Hacked site reports are on the rise,Google says
#InstiWitty – Chronicles of sites hacking continue to increase, properties and businesses must take steps to ensure Th properties are safe and secure.
Google painted a bleak picture of cybersecurity trends Monday, saying the number of websites hacked rose 32 percent last year, with little relief in sight.
“We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalize by infecting more sites,” Google said in a post on its webmaster blog.
Google, which inserts security warnings when it detects hacked sites, said most of those warned can clean up their pages, but that 61 percent are not notified because their sites are not verified by the search engine.
The news comes amid growing concerns over cyber security in the wake of massive hacks affecting Yahoo, the US government, `and major e-commerce firms.
Google said certain website hacks often follow similar patterns — some insert “gibberish” on a page, while others create Japanese text that links to fake brand merchandise sites.
“Hacking behavior is constantly evolving, and research allows us to stay up to date on and combat the latest trends,” Google said.
Who gets hacked
Google found that hacked sites are often affected in similar ways. One of the most popular methods of attack is the gibberish hack, where attackers create pages filled with keywords on a target site. These pages rank highly in search and can be used to redirect unsuspecting individuals to malicious content.
A second approach is the Japanese keywords hack, where attackers create Japanese text pages containing links to stores selling counterfeit goods.
There is also the cloaked keyword attack, where pages appear to be part of an original, legitimate site but contain hidden links to dubious content.
Google expected the problem to increase further. In fact, the company suggested malicious actors will continue to capitalize on the internet by infecting more online properties as sites become outdated.
How to avoid becoming a hacked site
IT managers and webmasters must be aware of the risk a hacked site poses. They should take preventative and proactive measures to keep errant individuals at bay.
The web has become the platform of choice for many attackers, and websites are not the only target. Experts have reminded developers to program defensively to prevent security bugs from cropping up in their online software.
Security professionals should also be aware of vulnerabilities posted by connected Internet of Things (IoT) devices — ForeScout stated that some products can be compromised in as little as three minutes.
Google reminded webmasters that it is always best to take a preventative approach rather than having to deal with the aftermath of an attack.
Site leaders should stay on top of updates from content management system providers as well as software and hardware vendors.