About 1.2 million sites have been compromised by hacker attacks that integrate malware into the sites source code. The strong majority of these sites were just typical spots on the web, intending to give customers some useful features or information - not steal their identity or sell their contact information.
However, security issues with coding (and more specifically with PHP and Javascript elements that are improperly structured) can let hackers tap into the site and bend it to serve their own purposes.
That's why Google has added an additional layer of security to its search engine results page. When Google finds a site that seems to be hacked, it displays the message "This site may have been compromised" below the standard link. Additionally, just in case this warning is missed, users who click directly on the link will be taken to a confirmation page from Google with a repeat warning before they're redirected.
Users who click on the warning itself will be taken to an informational page where they're told about how issues like this occur and the risks they present for visitors. These risks include the loss of private data, having login information captured by third parties, having contact information sold, or even having spyware or malware downloaded unintentionally to your computer.
Google has stated that they will try to get in touch with anyone running a site that seems to have been compromised, informing them of what's happened, how it happened, how to fix it, and how to have the warning label that essentially serves as a "keep out" sign removed.
Google may have learned some of these lessons about vulnerable code the hard way. Their own Website Optimizer Tool, a prominent part of their Webmaster utility belt, had a fracture that let previously vulnerable sites be re-accessed through Google's code.
Published by Jen Williams, guest author for Pronet Advertising
UPDATE 3/1/2011: After posting the above, Jen has published another article on the subject which may be of interest.
Site Hacking Alerts Added to Google Searches
To make your Google search results more productive for your needs, a new feature has recently been added by the search engine industry leader that promises to make users more confident while searching and visiting sites.
Google recently introduced a new feature that will alert users to potential hacking activity from their online searches. Google's goal is to help users avoid these malicious sites and any fallout that could result from visiting them. Google promises to also go as far as notifying the site's webmaster through their main account or via any email addresses available of any suspicious hacking activity.
Just how will the alert work?
According to one of the associate product managers at Google, Gideon Wald explained that there will be several automated tools that Google will have in place to detect the common signs of a site that has been hacked. The automated tools will then add a notification to the search results to warn users that the suspicion of hacker activity exists on the site. If the user chooses to proceed despite the notification, it is at their own risk.
While this new Google feature will not eliminate malware and hackers, it will give users the choices they need to make decisions that will likely affect their PC and its productivity. With this information, users will be able to enjoy their searches with slightly more confidence in the material that's given to them.
The attempt to reduce malware and spamming activity has been one that webmasters and the industry as a whole has worked to reduce for quite a while. Hackers and spammers are very clever, and new ways of launching vicious computer viruses are always surfacing. Google hopes to counteract the back end of that activity by at least notifying users that possible activity of that sort may be present on certain sites that are returned on their search engine queries.
Published by Jen Williams, guest author for Pronet Advertising
However, security issues with coding (and more specifically with PHP and Javascript elements that are improperly structured) can let hackers tap into the site and bend it to serve their own purposes.
That's why Google has added an additional layer of security to its search engine results page. When Google finds a site that seems to be hacked, it displays the message "This site may have been compromised" below the standard link. Additionally, just in case this warning is missed, users who click directly on the link will be taken to a confirmation page from Google with a repeat warning before they're redirected.
Users who click on the warning itself will be taken to an informational page where they're told about how issues like this occur and the risks they present for visitors. These risks include the loss of private data, having login information captured by third parties, having contact information sold, or even having spyware or malware downloaded unintentionally to your computer.
Google has stated that they will try to get in touch with anyone running a site that seems to have been compromised, informing them of what's happened, how it happened, how to fix it, and how to have the warning label that essentially serves as a "keep out" sign removed.
Google may have learned some of these lessons about vulnerable code the hard way. Their own Website Optimizer Tool, a prominent part of their Webmaster utility belt, had a fracture that let previously vulnerable sites be re-accessed through Google's code.
Published by Jen Williams, guest author for Pronet Advertising
UPDATE 3/1/2011: After posting the above, Jen has published another article on the subject which may be of interest.
Site Hacking Alerts Added to Google Searches
To make your Google search results more productive for your needs, a new feature has recently been added by the search engine industry leader that promises to make users more confident while searching and visiting sites.
Google recently introduced a new feature that will alert users to potential hacking activity from their online searches. Google's goal is to help users avoid these malicious sites and any fallout that could result from visiting them. Google promises to also go as far as notifying the site's webmaster through their main account or via any email addresses available of any suspicious hacking activity.
Just how will the alert work?
According to one of the associate product managers at Google, Gideon Wald explained that there will be several automated tools that Google will have in place to detect the common signs of a site that has been hacked. The automated tools will then add a notification to the search results to warn users that the suspicion of hacker activity exists on the site. If the user chooses to proceed despite the notification, it is at their own risk.
While this new Google feature will not eliminate malware and hackers, it will give users the choices they need to make decisions that will likely affect their PC and its productivity. With this information, users will be able to enjoy their searches with slightly more confidence in the material that's given to them.
The attempt to reduce malware and spamming activity has been one that webmasters and the industry as a whole has worked to reduce for quite a while. Hackers and spammers are very clever, and new ways of launching vicious computer viruses are always surfacing. Google hopes to counteract the back end of that activity by at least notifying users that possible activity of that sort may be present on certain sites that are returned on their search engine queries.
Published by Jen Williams, guest author for Pronet Advertising
No comments:
Post a Comment
Please note: To combat comment spam, non-constructive comments and comments containing links will be rejected. All submitted comments are subject to moderation before they are published on the blog.
I have received reports that some people have been experiencing problems when commenting on the blog. If you experience any problems when posting your comment, please send me an email with your comment plus the post title using the Contact tab above and I will manually include it for you. You can also send your comment via private message on Facebook.
Your blog comments are always appreciated and thank you for your patience while we try to resolve this issue.