NEARLY 3,000 INFECTED .PL WEBSITES

In late 2019, nearly 3K Polish websites were infected by malware, and every fourth one of them did not work properly, according to the WebTotem study. The owners of infected sites were notified by e-mail.

A survey on website security in Poland was conducted in December 2019 using the WebTotem monitoring platform. To determine the cyber risk and propose ways to remediate it, we analyzed 1 148 036 domains with the .pl extension, based on the list of domains from the Domains Index. The sites were checked primarily against various reputation databases (VirusTotal, Spamhaus, Google Safe Browsing, PhishTank, etc.).

According to WebTotem, a total of 2893 Polish domains were identified as infected by malware, i.e., were included in one of the reputation databases. On the other hand, 520 sites were identified as defaced, i.e., changed following a hacking attack so that the content of the main (or other important) site was replaced by another one, usually for unethical purposes.

What is more, the 308 202 analyzed .pl domains responded with errors, and 14 283 turned out unavailable. The reasons for such state of affairs may range from the expiration of the domain validity to the lack of connection to internet servers. Moreover, only 16.5% of domains with the .pl extension have valid SSL certificates, and the rest operate with invalid or expired certificates.

Keeping the national cyberspace safe

Poland is ranked 29th in the World Cyber Readiness Index, determining the country's readiness for various types of cyberattacks. Among the countries previously studied by WebTotem, only Latvia ranks lower than Poland (44th place). The other Baltic states studied by the startup are in a much better situation: Estonia ranks 5th and Lithuania 4th.

According to statistics, hackers infect more than 30 000 websites daily all over the world. Browsers and the most popular search engines, e.g., Google, deny them access, which results in an inevitable drop in traffic. It is even worse when hackers attack the government or media or telecommunication service providers. Such an attack brings the risk of a personal and even confidential data leak.

We believe that the government should not only monitor and protect state-run websites but also monitor the entire national internet in terms of cyber threats. As an example, the Kazakh state uses WebTotem at the level of the Ministry of Digital Development and Innovation to monitor its entire national cyberspace. As a result, Kazakhstan has reduced the number of hacked websites from 638 to 13, and thus has moved from 83rd place in the World Cyber Readiness Index to 40th, and plans to enter the top ten at this rate within five years.

Better safe than sorry

The main reason for the websites carrying spam, phishing, or displaying inappropriate ads is the lack of foundational security practices. However, it can be provided by simple methods. There are several ways to protect your website from attacks. The first step is to make sure that your content management system, plugins, applications, and scripts are up to date. You can also install security plugins on your sites, which will create a barrier to prevent unauthorized changes in the code. Also, you can ensure that the pages are automatically backed up, and passwords are changed regularly, or that users are prevented from uploading files onto your website.