Malware (composed of the words maliciousness and software) are programs that have been developed to perform undesirable functions causing harm to the user. In the beginning, the objective of malware was to irritate individuals, but this has quickly expanded into systematic spying and stealing of personal information. The victims are no longer just individuals but also large organizations such as banks. The extent of the use of malware has risen sharply in recent years and is now a drastic factor in cybercrime.

Types of malware[edit]

The term malware encompasses many types of malicious programs.

  • Viruses infect programs or documents and then multiply when these programs are accessed. The programs which have been taken over are called host programs. Viruses can be harmful and also delete user data. However, a virus can also be advertising, which must first be clicked, so the program can be used. An infected computer will exhibit certain signs. It is slower and often displays incorrect or incomprehensible messages.
  • Worms follow the same principle as viruses. They try to access other computers through the Internet. Unlike viruses, worms do not need host programs.
  • The Trojan horse is a program that has been designed to find data and passwords in its execution. It is totally hidden from the user. It also changes or deletes system configurations. Trojan horses are used to send spam and attack servers. A special case is phishing in banking systems. Data from banks and customers are specifically recorded.
  • A backdoor is a way to give a third party access to a computer unnoticed, thus giving them a way of interacting. Such a third party would enter by calling unsecured websites initially by posing as desired software until they reach the information they want.
  • Spyware is software which is used to determine user behavior. The information obtained is usually sold, so that the buyer of this information can then use it for targeted advertising.
  • With scareware the frequent lack of user expertise is exploited. Through false statements about possible viruses they are enticed to buy products that combat the alleged virus.

Risk of malware through search engines[edit]

Operators of malware take advantage of the attractiveness of search engines. They will attempt to create webpages that rank well in the search results of search engines in order to direct users specifically to the malware. The danger is that your computer will be automatically infected with the malware when selecting the search result. The provision of such links in the SERPs is also called SEO attack. Google tries to stop websites which endanger users through malware, and relentlessly search for such.

Moreover, malware can be distributed through malvertising. These are banners which contain malicious code to infect other computers.

Official Google blog post[edit]

Since March 2013, Google is providing special help pages for website operators who are victims of a hacker attack. They contain a step by step explanation of what to do to restore your website after an attack. Google gives tips on how to avoid hackers in the Webmaster Blog on the topic of hacking.

Help after you have been hacked[edit]

The Help overview published by Google supports victims after an attack in the form of videos and helpful articles. As a first step, you should get yourself an overview, form a support team and quarantine the affected webpages or website. Next, you would use the Google Search Console and get an actual assessment of the problem. There is help against malware and spam. Thereafter, the vulnerability must be identified and the website cleaned up. There is also help with requests to Google to get a specific website assessed.

In the blogpost, Google points out that not everyone is able to perform all the steps. Advanced administrative skills and experience is required.

Tips to avoid hacker attacks[edit]

Google provides tips in its post on how to avoid an attack. The security of a website is as important as search engine optimization and its usefulness to its visitors. The software should always be up to date. If external plug-ins or applications are utilized, their security mechanisms should be understood before using them. The reason is that weaknesses in this area may permit penetrations into a website. Unused and otherwise unnecessary software should be removed immediately. Google also recommends strong passwords and automatic backups. Furthermore, the security of all devices that have access to the server must be ensured.

Web Links[edit]