We’ve seen a whirlwind of activity from the new Trump administration, and one can be forgiven for missing essential developments. But, one trend that may be very problematic for ad ops teams in the months ahead is the federal government’s decision to pull back on cyber security.
First, Defense Secretary Pete Hegseth’s decision to stop cyber strikes against Russia is a significant shift in strategy. Per the DoD, the goal is to facilitate peace negotiations between Russia and Ukraine. Still, many are worried about increased cyber threats to businesses, including digital publishers and advertisers.
More concerning, this decision is part of a broader rollback of cyber threat prevention initiatives across key federal agencies, including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), further weakening US cyber defenses.
According to Wired, DOGE has eliminated some 300-400 employees at CISA, and new operational restrictions hinder the agency’s ability to protect critical infrastructure, including media and advertising networks. With fewer US cyber defenses in place, publishers should consider beefing up their threat detection tools and SSPs should be on guard for new programmatic ad system vulnerabilities.
Increased Vulnerabilities to Publishers
Security experts are most concerned that these pullbacks will embolden Russian hackers and increase cyber threats against media organizations, including direct cyberattacks and programmatic ad fraud.
These aren’t idle threats.
Recently, Lee Enterprise suffered a significant cyber attack that disrupted print and online operations for multiple newspapers. The attack, linked to a Qilin, Russian, ransomware-as-a-service operation, caused printing delays and website access issues for readers, as well as revenue losses for the publisher and its advertisers.
Some newspapers could not print for days, while others had to publish reduced editions. This incident underscores the high stakes for media organizations when it comes to cybersecurity.
Beyond direct cyberattacks, security experts warn that suspending US cyber operations could undermine deterrence capabilities, exposing critical systems to more sophisticated threats. Cybercriminals and nation-state threat actors now face fewer obstacles, which creates an opportunity to scale up attacks with greater impunity.
Wired also warns that CISA’s ability to coordinate cyber defenses has been significantly weakened. It notes that its partnerships with foreign cybersecurity agencies have been restricted, and critical programs, such as election security and AI risk monitoring, have been frozen.
With fewer safeguards in place, cyber threats—particularly those targeting ad tech infrastructure—may increase in frequency and severity.
One of the biggest threats to publishers is malvertising. In 2022, GeoEdge observed programmatic technology being used as a tool for psychological warfare at the outbreak of the Russia-Ukraine war.
“We’re seeing an influx of salacious creatives engineered to cause panic and elicit clicks. These inflammatory campaigns are flooding programmatic channels and redirecting users to malicious, explicit, and scam pages,” Alisha Rosen of GeoEdge told AdExchanger at the time.
Russian threat actors have continued to refine their tactics. Last year, hackers used fake luxury car ads to target diplomats with credential-harvesting malware. More recently, Microsoft Threat Intelligence uncovered a massive malvertising campaign that infected nearly one million devices worldwide. The campaign exploited illegal streaming websites, tricking users into clicking hidden redirectors that sent them to malware-laced landing pages on GitHub and other platforms.
The escalation of these attacks underscores the growing risk of cybercriminals leveraging online ads as a tool for large-scale data theft. With weakened U.S. cyber defenses, digital publishers may face an even greater influx of these threats.
Financial and Reputational Risks of Bad Ads
For digital publishers, reducing Federal cyber operations may lead to financial and reputational risks. Malvertising campaigns and fraudulent ads can drain ad revenue, as advertisers blocklist publishers that inadvertently serve malicious or misleading ads.
Disinformation, scams, or malware in programmatic channels may influence advertisers to withdraw their budgets, leading to lost revenue and reduced fill rates.
There’s also the threat of reputational risk from serving bad ads. According to AdMonsters research, 77% of consumers say publishers with bad ads care more about making money than keeping users safe. And more than half (56%) say they’ll leave a site immediately after seeing a bad ad.
For advertisers, associating with harmful or deceptive content can trigger public backlash, regulatory scrutiny, and long-term brand damage, as we have seen. In a climate where bad actors exploit programmatic weaknesses, publishers and advertisers may need to take extra steps to safeguard their ecosystems.
Time to Beef Up Defenses?
Malvertising is a longstanding concern for most ad ops teams, but the risk has intensified due to evolving cyber threats.
Instead of solely relying on traditional pre-bid filtering, supply audits, and verification tools, ad ops teams may want to consider stress-testing their security measures to analyze real-time detection gaps. The best-prepared publishers will be those who treat this as an opportunity to fortify their defenses proactively before the next wave of attacks occurs.