Sophos reveals defense for search engine hack attacks

Security firm Sophos has published research on the automated tools used by search engine optimisation (SEO) hackers and how companies can protect themselves.

Security firm Sophos has published research on the automated tools used by search engine optimisation (SEO) hackers and how companies can protect themselves.

Using SEO techniques to subvert legitimate websites has become a huge money-spinner for cybercriminals, researchers found.

Every day dozens of malicious campaigns take advantage of the hottest news stories on the internet to spread malware, according to Sophos.

After the recent death of a Sea World animal trainer by a killer whale, hackers automatically used blackhat SEO techniques to stuff booby-trapped web pages with related content, said Fraser Howard, principal virus researcher at Sophos.

"This kind of profiteering is not just distasteful; it's also potentially dangerous to millions of innocent internet users," he said.

A paper by Howard and fellow researcher Onur Komili details how it has become routine for attackers to compromise web content to distribute malware.

Yet IT and network managers can take a number of basic steps to protect their organisations, claimed the researchers.

As with many other web-based attacks, URL filtering and content inspections often provide the most effective protection against SEO attacks, they said.

"Monitoring any currently active SEO attacks enables the collection of the redirection URLs involved, which can then be blacklisted," said Howard.

By adding detection for the payload, as well as diligent monitoring and filtering in-bound content, network managers can thwart an attack before it reaches the user, he said.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close