Yesterday, the well known and heavily used internet search engine Google introduced a service by which it will warn users when it detects malware signatures on their computer.
Working in a similar manner to anti-virus, Google believe they have identified signatures in the data users send as part of their search queries which enable it to determine if your computer is infected with a currently unconfirmed type of malicious software.
Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.”
The upshot of is this is that when Google detects this behaviour they will display a warning on the search engine page and give the visitor a link to find out what to do.
While Google should certainly be applauded for taking this action, and they are uniquely placed to detect this sort of issue, there is one word of warning about how this will impact on user surfing habits.
There is a well established, long-lasting class of malicious software and web applications which present web page viewers with a message similar to the one above. In the case of malicious sites, the “learn more” type link leads to a variety of software attacks ranging from “drive-by downloads” to “scareware” warnings that claim your computer is infected and try to trick you into spending money on pointless software. Microsoft has a dedicated an entire section of its site to warning people about this form of attack and the US Federal Bureau of Investigation (FBI) have issued notices to US businesses to avoid falling for this scam.
For a long time the security advice has been to always ignore this sort of warning (for example, it was previously considered almost impossible for a website you visit to instantly know you had a virus) and failing to heed this is the cause of a significant number of virus outbreaks. Now, however, it seems that your security awareness training will have to ensure you educate users in identifying which site they are on and what level of trust they can ascribe to the warning notice.
Keep in mind that if Google are able to identify this trend, then it wont be too long before Bing, Yahoo!, Yandex (etc) all join in with a signature based malware detection service. You need to ensure your users are security educated enough to properly assess the risks based on the site they have visited.
Dont forget, if you want any help with your security awareness training, or simply want to discuss the issues this presents for your business, club, charity or family, then get in touch today.