February 11, 2009
Times investigation reveals links to illegal content are being hidden in official websites
Murad Ahmed, Technology Reporter
Thousands of government, NHS, school and police websites have been doctored to include links to pornography, viruses and other inappropriate material.
An investigation by The Times and Trend Micro, the internet security specialists, has revealed that a large number of taxpayer-funded official websites has been hit by a practice known as ‘link spamming’.
This is when a hacker, or a member of the public, adds links to an official website, which then point visitors to other, inappropriate, material.
It means that an unsuspecting parent might click on an innocent-looking link on their child’s school site and be taken to a pornographic internet site instead, or a patient might click on an NHS website link only to download a harmful computer virus without their knowledge. Many government-created websites are potentially unsafe.
The practice has become widespread, affecting the pages of Whitehall departments such as the Department of Education, fire brigades, police forces, local and district councils, NHS and health service sites and a large number of schools across the country.
Experts said the findings exposed the poor security of government-run sites, which has left them open to abuse. Sometimes a hacker will illegally infiltrate a site to add links that are then hidden from view.
But others are taking advantage of the lax moderation and editing of these sites with, for example, links being added to discussion forums accessible by any other user. The links to inappropriate webpages can easily be seen by the people who control a website, but they have not been deleted, as in many cases they should be.
“The purpose of it is to move a website up the rankings when a search engine returns results,” said Rik Ferguson, an analyst at Trend Micro.
He explained that a search engine, such as Google, works by ranking websites in order of importance and relevance to a given search term. Once you type in “Harry Potter”, Google will list all sites it deems most relevant to J.K. Rowling’s boy-wizard.
One of the ways a search engine works out whether something should be ranked highly is by seeing how many other web pages link back to it. So if one Harry Potter fan site has been linked to 100 times, it is likely to appear higher in a search engine’s results than a rival site that has only been linked to a few times.
Also, search engines will give more prominence to authoritative websites, such as official government pages. All this means that if somebody typed in a pornographic search term into Google, sites that have been linked to by many official websites are likely to appear near the top of the search results.
Mr Ferguson said: “The aim is to move on to the first page of Google results. The statistics show very strongly that if you’re not on page 1, people don’t often search on page 2 of Google’s results.”
The findings are likely to prove embarrassing for a government that has criminalised possession of some types of online material, such as those related to violent porn, but in some cases, is unable to stop its own websites referring readers to illegal content. The Cabinet Office was invited to comment on the findings, but no spokesperson was available.
In the past, cyber-criminals have also attacked key government and consumer websites, allowing them to steal the personal details of anyone browsing the sites. A visitor to a site would be infected by a virus, which automatically installs itself on that person’s computer, allowing a hacker to access personal or financial information.