- Sep 22, 2014
- 1,767
Google announced yesterday a new notification and remediation system for dealing with hijacked websites that have been compromised to spread malware or scam users.
The new webmaster notification system was perfected during joint research with the University of California, Berkeley, research which was also presented at last week's 25th International World Wide Web Conference.
Google says that the study analyzed 760,935 hijacking incidents from July 2014 to June 2015, as identified by the company's Safe Browsing and Search Quality features.
The company said it used these security incidents to test and compare a new notification system that informed users their site was hacked.
Contacting webmasters via email yielded the best remediation rates
Google says that when webmasters added their domains to Google's Search Console and the company had the owner's email address on hand, webmasters cleaned out compromised websites in 75 percent of cases if contacted directly by email.
In cases where the webmaster's email was not on hand, relying solely on Safe Browsing alerts (browser-based warnings) yielded a much smaller remediation efficiency of only 54 percent.
When Google relied on search results warnings by adding the "This site may harm your computer" notification next to each search listing, only 43 percent of the compromised websites were cleaned.
Google says it achieved the best results when it also included remediation tips with its emails, which cut down clean-up time by 62 percent, usually within three days.
One in eight websites gets reinfected in the first month
With all the good intentions, Google's researchers also noted that 12 percent of the cleaned websites ended up getting compromised again in less than 30 days after being declared clean.
"To improve this process moving forward, we highlighted three paths: increasing the webmaster coverage of notifications, providing precise infection details, and equipping site operators with recovery tools or alerting webmasters to potential threats before they escalate to security breaches," Google noted.
Moving forward, Google plans to improve the communications and notifications sent to webmasters, primarily by adding early warnings for outdated software or for urging webmasters into adding additional authentication systems when necessary.
Read more: Google Detected 760,000 Compromised Websites During One Year
The new webmaster notification system was perfected during joint research with the University of California, Berkeley, research which was also presented at last week's 25th International World Wide Web Conference.
Google says that the study analyzed 760,935 hijacking incidents from July 2014 to June 2015, as identified by the company's Safe Browsing and Search Quality features.
The company said it used these security incidents to test and compare a new notification system that informed users their site was hacked.
Contacting webmasters via email yielded the best remediation rates
Google says that when webmasters added their domains to Google's Search Console and the company had the owner's email address on hand, webmasters cleaned out compromised websites in 75 percent of cases if contacted directly by email.
In cases where the webmaster's email was not on hand, relying solely on Safe Browsing alerts (browser-based warnings) yielded a much smaller remediation efficiency of only 54 percent.
When Google relied on search results warnings by adding the "This site may harm your computer" notification next to each search listing, only 43 percent of the compromised websites were cleaned.
Google says it achieved the best results when it also included remediation tips with its emails, which cut down clean-up time by 62 percent, usually within three days.
One in eight websites gets reinfected in the first month
With all the good intentions, Google's researchers also noted that 12 percent of the cleaned websites ended up getting compromised again in less than 30 days after being declared clean.
"To improve this process moving forward, we highlighted three paths: increasing the webmaster coverage of notifications, providing precise infection details, and equipping site operators with recovery tools or alerting webmasters to potential threats before they escalate to security breaches," Google noted.
Moving forward, Google plans to improve the communications and notifications sent to webmasters, primarily by adding early warnings for outdated software or for urging webmasters into adding additional authentication systems when necessary.
Read more: Google Detected 760,000 Compromised Websites During One Year
