Survey Highlights Webmasters' Struggles with Hacked Sites

StopBadware and Commtouch recently published a joint report titled "Compromised Websites: An Owner's Perspective" that chronicles webmasters' experiences with hacked websites. The report presents statistics and opinions on how site owners navigate the process of learning their sites have been hacked and repairing the damage. The report's findings are based on a survey Commtouch and StopBadware designed and offered to website owners and webmasters over the course of several months.

Data from the poll reveals that malicious actors are often able to compromise legitimate websites without the site owners' knowledge: more than 90 percent of respondents didn't notice any strange activity, despite the fact that their sites were being abused to send spam, host phishing pages, or distribute malware. Nearly two-thirds of the webmasters surveyed didn't know how the compromise had happened.

Other highlights from analysis of the survey's responses include:

  • About half of site owners discovered the hack when they attempted to visit their own site and received a browser or search engine warning.
  • 26 percent of site owners had not yet figured out how to resolve the problem at the time they completed the survey.
  • 40 percent of survey respondents changed their opinion of their web hosting provider following a compromise.

"Cybercriminals can significantly improve their open and click-through rates by distributing badware via legitimate domains. Many site owners are either unaware of the compromise or struggle to remove the infection, which directly contributes to the persistence of, and increase in active badware URLs." said Amir Lev, Commtouch's chief technology officer. "Commtouch does its part to protect end-users, enterprises and service providers from compromised sites with a range of cloud-based email security, Web filtering and antivirus tools."

"The survey results highlighted several aspects of webmasters' experience with site compromise that may prove eye-opening for the security community," said StopBadware Executive Director Maxim Weinstein. "There's a lack of clarity for webmasters about who's responsible for site security and where to turn when a website is compromised. Webmasters and the wider Internet community therefore benefit from continual efforts aimed at educating them about their responsibilities and those of their hosting providers."

Featured

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection.