Hackers Use SEO and Corporate Web Servers to Distribute Malware and Porn

I look at a lot of malware and spam on a daily basis and it is amazing how much of it points back to corporate servers. Sometimes of big name, well known companies but most of the time to unknown companies.

Many of you are probably familiar with Search Engine Optimization or SEO. Businesses use it to get at or near the top of search engine rankings. Everyone wants to be on the first page of Google or Bing results. SEO is the way to get there.

But it is also used by hackers.

An old way to do this was to create a bad web site and then figure out how to get it pointed to, legally or otherwise, by many other websites. Over time, the search engines have gotten wise to this and so this technique does not work as well anymore.

The next way to do this is to compromise legitimate web sites, even government web sites, and put content on those sites that the site owner doesn’t know about. Many site owners do not inventory every page on every company web site to see if a hacker added a page with links to malware or porn laced websites. Since the host site is well rated, the links get a good rating.

The third way to do this to to abuse something known as an open redirect feature. In this case, the link appears correct, but ultimately redirects the user to the malicious web site.

So what do you do about this?

The First thing is to make sure that your web server is fully patched. We see web sites all the time that are running old versions of content management systems, PHP and other tools. Many of these are no longer supported, so there are no patches available for bugs in those versions.

The second thing to do is to try and hack your own web site. You can do this at many levels for different degrees of cost. Likely you will need to hire an expert like us to do this, but serving up porn or viruses from your website because it is not secure can be expensive too – from both a reputation and a lawsuit perspective.

The hackers go after all kinds of web sites. Examples include colleges, universities, government web sites and commercial business websites. Some federal government websites in Colorado, Minnesota and California were hacked. Also universities in Washington, Iowa, Michigan and other states. The National Cancer Institute was compromised. Lots of unknown company websites as well.

BOTTOM LINE: If you don’t protect your websites then the hackers may have a field day and you get the deal with the fallout.