Attackers are getting more aggressive, while less maintenance is focused on outdated sites. However...
Attackers are getting more aggressive, while less maintenance is focused on outdated sites. However...

Looking at the State of Website Security in 2016, researchers at Google have detected a sharp rise in the number of hacked sites.

According to a report on Google's Webmaster Central Blog, the number of hacked sites increased by nearly a third (32 percent) in 2016 compared to the previous year.

"We don't expect this trend to slow down," wrote the co-authors Wafa Alnasayan, trust and safety analyst, and Eric Kuan, webmaster relations. They attributed the spike to attackers getting more aggressive and there being less maintenance focused on outdated sites, allowing the bad actors to proceed to spread infections to more and more sites.

However, the good news, they said, is that 84 percent of webmasters can clean their sites following an application for "reconsideration" – a request to have Google review a site after a problem is identified in a manual action notification.

Webmasters could be greatly aided by verifying their sites in Search Console – the primary channel Google employs to share info on site health alerts. Without that feature in place, 61 percent of webmasters who were hacked never received a notification from Google.

To help webmasters with security issues, the search giant developed a number of new documents:

Additionally, to help admins with infected sites, Google released "clean up guides" that address specific attacks, including the Gibberish Hack, which automatically creates many pages with non-sensical sentences filled with keywords on the target site; the Japanese Keywords Hack, which typically creates new pages with Japanese text on the target site in randomly generated directory names; and the Cloaked Keywords Hack, which induces cloaked keywords and a link hack to automatically create many pages with non-sensical sentence, links and images. 

Fixes are offered for each of these types of hack.

"As always it's best to take a preventative approach and secure your site rather than dealing with the aftermath," the researchers advised. "Remember a chain is only as strong as its weakest link."