Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Switzerland: NCSC addresses websites hacked for search engine optimisation

The National Cyber Security Centre ('NCSC') addressed, on 10 January 2023, hacked websites exploited for search engine optimisation, as part of its summary of the 559 reports it had received in the first week of 2023. In particular, the NCSC provided that the number of reports on cyber incidents remained at similar levels to previous weeks, but that dubious search engine results stood out, with one report highlighting that numerous websites were hacked with the aim of tricking Google's search algorithm. More specifically, the NCSC outlined that the attacks were a case of search engine optimisation, with attacks injecting malicious code into websites to trick Google and subsequently improve the website's ranking, and therefore reach more users.

Accordingly, the NCSC issued the following recommendations for website operators:

  • attacks on content management systems can be reduced dramatically by promptly installing security patches;
  • in addition to normal authentication (username and password) for accessing the administration area, the NCSC recommends the use of two-factor authentication; and
  • administrator access should be restricted to the IP addresses used by the administrator

You can read the statement here.