Small businesses are reeling from an increase in cybercrime, but a hacked website can have even greater consequences if Google lists you as “infected.”
The search giant is constantly scanning the web’s 60 trillion URLs for malware and phishing scams. If it deems a site suspicious, businesses can say goodbye to their customers until the problem is resolved.
“If Google blacklists an infected website, you’re basically off the Internet until the website is fixed,” said Peter Jensen, CEO of StopTheHacker.com.
Google estimates that it flags and quarantines 10,000 websites daily (it doesn’t use the term “blacklist”). It not only scans Google’s search results and ads, but also flags suspicious URLs typed into browsers. The search engine Bing, run by Microsoft, treats infected sites in a similar fashion.
Being blacklisted can quickly decimate a small firm’s reputation and sales.
“Businesses say they’re not at fault and shouldn’t be penalized. Google [says] it wants to keep the Internet safe for its users,” said Jensen, whose firm is contacted 20 or 30 times a day by businesses that have been blacklisted.
Google spokesman Jason Freidenfeld emphasized that point. “About 1 billion people receive protection against phishing and malware every day because of the warnings we show users about unsafe websites,” he said.
Margo Schlossberg owns an online handbag business in Washington D.C. that was hacked in September. A Google search for her website still says, “This site may be hacked.”
The impact: Traffic to her site dropped 50% in the past month and her sales have been minimal.
“It’s the worst time to go through this,” said Schlossberg. “The holiday season is very important for my sales, but now I’ve been blacklisted by Google.”
Schlossberg hired an expert to fix her site, which cost $1,000 (although it can cost as much as $10,000 depending on the extent of the damage).
Hackers had attacked several pages, and it’s taken a few weeks to clean up her website. She’s finally ready to resubmit her site to Google.
StopTheHacker says the process to clean up infected sites typically involves several steps: Identify the malware and how to remove it, determine where the attack originated, change passwords and relaunch the website once it’s clean.
Google says it takes about a day to restore websites once it confirms they’re clean. But sometimes a company can think its site is clean, but Google’s review will find otherwise. This can draw out the process.
Eric Erickson’s company sells eco-friendly pest control products online. When his site was attacked in 2009, it effectively paralyzed his business. He said it took 60 days to get back on track and cost several thousand dollars in lost sales.
His site was attacked again in March, but this time he was prepared. “We caught it early because we had enhanced our security,” he said. The website stayed off the blacklist.
Web hosting provider DreamHost regularly checks the sites of its 350,000 customers — 40% of whom are small businesses — for malware and other security threats. In September, DreamHost identified almost 100,000 infected websites in its network of 1.3 million sites. If customers aren’t able to fix the problems themselves, co-founder Dallas Kashuba recommends StopTheHacker to help clean up the site.
Lynda Zugec’s HR consultancy site was flagged and quarantined by Google earlier this year. Hackers had obtained her hosting password and inserted malware into her website.
It took her nearly two weeks to get back online. Even more than an economic impact, Zugec worries the experience could have hurt her reputation with clients.
But even with the financial and logistical hardships, most say Google’s hardline is necessary.
“Google has its neck on the line, too,” Erickson said. “When people click on your website, Google doesn’t want to worry that something malicious will happen to its users.”
His advice: “Don’t go cheap with your security. You have to invest in it.”
The shadowy National Security Agency said late Friday that it was a glitch that brought down its public website for a few hours, not hackers as some claimed online.
“NSA.gov was not accessible for several hours tonight because of an internal error that occurred during a scheduled update,” the spy agency said in an emailed statement. “The issue will be resolved this evening. Claims that the outage was caused by a distributed denial of service [DDoS] attack are not true.”
Earlier this evening online server trackers noted the NSA’s website had been down for at least six hours, and the site continues to be inaccessible for some users. Earlier an NSA spokesperson told ABC News the agency’s internal, sensitive network was “not at all” compromised. No classified information is in danger, the spokesperson said.
