Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Web Browsing, Search, And Online Ads Grow More Risky, Google Says: Page 2 of 3

A Google spokesperson didn't immediately reply to a request for comment.

"Today, the majority of Web advertisements are distributed in the form of third-party content to the advertising Web site," the report explains. "This practice is somewhat worrisome, as a Web page is only as secure as its weakest component. In particular, even if the Web page itself does not contain any exploits, insecure Ad content poses a risk to advertising Web sites. With the increasing use of Ad syndication (which allows an advertiser to sell advertising space to other advertising companies that in turn can yet again syndicate their content to other parties), the chances that insecure content gets inserted somewhere along the chain quickly escalates. Far too often, this can lead to Web pages running advertisements to untrusted content."

Provos said that on average, 2% of malicious Web sites were delivering malware via advertising, based on an analysis of about 2,000 known advertising networks. But because ads target popular sites, searchers are more likely to find them than their general prevalence suggests. "[O]n average, 12% of the overall search results that returned landing pages were associated with malicious content due to unsafe Ads," the report says.

Provos and his co-authors single out the practice of ad syndication -- in which ad companies redirect online ad content requests to a chain of partners -- as the source of many problems. "Clearly, it is increasingly difficult to maintain trust along such long delivery chains," the report says.

Some of the blame for the proliferation of drive-by downloads can be laid at the feet of server administrators. The report finds that among the servers distributing malware, 38.1% of Apache servers and 39.9% of servers with PHP scripting support were older versions with known security vulnerabilities. Provos and his co-authors said they could not verify the versions of infected Microsoft IIS severs. Overall, more than twice as many Microsoft IIS servers (113,905) were distributing malware as Apache servers (55,088), according to the report.