Originally posted at Wired by Joseph Cox

A letter to Congress shared with Motherboard shows that the US National Security Agency, the Central Intelligence Agency, and other members of the Intelligence Community use ad blockers on their networks as a security protection. “The IC has implemented network-based ad-blocking technologies and uses information from several layers, including Domain Name System information, to block unwanted and malicious advertising content,” the IC chief information officer wrote in the letter.

You may use an ad blocker to make your browsing experience more pleasant, but the tools also have potential defense benefits. Attackers who try to run malicious ads on unscrupulous ad networks or taint legitimate-looking ads can steal data or sneak malware onto your device if you click, or sometimes by exploiting web vulnerabilities. The fact that the IC views ads as an unnecessary risk and even a threat speaks to long-standing problems with the industry. The NSA and Cybersecurity and Infrastructure Security Agency have released public guidance in recent years advising the use of ad blockers as a security protection, but the IC itself wasn’t required to adopt the measure. Its members deployed ad blockers voluntarily.

The security division of Russian telecom giant Rostelecom took down a portion of a notorious botnet this week, thanks to a flaw introduced by the malicious platform’s developers. The error allowed Rostelecom to “sinkhole“ part of the system. A botnet is a zombie army of devices that have been infected with malware to centrally control coordinated operations. The platforms are often used for DDoS attacks, in which actors direct a firehose of junk traffic at a target’s web systems in an attempt to overload them.

The Meris botnet is currently the largest botnet available to cybercriminals and is thought to be made up of about 250,000 systems working collectively. It has been used against targets in Russia, the United States, and the United Kingdom, among others. The Rostelecom partial takedown is significant, because Meris attacks are powerful and challenging for targets to combat. Earlier this month, a Meris attack on the Russian tech giant Yandex broke the record for largest-ever volumetric DDoS attack. Yandex managed to defend itself against the assault…

Read more at Wired

Download PDF here