malware warning

Business owners often aren’t aware that their website is compromised. Source: Flickr

Warning: Your infected site probably won’t get flagged for malware

CLOUD-BASED web security firm SiteLock recently conducted a study on the effectiveness of search engines and their built-in anti-cyberattack measures. Unfortunately for website owners, SiteLock’s research ultimately concluded that search engines actually only provide marginal protection against potential online threats.

The results of the study, which involved an analysis of roughly six million websites a day over the course of Q3 2017, were a bit disturbing.

According to SiteLock, search engine blacklist algorithms, which are built-in contingencies against potential cyber attacks, only worked effectively 21 percent of the time.

That means that among the multitudes of websites it studied, 79 percent of compromised websites completely flew under the radar of search engines’ safety systems.


Search engine blacklist algorithms only work effectively 21 percent of the time. Source: Sitelock

Infected websites could cause a lot of damage, both to a business and its customers.

Business owners who are not aware that their website is compromised, for example, could end up putting their data and reputation at risk.

Malware, after all, can result in irreversible data, resource theft, and a significant loss organic traffic, which are arguably some of the worst things that can happen to a small business or startup’s online presence.

One particular theme that emerged from SiteLock’s recent study was the fact that infected websites do not receive a warning at all.

This is partly caused by website owners not really being aware that they are the ones responsible for the security of their business’ online security.


Website owners often aren’t sure whose responsibility it is to look after the security of their sites. Source: SiteLock

SiteLock surveyed 13,000 website owners in this regard and found that more than 40 percent believed that their site’s safety was the responsibility of their hosting provider. More than 20 percent were not even aware who to point the finger to with regards to cybersecurity. These misconceptions, of course, could prove to be fatal.

What was particularly disturbing in the report was that despite more instances of cyber attacks, search engines seemed to have blacklisted far fewer websites in Q3 2017 than in Q2 2017, performing 10 percent poorer in the third quarter and blocking far fewer infected sites compared to the second quarter.


Search engines blacklisted far fewer websites in Q3 2017 than in Q2 2017. Source: Sitelock

While this could be caused by search engines being more wary of false positive instances, where an otherwise clean website gets flagged for being compromised, the fewer cases of blacklists did seemingly end up resulting in an increased number of cyber attacks.

It’s no secret that incidents of cyber attacks are happening on a more frequent basis.

While massive corporations have the resources to dedicate a whole team of employees to detect and counter potential threats, small businesses, and startups, many of whom have a web presence that is still in the process of developing, are usually left more vulnerable.

With this in mind, small businesses and startups are advised to be more proactive when it comes to ensuring their web presence’s security. Utilizing file-based malware scanners are also advised. Overall, if there’s one thing that SiteLock’s recent study ultimately proved, it is that the security of a website really comes down to the proactiveness of those who run it, and how fast they can act when an attack does happen.