Over 7.5 lakh websites were compromised last year, says Google

Data from a new study conducted by Google shows that over 7.5 lakh websites were compromised in the period from July 2014 to June 2015.

Google had partnered with UC Berkeley to conduct the first large-scale measurement study on the effectiveness of combinations of browser, search, and direct webmaster notifications at reducing the duration a site remains compromised.

Simply put, Google wanted to understand if the notifications it was sending the site’s webmaster about the compromise, helping in any way.

The key takeaways from analysing the 760,935 website hijacking incidents identified by Google’s Safe Browsing tool were:

1. When Google notified the site’s webmasters about the compromise, they were 50 percent more likely to cleanup the site.

2. Similarly, a direct notification resulted in reducing the time the site was infected by 62 percent.

3. 80 percent of webmasters manage to successfully clean their site before they ask Google to mark their site as ‘safe’.

4. 12 percent of all sites that get marked as ‘safe’ fall victim to another attack within 30 days.

5. In a scenario where Google is unable to reach a webmaster, notifying visitors about visiting a ‘potentially dangerous website’ was an equally effective way of getting them to take an action.

The detailed study can be found here.