At least one hacktivist group online claimed that they were responsible for bringing down the NSA site with a DDoS attack. DDoS attacks are designed to flood a target website with traffic until the servers are overloaded and the site collapses. The cyber tactic is a relatively unsophisticated one and the attacks are not meant to penetrate the internal network of the target system.
The formerly super secretive NSA, once nicknamed No Such Agency, has found itself in very public light, and amid vicious criticism, in past months following a stream of revelations about is vast foreign and domestic surveillance programs – collectively the product of secret NSA files stolen from the agency and leaked by disenchanted former NSA contractor Edward Snowden.
Such growing controversy surrounding the agency prompted early speculation that tonight’s incident was the result of a targeted cyber operation.
The website of the US National Security Agency was reportedly down for several hours as a result of an apparent technical glitch and not due to a speculated hack-attack .
The NSA said that its website was not accessible because of an internal error that occurred during a scheduled update, which will be resolved immediately.
The spy agency further clarified that the claims that the outage was caused by a distributed denial of service [DDoS] attack are not true, ABC News reports.
According to the report, the website was down for at least six hours and an agency spokesperson said that the agency’s internal, sensitive network was not compromised and no classified information was at risk.
However, one hacktivist group online claimed that they were responsible for bringing down the NSA site with a sophisticated DDoS attack.
The NSA has been long battling with the allegations of breaching public trust after revelations about the alleged secret surveillance programmes as exposed by whistleblower Edward Snowden.
A massive section of the Chinese Internet was knocked out Sunday in what authorities are calling the “largest hack in China’s history.” The attack has security experts at a loss and unable to determine the origins of the cyber-assault.
The China Internet Network Information Center (CNNIC) reported the outages Sunday. The government institution said they were the result of twin denial-of-service (DDoS) attacks occurring in close succession, starting at 2:00am local time (6:00pm GMT). The second attack was “long-lasting and large-scale,” Chinese state media reported.
The CNNIC apologized to Internet users throughout the country and is still speculating over the possible causes.
“It’s just another example that China does indeed have its own enemies who attempt to disrupt its Internet operations,” Jeffrey Carr, CEO of cyber security firm Taia Group, told the Wall Street Journal. “Such enemies include hackers from Taiwan, India, Tibet, the Middle East and, of course, the United States.”
Carr added that DDoS attacks are relatively easy to pull off and “can be as simple as downloading a free tool like Anonymous’s LOIC product.”
In essence, DDoS attacks work by overloading a network with millions of requests and causing it to crash.
China has often been accused of orchestrating massive DDoS hack attacks of its own. In the first quarter of 2013, China was listed as the top source country for such attacks, according to a survey by security vendor Prolexic. The US ranked second on the list.
Earlier this year, Washington and Beijing both accused each other of large-scale cyber-espionage. The US government issued a stern warning to the Chinese over so-called “cyber-intrusions,” some of which Washington traced back to the Chinese government and military.
Beijing responded, claiming it had “mountains” of data on US hacks into its systems, but added that pointing fingers was not “helpful in solving the problem.”
The conflict was further fueled by former CIA employee Edward Snowden’s leaked files that detailed mass US hacks on the Chinese.
“The NSA does all kinds of things, like hack Chinese cellphone companies to steal all of your SMS data,” Snowden was quoted as saying on the South China Morning Post’s website.
The documents showed the US National Security Agency had been hacking mobile operator networks and intercepting millions of text messages.
The former NSA contractor reportedly provided the paper with documents detailing specific attacks on computers over a four-year period, including Internet Protocol (IP) addresses, dates of attacks and whether a computer was still being monitored remotely.
The cyber space is a growing community where everyone can reach out to one another regardless of time and distance. It has become a new way of life, but has its negative repercussions as well. Some individuals use the cyberspace for their own dubious schemes, as they target unsuspecting individuals, companies, banks and even the military and government agencies. Here are the 25 biggest cyber attacks in history that were launched as large-scale cyber terrorism and affected whole sovereign nations.