Search giant announces new notification alert system for informing webmasters of their hacked websites

Apr 18, 2016 23:00 GMT  ·  By

Yesterday, Google announced a new notification and remediation system for dealing with hijacked websites that were compromised to spread malware or scam users.

The new webmaster notification system was perfected during joint research with the University of California, Berkeley, which was also presented at last week's 25th International World Wide Web Conference.

Google says that the study analyzed 760,935 hijacking incidents from July 2014 to June 2015, as identified by the company's Safe Browsing and Search Quality features.

The company explains it used these security incidents to test and compare a new notification system that informed users their site was hacked.

Contacting webmasters via email yielded the best remediation rates

Google says that when webmasters added their domains to Google's Search Console and the company had the owner's email address on hand, webmasters cleaned out compromised websites in 75 percent of cases if contacted directly by email.

In cases where the webmaster's email was not on hand, relying solely on Safe Browsing alerts (browser-based warnings) yielded a much smaller remediation efficiency of only 54 percent.

When Google relied on search results warnings by adding the "This site may harm your computer" notification next to each search listing, only 43 percent of the compromised websites were cleaned.

Google says it achieved the best results when it also included remediation tips with its emails, which cut down clean-up time by 62 percent, usually within three days.

One in eight websites gets reinfected in the first month

Despite all the good intentions, Google's researchers also noted that 12 percent of the cleaned websites ended up getting compromised again in less than 30 days after being declared clean.

"To improve this process moving forward, we highlighted three paths: increasing the webmaster coverage of notifications, providing precise infection details, and equipping site operators with recovery tools or alerting webmasters to potential threats before they escalate to security breaches," Google noted.

Moving forward, Google plans to improve the communications and notifications sent to webmasters, primarily by adding early warnings for outdated software or for urging webmasters to introduce additional authentication systems when necessary.

Google’s hijacking notification systems
Google’s hijacking notification systems

Photo Gallery (2 Images)

Google put up a lot of these pages, about 760,000 of them
Google’s hijacking notification systems
Open gallery