Google launches malware warning service

Yesterday, the well known and heavily used internet search engine Google introduced a service by which it will warn users when it detects malware signatures on their computer.

Working in a similar manner to anti-virus, Google believe they have identified signatures in the data users send as part of their search queries which enable it to determine if your computer is infected with a currently unconfirmed type of malicious software.

Announcing it on the Google Online Security Blog and the Official Google Blog, Google made the following statement:

Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.”

The upshot of is this is that when Google detects this behaviour  they will display a warning on the search engine page and give the visitor a link to find out what to do.

Screenshot of Google's Warning Message
Screenshot of Google's Warning Message

While Google should certainly be applauded for taking this action, and they are uniquely placed to detect this sort of issue, there is one word of warning about how this will impact on user surfing habits.

There is a well established, long-lasting class of malicious software and web applications which present web page viewers with a message similar to the one above. In the case of malicious sites, the “learn more” type link leads to a variety of software attacks ranging from “drive-by downloads” to “scareware” warnings that claim your computer is infected and try to trick you into spending money on pointless software. Microsoft has a dedicated an entire section of its site to warning people about this form of attack and the US Federal Bureau of Investigation (FBI) have issued notices to US businesses to avoid falling for this scam.

For a long time the security advice has been to always ignore this sort of warning (for example, it was previously considered almost impossible for a website you visit to instantly know you had a virus) and failing to heed this is the cause of a significant number of virus outbreaks. Now, however, it seems that your security awareness training will have to ensure you educate users in identifying which site they are on and what level of trust they can ascribe to the warning notice.

Keep in mind that if Google are able to identify this trend, then it wont be too long before Bing, Yahoo!, Yandex (etc) all join in with a signature based malware detection service. You need to ensure your users are security educated enough to properly assess the risks based on the site they have visited.

Dont forget, if you want any help with your security awareness training, or simply want to discuss the issues this presents for your business, club, charity or family, then get in touch today.

Taz Wake - Halkyn Security

Certified Information Systems Security Professional with over 19 years experience providing in-depth security risk management advice to government and private sector organisations. Experienced in assessing risks, and producing mitigation plans, worldwide in both peaceful areas and war zones. Additionally, direct experience carrying out investigations into security lapses, producing evidential standard reports and conducting detailed interviews to ascertain the details of the incident. Has a detailed understanding of the Security Policy Framework (SPF) and JSP440, as well as in depth expertise in producing cost-effective solutions in accordance with legislative and regulatory guidelines. Experienced in accrediting establishments and networks as well as project managing the development of secure, compliant, workable business processes.