On the morning of January 9, Hanoi City Police informed that recently, the Department of Cyber Security and High-Tech Crime Prevention of the City Police discovered many activities of directing malicious information content through the electronic information portal of State agencies (gov.vn).
These websites are attacked, security vulnerabilities are exploited, backlinks are installed, leading to the risk of websites and application software being attacked by malware or displaying inappropriate content on electronic information portals of State agencies.
This incident will become very dangerous and serious if it is exploited to post and disseminate bad and toxic content, distorting the sovereignty, policies of the Party and policies and laws of the State.
Backlinks are also known by terms such as incoming link, inbound link, inlink and inward link,... These are navigation links from other websites to the website of the parent unit.
Bad backlinks are links pointing to websites that have no effect or cause negative impacts. Websites that receive these links will be rated low by Google.
Backlinks come from Black Hat SEO activities, which are "defying" all of Google's principles to gain high rankings in search results, originating from the following 3 main reasons:
Spam Index: Taking advantage of the lack of censorship of search and feedback forms on government agency websites to implement the "keyword stuffing" method.
File Upload: Exploiting a vulnerability that allows file uploads on a website to upload files containing "SEO keywords", to perform the "keyword stuffing" method.
Exploiting security vulnerabilities: Taking advantage of vulnerabilities to take control of the website server, from there inserting hidden advertising links, hidden content footers, even installing malicious code to access any content, all are redirected to gambling websites, betting, illegal advertising...
Backlinks that direct gambling advertising activities, football betting, propaganda of obscene cultural products... even links containing malicious download files when pointing to websites cause negative impacts, seriously affecting the reputation of State agencies.
In addition, the website will be rated low by Google and will not be displayed on the top search results. Even if the owner has successfully handled it, there is still a risk of having backlinks inserted again, usually because security holes and backdoors that allow hackers to re-enter the web servers have not been discovered or fixed.
The Department of Cyber Security and High-Tech Crime Prevention of Hanoi City Police recommends that administrators of electronic information pages of agencies and organizations regularly review their entire website system, focusing on reviewing source code pages, and paying special attention to newly created files or files with different creation times compared to most other files in the same folder.
Change administrative passwords periodically, and database access passwords if they are weak. If possible, conduct a comprehensive network security assessment for the system, and deploy automated monitoring solutions to detect unusual changes and promptly handle them.
Source
Comment (0)