Google uncovers 16,500 infected websites per week.
Researchers at Google and academics at the University of California discovered more than 750,000 compromised websites across the Internet over a one-year period.
However more worryingly, with over 12% of recently fixed websites
falling victim again to a new attack within 30 days, webmasters are failing to
respond to the malware-infected websites.
The study, "Remedying Web Hijacking: Notification Effectiveness
and Webmaster Comprehension" found that the problem stems from
malware and that attackers continuously plant malicious code on poorly
"The proliferation of web threats such as
drive-by downloads, cloaked redirects and scams stems in part from miscreants
infecting and subverting control of vulnerable web servers," said the report. "Sites operating popular
platforms such as WordPress, Joomla, and Drupal faced an increased risk of
becoming compromised, primarily because miscreants focused their efforts on
exploits that impacted the largest market share."
Google and Berkeley academics found that
webmasters who had registered their sites with Google's Search Console, meant
that webmasters who were emailed about a breach were able to fix the problem
62% faster.which is within three days, than those who did not receive any tips
on how what to do post-breach.
"As we work to make the web a safer
place, we think it's critical to empower webmasters and users to make good
security decisions. It's easy for the security community to be pessimistic
about incident response being 'too complex' for victims, but as our findings
demonstrate, even just starting a dialogue can significantly expedite
recovery," Googlers Kurt Thomas and Yuan Niu of Google's Spam & Abuse
Research team said in a blog post
The study was carried out by Google's Eric Kuan, Yuan Niu, Lucas Ballard, Kurt
Thomas, and Elie Bursztein and the University of California, Berkely's Frank
Li, Grant Ho, and Vern Paxson, between July 2014 and June 2015.
[c] 2016 ITP Business Publishing Ltd. All Rights Reserved. Provided by SyndiGate Media Inc. ( Syndigate.info ).