This bank holiday weekend, there were a couple of major stories in the news. On Friday, people all over the world celebrated the royal wedding, then, on Monday, we were told Osama Bin Laden had been killed.
Both events, despite their stark contrasts, had strange parallels. Both sparked outpourings of national pride and flag-waving, and both were seized upon by cybercriminals using “˜SEO poisoning’ tactics to manipulate search results and spread malware.
So what is SEO poisoning exactly?
SEO poisoning refers to a range of techniques used by hackers to get malicious content to appear above legitimate sites in search engine results. In some cases, SEO poisoning is used to generate visits to a specially-built malicious site, but legitimate sites can also be compromised through “˜cross site scripting’ (XSS) – a tool that lets hackers insert client-side script into web pages viewed by other users.
The most common objective of SEO poisoning is to spread “˜scareware’ – users get a message warning them their computer is infected, and are prompted to download a bogus anti-virus program which is in fact a malicious package.
Because of the amount of traffic associated with “˜trending’ news stories, search terms related to those stories have become a favoured target for those behind SEO poisoning attacks. The attacks are usually recognised by search engines quite quickly, but hackers can simply move on to the next big news story, using automated systems to keep an eye on the most popular search terms.
IT Pro Portal reported that Osama Bin Laden’s death “sparked a series of phishing and malware attacks mounted by hackers” and the Naked Security blog reported that many of the image results for searches on the royal wedding were located “within malicious SEO pages” which, if users click through to them, “redirect to a rogue web site.”
What does all this mean for users?
What does this mean for your organisation?
In order to protect your company website and avoid becoming a vehicle for SEO attacks, it’s vital that web servers are monitored and secured. Whilst some attacks will redirect visitors from your site to a malicious one, there is also a risk that hackers will insert irrelevant keywords or meta data into pages on your site, giving the impression that you are the ones engaged in “˜black-hat’ (unethical) SEO practices. That could lead to Google and other major search engines imposing penalties (downgrading your page rank, for instance).
What does this mean for the future of search?
There is a growing sense that black-hat SEO has become so advanced that the search engines are themselves being undermined. Ultimately, search engines will only continue to prosper as long as they are seen by users as trustworthy organisers of information. That means they will continue finding more sophisticated ways to root-out and penalise the black-hat techniques used by cybercriminals and unscrupulous businesses.