We need artificial intelligence to fight online store hackers
Joachim Feist is CEO of mindUp Web + Intelligence and researching solutions in the interdisciplinary research project INSPECTION
What can you tell about Project INSPECTION?
The research project INSPECTION finds hacked web pages whose resources are being misused to redirect users into fake online shops.
What advantage do these website hackers hope to gain?
By hacking existing domains, the fraudster takes advantage of the reach that has grown over the years, the good search engine ranking, and the positive reputation of the hacked site. Even if there is no thematic match between the fake store and the so-called hacked host site, the attacker can place ten thousand thematic pages of his fake store in the search engine index overnight, generating a high number of web visits.
Which websites are particularly often the target of such attacks?
Very small website operators are often targeted. The victims are therefore mainly associations, freelancers or self-employed people, for example from the craft sector. But also private individuals. Security gaps often exist because the operators see their websites as a one-off investment, they do not keep the site secured.
Why can fake stores become so widespread on the Internet?
The hackers know: The risk of prosecution is low. In most cases, the servers used for the crimes are located outside of Germany and Europe, making it difficult to identify and apprehend the criminals in this country. Our attempts to refer fake stores to law enforcement agencies, Internet registrars, or consumer protection for closure in order to stop them have also failed. Our current legal regulations can do little against cybercriminals operating internationally. Moreover, it is difficult to adequately inform operators of an attack that has taken place, because an e-mail of a hacked site is usually not read. Even if you can contact the site owner, in most cases, those affected cannot act quickly enough due to a lack of IT expertise.
How will INSPECTION help in the future?
The focus of our idea is, on the one hand, the detection of hacked sites and, on the other hand, the targeted, largely automated and early warning of the operators of the hacked sites. After all, mere detection remains useless if there are no measures to remedy the problem.