[BreachExchange] Why advertising and media agencies are so appealing – and vulnerable – to hackers

Thu Jun 29 19:45:54 EDT 2017

http://www.thedrum.com/opinion/2017/06/29/why-advertising-and-media-
agencies-are-so-appealing-and-vulnerable-hackers

The advertising industry has known for years that it was a prime target for
a cyber-attack and this week that fear became a reality when a number of
WPP companies were struck by a major ransomware cyber-attack.

The cyber-attack at WPP agencies such as MediaCom, JWT and Y&R (part of an
attack on companies across the globe) froze users’ computers and demanded
an untraceable ransom to be paid in Bitcoin.

While governments and the energy sector may be seen as the number one
targets for hackers, with the prize of potentially bringing the country to
a standstill, advertising businesses, particularly a big holding group like
WPP, are also an enticing target.

Principally, this is because of the sheer volume of consumer data they hold
– millions of IP addresses and device ID profiles, compromising not only
the security of the advertising or media agency but also potentially the
security of the individuals’ data it holds.

Secondly, advertising agencies are also exposed to cyber-attacks because a
large chunk of their business is run online and, for a large holding
company like WPP, this means it has a huge online surface to rebuff
attackers wanting to raid consumer data and possibly other data, such as
potentially lucrative financial information.

Thirdly, WPP is a FTSE 100 giant and the poster boy for UK advertising
which reaches millions of people around the world through its adverts, with
an opinionated chief executive in Sir Martin Sorrell.

Such a company therefore represents a scalp for hackers, who might not
agree with an economic or political stance it has taken and want to do it
reputational damage or manipulate public opinion.

Details about Tuesday’s breach are still hazy but it’s telling that the
hack did not impact systems or computers that had operating system patches
distributed by Microsoft in the wake of its last ransomware attacks.

This tells me that businesses like WPP are acutely aware of the dangers of
cyber-crime and are demanding that its agencies are on top of it.

WPP hasn’t confirmed whether the cyber-attack has attacked its trading
desks and data management platforms (DMPs) but the mood music seems to be
suggesting that the attacks has been dealt with a minimum of detrimental
impact.

However, if there had been a serious DMP breach then WPP would be spun into
fire-fighting mood, as a tsunami of unidentifiable data could be shared
online.

Although this data isn’t uniquely identifiable to individual users, it does
includes IP addresses and mobile and device ID profiles among other data
which makes users targetable through online means.

And as trading desks are collecting billions of different data points from
client websites, retail sites and offline behaviours, there could have been
a massive amount of data shared online and used for nefarious purposes.

Fortunately, because agency trading desks are collecting anonymous data
rather than data that identifies individuals, it means that hackers can’t
directly target specific individuals whose data has been compromised, but
such a breach will no doubt put the frighteners on trading desks to shore
up their defences.

One big danger for advertising and media agencies is if clients get jittery
about the security of the slew of data being held by agencies and its
security and do not trust the current checks and balances in place.

They may demand the agency impose more data security, which would imply a
big expense for the agency to fix. Alternatively, this could present
opportunities for rivals to pinch the business, on the back of showcasing
its cyber security credentials as being superior.

This could become an increasingly big issue as agencies (especially digital
and trading desks specifically) hold a massive amount of audience profiling
data.

Despite agencies and trading desks talking the talk on pioneering digital
marketing techniques, the harsh reality is that data management within
agencies is still in its infancy and agencies aren’t as secure as they
should be for the amount of data they store on behalf of clients.

That said, it is worth pointing out that most of the first party data
collected from brands through trading desks and DMPs is managed through
third party services external to the agencies, which adds another line of
defence against the hackers.

And let’s not forget that advertising businesses are generally well run
businesses and it’s hard not to believe that most if not all don’t have a
disaster recovery plan to shield themselves from the immediate fallout of a
cyber-attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170629/01b086f3/attachment.html>