Skip to content

Protecting Against SEO as a Security Threat

May 9, 2011

One of my jobs at SNQ is to keep current with the available methods for improving a web site’s placement in search engine results, a process called Search Engine Optimization, or just SEO.  Around the middle of last year, I started finding some information about how malicious users are using indexed search engine results to spread malicious software.  These bad guys basically use legitimate websites to host content that will generate a lot of hits, and then redirect from the page linked by the search engine to another site, usually one that attempts to download information onto a user’s computer.  Unfortunately, this practice, which is known as SEO Poisoning, is becoming more popular – so much so, that a recent press release from Google suggested that as much as 10% of the hits returned are malicious.

As a user, the best protection against this type of attack is to be aware of it.  If you suddenly see the URL in your browser change from video.cnn.com to a bunch of greek, it’s probably time to close that browser window.  And of course, keeping your browser current, and having decent virus / malware protection software is a staple of the modern-day Ineternet.

As a developer, though, things are a lot different.  I work hard to make sure that my clients’ websites receive the attention they deserve from search engines, but I also work hard to make sure any project I’m a part of is safe from external attack.  With SEO Poisoning, the malicious code is often added through vulnerabilities in popular Content Management Systems (the Miami Dolphins website was attacked this way), or through server vulnerabilities.  Those are both items that I can and do protect against.

While it’s impossible to know what the men-in-black-sweatshirts are using to make legitimate business more difficult these days (if you don’t believe me, just ask the guys at Sony), we at SNQ are always dedicated to keeping security at the top of our priority lists.  We make it our business to know what’s out there so we can keep our clients’ information safe, sound, and secure.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: