are then sent straight through otherwise trusted websites to unsuspecting users.
Security partners such as Geoedge can provide a barrier between users and malicious advertising – or malvertising – by helping publishers gain control of the kind of content served to their audiences. But the onus is on marketing companies to shepherd and protect their advertisements from the moment they’re created.
Advertising is, therefore, in a crucial stage in its never-ending development. Ignoring TV, where the average viewer consumes 41 commercials per day, each person is exposed to between four and ten thousand ads in every 24-hour period, largely due to the amount of time we now spend on the internet and in mobile apps.
The rise in the use of ad-blockers has granted some reprieve to weary web-surfers, although their popularity has reduced the ability of websites and content creators to earn money. In a worst-case scenario, research group Ovum found that this could mean a global revenue loss of up to £35bn, split between any company that advertises online.
For the nicer corners of the internet, this financial slump could be catastrophic. Already, many websites plead with visitors to turn off their digital guardians. However, as mentioned, the problem lies with ad providers themselves rather than cautious users. Tag Barnakle managed to take over 60 ad servers in 2020, a figure it doubled to 120 by the same month in 2021.
Tag Barnakle’s Borg-like ability to conquer technology has as much to do with the group’s determination as it does with the technology itself. The Revive Adserver, blamed for many of the 2020 attacks, had a number of problems, including in password recovery forms and from “open redirection vulnerabilities”, which captured clicks and sent users elsewhere.
Revive shifted much of the blame onto lax IT technicians, who may have been running outdated versions of its server software. As a means of calming the rightfully-annoyed rabble, the company teamed up with white hat hacking group HackerOne, which places bounties on bugs and other software issues.
Overall, advertisers have a difficult task ahead of them. However, restoring faith in consumers could solve all of them. Improving ad security could result in lower numbers of web users opting for adblockers, which will increase the amount of revenue that content creators can earn from their various web properties.
The feeling that ad servers aren’t doing anything at all to improve their relationship with customers is rife, though, not least because hacker groups have been able to gain more ground year-on-year.