The scary reality is that if a website’s security has been compromised by a careful, talented and well-equipped hacker, no one will ever know that the site has been hacked. However, most attackers are not well equipped, at least not in our sense. They use pre-built, paid exploit packages designed to be used by anyone, regardless of their technological talent – and like any user, hackers make mistakes.
Detecting high-quality, state-sponsored hacker attacks will therefore remain fairly fruitless for the average Internet user. Fortunately, military hacker groups probably have no interest in infecting our computers either. But there are a whole bunch of people who are interested in just that. But as I said before, they’re just Internet users like you and me – they make mistakes and don’t have infinite financial resources.
We still need to protect ourselves from these hackers. Here is a list of signs you should watch out for:
Browser warnings are the first sure indication that the security of a web page has been compromised. Google is very active in scanning the web for safe sites and blacklists malicious websites, victim of hacker attacks and compromised. Occasionally, you will see a warning such as “Warning: visiting this site could harm your computer” when you try to open a site. According to Google, the false positive rate of these warnings is incredibly low, so such a warning is a pretty sure sign that something is wrong with the page you are viewing.
Some modern antivirus software also has a built-in website checker. In the case of Kaspersky software, this is the Kaspersky URL Advisor, which is installed as a browser extension and informs the user about the safety of links and websites.
If you open a web page and notice that it immediately starts a download on your computer, you can be sure that something malicious is going on. As journalist Brian Krebs says, “If you didn’t look for it, don’t install it! The same should be true for all download links on the Internet, because if you haven’t authorized a download yourself, nothing good will come of it. When websites automatically perform downloads, they are probably compromised.
If you are familiar with the website you open and notice that it suddenly contains highly promotional or random content and links that lead to other unrelated pages, this is also an indication that the page has been hacked.
We also talked to friends about StopBadware, a non-profit anti-malware organization that aims to make the web safer by blocking attacks in advance and cleaning up malware-infected sites. It was informed that search engine results can sometimes expose hacked pages before the user accesses them. For example, if you search for a page in a search engine and the results of said search bring up all sorts of strange advertisements for branded watches or cheap drugs, but they still lead to the web page you entered, the site’s security probably has some flaws.