The number of websites compromised by cybercriminals during 2016 was 32% higher than the previous year, according to Google.
The tech giant added that this spiral of cyberattacks is unlikely to lose momentum anytime soon, as more websites become “outdated” and cyberattackers “more aggressive”.
One area of weakness identified by Google has been the slow uptake of webmasters verifying themselves on Search Console.
As a result, some 61% of webmasters that experienced a security incident never received a notification from Google that their website had been compromised.
The company has subsequently urged sites to sign up to Search Console, adding that it is the main channel used to communicate health alerts for sites.
Additionally, Google says it has been listening to feedback from webmasters in order to “better understand how it can help”.
“ONE AREA OF WEAKNESS IDENTIFIED BY GOOGLE HAS BEEN THE SLOW UPTAKE OF SEARCH CONSOLE.”
The most popular request is for simpler documentation about compromised sites.
As a result, Google has taken a new approach that offers webmasters more information about when their site has been compromised, as well as offering clean up guides that give advice on how to deal with certain types of attacks.
One guide shows how to fix the Gibberish Hack, which automatically creates numerous pages on webmasters’ sites, filled with keyword-enriched nonsense.
When people attempt to visit the site, they are diverted to an unrelated page.
Meanwhile, there’s the Japanese Keywords Hack, which creates new pages with Japanese text.
These pages are then monetized by way of links to stores selling fake goods, and then shown in Google search.
The best way, however, of dealing with these attacks, remains prevention. “As always it’s best to take a preventative approach and secure your site rather than dealing with the aftermath,” says Google.
Unfortunately, it still seems to be the case that not enough people are heeding this advice.
The threat posed by cybercriminals was brought into sharp focus again this week, after the Association of British Travel Agents proved to be the latest victim of cybercrime, reporting it had suffered a severe data breach affecting 43,000 people.