Programmatic media buying in an open exchange model is vulnerable to this kind of attack vector, and the number of malvertisers is growing day by day. The ad industry needs to be quicker at adopting the private marketplace model in order to mandate a bit more transparency between the buyer and seller.

The OP article was a bit alarmist with the hackers singling out defense contractors. I think the real intent of the hackers/malvertisers is this:

>Invincea recently saw a malvertiser win a bid and delivered a Java exploit. This exploit copied a fully functional version of Chrome into the Java cache directory, and that version of Chrome launched in the background and proceeded to visit websites and click on specific ad banners. It is presumed that these ad banners paid revenue via referral bonuses to the malvertiser. By paying 65 cents to install a background web browser that does nothing but click fraud, the malvertiser is able to reap hundreds if not thousands of dollars in advertising referral income. It is a pretty good return on investment, which in turn allows the malvertiser to fund his micro-targeted malvertising attack campaign.

Just like Email several years ago, there's just too much accessibility and money out there for spammers and malvertisers to not jump to Display.