Googles kept it mum, but it turns out that a year ago it launched an anti-malware team devoted to protecting its users from drive-by downloads. On May 21, the search giants Anti-Malware Team surfaced publicly, posting its first-ever blog in what its team members say will be a forum to discuss security topics and to "periodically provide updates on recent trends, interesting findings and efforts related to online security."
The unveiling of its security team has set blogs abuzz with conjecture about what Google might do next in the security arena.
"Google hasnt been lax in making acquisitions, and I expect them to buy the expertise they need both to complement their knowledge of search, and possibly to enter the desktop security market," Neely wrote in his blog. "The Google Pack, a free collection of essential software, already includes Norton Security Scan and Spyware Doctor Starter Edition. I wouldnt be surprised if Google replaced these with its own re-branded tool, but I also think theyre more likely to offer an online utility."
Neely also points out that, unlike security companies, Googles AdSense and AdWords profits are tied to lessening threats on the Web.
The inaugural Google security posting, written by Panayiotis Mavrommatis and Niels Provos of the Anti-Malware Team, took a look at how widespread malware is globally. A recent Google paper on the subject was widely misinterpreted to the effect that one in 10 Web sites potentially host malware. The paper (PDF), titled "The Ghost In The Browser: Analysis of Web-based Malware," actually covered billions of sites. A subset of those billions that were deemed suspicious was weeded out for in-depth investigation. Out of 12 million URLs inspected, Google found about 1 million that host drive-by downloads, for a total malicious site population of roughly 0.1 percent.
In the security post, Google has a map showing densities of malicious sites on a country-to-country basis. The United States and China are where the most activity is concentrated, with Russia and Canada right up there.
To avoid infection, Google recommends enabling automatic update for operating systems, browsers, browser plug-ins and applications, as well as running an anti-virus engine. Or, the search giant suggests, users can try running their browser in a virtual machine and reverting to a clean snapshot after browsing.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.