TAG’s Threat Intelligence mission aims to facilitate a trusted space for the TAG Community to build defences against threats of a cyber nature, which includes sharing threat intelligence, mitigate malware in the ecosystem and more.
#CyberSecurity #ThreatIntel #ThreatSharing #Malware #Malvertising
The dangers of malware are nearly as old as computers themselves, but the concept of malvertising is a relatively new one to businesses and consumers alike. While the term malware can mean malicious software of any sort delivered by any means, “malvertising” refers to the use of digital advertisements – including creative, tags and landing pages – specifically to distribute malware, often for financial gain.
Malvertising is now a problem at scale. Recent research suggests that despite improvements in the digital ad landscape, nearly 1 in every 100 ad impressions were still impacted by a malicious or disruptive ad, suggesting that more than 20% of user sessions may be impacted by malvertising. The financial impact of malvertising has grown apace as well. In 2018, it was estimated that the industry lost $210 million annually to auto-redirects, and another $920 million from the ads auto-redirects facilitated with click fraud.
TAG coordinates an industry-wide effort to improve defense against malware to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers. In 2017, TAG became the Information Sharing and Analysis Organization (ISAO) for the digital advertising industry, a Department of Homeland Security designation making TAG the primary forum for sharing threat intelligence in our industry.
Chris Olson[W]e also shared intelligence with other key players in the digital ad ecosystem through the Trustworthy Accountability Group (TAG) Threat Exchange.
By presenting information about persistent and malicious third-party code in the TAG malware group, there is a network effect that occurs. Working together with customers and the industry, our goal is to greatly reduce the impact of these types of large-scale attacks across the advertising ecosystem.
Since 2014, TAG has partnered with industry leaders to design and strengthen the Certified Against Malware (CAM) Program, providing companies with a roadmap for taking on the complicated issue of malvertising.
The recent Brand Safety Consumer studies, conducted jointly with the Brand Safety Institute (BSI), found that over 80% of UK and US consumers would reduce their spending on an advertised product by more than half if the ad had infected their computers or mobile devices with malware – and over 57% would stop buying that product altogether.
This consumer behavior trend definitely caught the attention of digital advertisers, resulting in a significant increase in the implementation of industry best practices against malware since the Certified Against Malware program began.
The Anti-Malware Working Group coordinates industry-wide efforts to improve defence against malvertising attacks to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers.
The working group reviews all of TAG’s anti-malware standards and tools to ensure they remain on the cutting edge of industry best practice.
First published in November 2022, the Malvertising Taxonomy was created to help standardise the definition of Malvertising within digital advertising. Developed in collaboration with the TAG Community, the taxonomy includes:
Proactive sharing of threat intelligence helps build industry resilience against evolving threats. TAG has facilitated threat-sharing across the digital ad industry since 2015, and the suite of threat-sharing activities available to the TAG Community has grown and evolved significantly over time to include curated tools for anti-fraud and anti-piracy threats, as well as all-hands briefings to facilitate the digital ad industry’s coordinate response to major malvertising and ad fraud attacks.
The TAG Threat Exchange enables the TAG Community to share real-time intelligence about threats they see, stay abreast of new and emerging threats that could affect their operations, and protect the digital advertising supply chain as a whole.
Powered by TruSTAR technology, the Threat Exchange enables companies to:
While the concept of sharing threat intelligence is fairly new to the digital advertising ecosystem, the industry has already enjoyed several huge wins against malvertisers thanks to companies sharing information about the threats they uncover with one another and partnering with law enforcement to take down the criminal rings responsible.
If your company is interested in participating in TAG's Threat Exchange program, send an email to info@tagtoday.net requesting more information.
Cybercriminals are exploiting the vulnerabilities within the media more and more. From malvertising attacks to utilizing digital advertising for social engineering tactics, cybercriminals are leveraging the latest technologies to level up their game.
As the first and only Information Sharing and Analysis Organization (ISAO) for digital advertising, TAG is collaborating with the wider TAG Community, local law enforcement agencies and international government to bring threat intelligence forecasts, research and information to help mitigate these evolving threats.
How do I become a CAM-certified company?
Please refer to section 2 of the CAM Guidelines.
I've got a question about my CAM Certification Application. Who should I contact?
Please email us at info@tagtoday.net and someone from the Policy and Compliance team will get back to you as soon as possible.
My company holds the CAM Seal for the current year but the guidelines have just been updated. Will my company fall out of compliance immediately?
No, your company will not fall out of compliance immediately.
When we release an update to one of our certification programs, all currently certified members are given a grace period of at least 6 months to come into compliance with the latest version.
All companies applying for certification and recertification in the upcoming year will need to show compliance with the latest version.
My company hasn't achieved the CAM Seal yet but is working towards achieving the certification. The guidelines for the program have just been updated. Which version of the program guidelines should I follow?
We recommend that you start working towards compliance with the latest version of the program's guidelines. This will ensure:
All companies applying for certification and recertification in the upcoming year, will need to show compliance with the latest version.
When is Recertification/Certification?
Recertification/Certification happens in January every year. All applications for any (or all) of TAG's seals should be submitted by January 31st. We will then take 4-6 weeks to process all applications and notify member companies of the result(s).
How do I check my company's and other TAG Member Company's certification status?
You can check your company's certification status on the TAG Registry.
You can also search for other TAG Member's status on the TAG Registry as well.
What is the TAG Threat Exchange?
Please refer to the Threat Exchange section of this page.
How do I learn more about or join the Threat Exchange?
Please email us at info@tagtoday.net and one of the Threat Intelligence team will get back to you.
Where do I download a copy of the Malvertising Taxonomy?
Please refer to the Malvertising Taxonomy section of this page.
October is Cyber Awareness month and for the second year running, TAG are Cyber Champions!
What does Cyber Champions mean?
This means that throughout October, we'll be sharing tips, cheat sheets and more on how you can stay #CyberSmart and #CyberSafe.
Head to the Cyber Awareness Month Page to get the information you need!