Google on Tuesday announced the launch of its new “Help for hacked sites” informational series. The company says the goal is to help all levels of site owners understand how they can recover their site in the unfortunate event it is compromised.
The new series consists of a dozen articles and more than 80 videos (over an hour in total viewing time) “from the basics of what it means for a site to be hacked to diagnosing specific malware infection types,” Google says. That being said, the company admits that this is a resource isn’t simple enough for everyone:
While we attempt to outline the necessary steps in recovery, each task remains fairly difficult for site owners unless they have advanced knowledge of system administrator commands and experience with source code. Just as you focus on making a site that’s good for users and search-engine friendly, keeping your site secure — for you and your visitors — is also paramount.
As is typical with Google, the video explains it best:
To justify the new series, Google quotes StopBadware and Commtouch’s 2012 survey of more than 600 webmasters of hacked sites, which found 26 percent of site owners reported that their site was still compromised while 2 percent completely abandoned theirs. Yet the timing of this resource is rather interesting given the security events of last month.
Computers at multiple companies, including Apple, Facebook, and Microsoft were silently compromised via a Java flaw. To make matters worse, the compromised site that was used as the vector for the attacks didn’t realize it had been hacked.
As attacks become more and more complex, many companies and sites are left clueless when it comes to proper security systems. They can’t even answer the survey noted above by Google because they think all is well, and yet they may be being used by hackers to compromise others.
This is why Google also offered the following tips for implementing a security and maintenance plan for your site. In the company’s own words, you should do so “to avoid ever needing this resource yourself”:
- Be vigilant about keeping software updated.
- Understand the security practices of all applications, plug-ins, third-party software, and so on, before you install them on your server. A security vulnerability in one software application can affect the safety of your entire site.
- Remove unnecessary or unused software.
- Enforce creation of strong passwords.
- Keep all devices used to log in to your servers secure (updated operating system and browser).
- Make regular, automated site backups.
Security on the Internet is a community effort. Like any other Web company, Google has an interest in keeping everyone as safe as possible.
Image credit: Dimitris Kritsotakis