Google says 32 percent more websites were hacked in 2016 compared with the year prior, and that most operators of hacked sites were never informed of it.
The search giant highlighted the uptick in hacked sites in its state of website security report for 2016, and warns that the trend is likely to continue as hackers ply outdated sites for vulnerabilities.
“We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalize by infecting more sites,” it warned.
Google uses its Safe Browsing technology to warn Chrome and Google Search users against visiting a site it deems dangerous to visit because the site has been hijacked, for example, to redirect visitors to porn or other shady sites. Google will issue warnings until the site is cleaned of an infection, which may result in a fall-off in traffic.
One of the key tools it uses to inform site operators of a suspected issue is the Google Search Console. According to Google, 84 percent of site owners who apply for reconsideration do successfully clean their sites. But 61 percent of owners whose site was hacked were never told of their status by Google because their site wasn’t verified with Search Console.
Google’s definition of a “hacked site” in Search Console spans a variety of problems that it picks up as spam in its search index, ranging from user-generated spam, dodgy links, sneaky redirects, cloaked images, and hidden text or keyword stuffing.
It has also published a document to help site operators find and address the common root causes of site security issues, which include running out-of-date web server software, content management systems (CMS), or CMS plugins.
Other risks it highlights are security policy holes, such as allowing users to create weak passwords, too liberal administrative access, not enabling HTTPS for login pages, and allowing files uploads from unauthenticated users. It also has a section on common causes of data leaks and how to remedy them.
Another useful document is its “glossary for hacked sites”, covering security terms that could help clarify its remediation instructions for less technically experienced admins.
Links to each of the documents can be found in Google’s 2016 state of website security report.
It has published these documents due to high demand by site operators for “easier to understand documentation about hacked sites”, it said. As part of this effort to provide clearer documentation, it has also released an explainer on common hacks, what hackers stand to gain by each attack, and common impacts.
But while Google has worked to improve how it communicates about an often tricky and complex subject, it does remind site operators that prevention is always better than finding a cure and a large part of that means running up-to-date software.
“As always it’s best to take a preventative approach and secure your site rather than dealing with the aftermath. Remember a chain is only as strong as its weakest link,” it says.