What if Google's Hack Attack Warnings Grab Your Site?

Google has begun adding warnings to its search result listings indicating if it believes a site has been hacked. In such an instance the words, "This site may be compromised," will appear under the site details. Users are still free to visit the site, but clicking the warning message will lead to a page explaining what can be done to keep safe.

Google also encourages the user to inform the webmaster if possible, although Google will attempt to inform the webmaster too provided he or she is signed up with its Webmaster Tools. Additionally, the search giant will attempt contact through any e-mail addresses featured on the cached, non-hacked version of the site.

The new feature is similar to the warning that appears alongside results that may contain malware ("This site may harm your computer"), which has been in place for several years. This feature is also built into Google's Chrome browser, whereby users are blocked from visiting the site, although it's not clear whether the hack alert will work in a similar way.

For obvious reasons, Google is keeping quiet about how it detects hacked sites, but we have to hope it's not something as simple as the site contents changing in a sudden and dramatic way. After all, a simple site redesign can lead to this.

Additionally, any site with a forum might want to censor hacker terminology such as "pwned," in case Google is determining the hacked status via such keywords.

Google's also quiet about what a webmaster should do if he or she is the victim of a false positive. Such a mistake could seriously damage the reputation of a organization and even lead to a loss of business, especially if the site concerned is a retailer. I couldn't find any e-mail addresses for users to contact should this arise, and the only method for remedying the situation is to ask Google to review your site--as with malware warnings. There's no indication how long the review will take.

Clearly, Google has 100 percent faith in its technology.

Whether subtle hacks will be picked up is another lingering question. Site hacks beyond and above simple graffiti sometimes involve search engine optimization (SEO) abuse, sometimes called ‘spamdexing.' This creates false pages on the site that link to a malware site in order to boost its ranking in search results.

Additionally, hackers often insert phishing software deep within the directory structure, making them almost invisible to those who don't go through the site daily with a fine-toothed comb, or monitor the server logs in a similar fashion. If something like a content management system is installed, it's often impossible for anybody other than an expert to spot changes.

Keeping an eye on a site to watch for hack attacks or is a difficult issue for smaller businesses, which have to rely on third-party hosting services that enact security policies they can't control. Additionally, smaller businesses may lack dedicated webmaster staff, with Website maintenance either deferred to the office techie or handed off to a freelance worker.

Although this new feature from Google might indicate a potential solution to the problem, it's unclear if Google will inform Website owners in a timely fashion if their site is suspiciously altered. As such, it can't be relied upon.

A warning appears under search results for pages that could potentially be compromised.
A warning appears under search results for pages that could potentially be compromised.
It would be more useful perhaps if--rather than merely monitoring the front-facing site for attacks--Google offered a more sophisticated service that webmasters could sign up to that could monitor server logs, or something similar. Google would love to get its hands on such data, no doubt, so this could serve everybody well.

However, speaking as somebody who runs several high-traffic Websites, I'm suspicious of Google's new service. I'd prefer either a direct line to the people who control it, in case I end up with a false positive that drives users away, or a method of opting out of the scheme.

The issue of who polices the net is becoming ever more important as time goes on. Without government control, it's falling to organizations like Google to enact the best policies they can. With great power comes great responsibility, however, and there is no oversight and little comeback for many features Google is rolling out. This is undoubtedly going to lead to some sticky situations in future.

Keir Thomas has been writing about computing since the last century, and more recently has written several best-selling books. You can learn more about him at http://keirthomas.com and his Twitter feed is @keirthomas .

Subscribe to the Daily Downloads Newsletter

Comments