Senate: Firms must protect against malicious Web ads

WASHINGTON — The Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would force them to do so.

In a new investigative report, the Senate Permanent Subcommittee on Investigations said hackers in some cases are infecting computers using software or programming commands hidden inside online advertisements.

It suggested tougher U.S. regulations or new laws that could punish the ad networks in addition to prosecuting the hackers.

Yahoo’s chief information security officer, Alex Stamos, on Thursday described ways that Yahoo tries to protect Internet users, such as blocking deceptive ads that mimic operating system messages to trick users.

Stamos called the problem “a top priority for Yahoo.”

“We successfully block the vast majority of malicious or deceptive advertisements with which bad actors attack our network, and we always strive to defeat those who would compromise our customers’ security,” Stamos said.

Google’s George Salem, a senior product manager, called the problem “badware,” and said Google was working diligently but sometimes reluctant to publicly discuss its efforts toward that end.

“Our goal is to stay one step ahead of mal-vertisers and not tip them off to our activities,” Salem said.