Filed Under:  U.S. & World

Kentucky Eye Care Association Site Compromised by Hackers

Contributed by on January 25, 2015 at 12:07 pm

hacker in tiny roomThe Kentucky Optometric Association website has become the latest victim to a web design hacker. The trend is on the rise, with many non-profit sites like KOA having pages added on to its domain. It appears that a malicious Search engine optimization (SEO)  tactic was used, and in the long haul, dragging down the Kentucky site.



According to the Google Security, “Sometimes, due to security flaws, hackers are able to add new pages to your site that contain spammy or malicious content,” the site states. “These pages are often meant to manipulate search engines. Your existing pages might not show signs of hacking, but these newly-created pages could harm your site’s visitors or your performance in search results.”


Tens of thousands of websites are hacked each year, but the concept of “hacking” a website truly isn’t a new concept. In fact, this Christmas, Xbox and Playstation gamers experienced a major snafu, as a hacker group disrupted service on the sites. The cyber attack was linked to a group known as the Lizard Squad, and it created a major disruption for folks eager to play their holiday gifts.


Though this type of hacking varies, it shows that even multi-million dollar industries are at risk – not just Kentucky’s eye care resource page.


However, Google Security suggests that people keep their sites at the highest security levels, so nothing is left vulnerable.


“In order to protect our users and to maintain the integrity of our search results, Google tries its best to keep hacked content out of our search results,” the site states. “Hacked content gives poor search results to our users and can potentially install malicious content on their machines. We recommend that you keep your site secure, and clean up hacked content when you find it.”



According to a September 2013 article by Forbes Magazine, 30,000 new websites are identified every day for distributing malicious code to any users passing by. It’s commonly thought that viruses are spread through gambling, adult or pirating websites. However, research shows that a majority of those attacked are small-business sites that unknowingly share that data online.



Worst still, the Kentucky optometrists cannot benefit from the trust inherent in this site, as the doctor listings cannot be crawled due to a flaw in the site’s design. Viewing a doctor listing requires user input, and Google cannot choose a city.


Journalist Annette Lawless knows this snafu all too well. In 2010, her website was hacked with an add-on page and embedded content pages. A person had placed semi-nude pictures on her website.

“I thought everything on my site was secure, but then I found drop-box access,” she said. “I knew right then and there that the hacker had backtracked his way to my pages.”


The hack cost Lawless a lot of money through Google Ads, which pulled content from her site.


“It frustrates me beyond belief that I cannot have a Google Ad on my website, which gets thousands of views a day,” she said. “No matter how much I’ve tried, the hacker won. They didn’t have to do anything, but now I’m stick with a great website, where I cannot truly benefit from it financially. I really want to create a new URL because of this – just so I can profit from web hits. I want people to see my work in film and on TV.”


Lawless said she has contacted Google several times, but has not had luck with explaining her case and restoring the Adsense program.


Until then, she hopes that Kentucky Eye Care and others get the help they need.


Forbes Magazine, the Stop Badware organization and Google experts said that there are nine major rules to protecting a website.

  1. Make sure a website has strong security.
  2. Update your software and plugins for maximum security.
  3. Remove scripts, plugins or other software that you don’t use anymore.
  4. Be sure you aren’t passing vital credit card and personal data on your site. You want to be sure that your Secure Sockets Layer is top-notch.
  5. Have a professional test your website’s security.
  6. Scan your computer and website regularly for any bugs that can invade your page and cause you big problems in the end.
  7. Backup your computer and website regularly, so if you do have a glitch, you are able to fully restore things. Clean and maintain your site.
  8. Assess the damage, whether that’s spam or malware.
  9. Request a review.



“If you have a clean backup of your site’s contents, you may be able to restore the site by re-uploading all of the site’s files—including your website software (WordPress, Drupal, other), The Stop Badware site states. “When doing this, make sure that you are using the latest version of your site’s software. Be aware that you may be overwriting files that have changed since your last backup. Some hosting providers are able to assist owners of hacked sites in cleaning up or restoring their sites; to see if your host can help you, contact your hosting provider’s support department”


The Stop Badware organization suggests people perform Internet searches and system updates on their platforms regularly, that way people can control the malware as quickly as possible.


Hopefully, somewhere down the line, hackers lay off websites and give great content providers the ability to take control once again. Maybe Kentucky’s optometrists will get there soon.