A new NSS Labs study is trumpeting Microsoft's Internet Explorer as the best browser for blocking malware. But Google is taking a different approach to combating malware -- at the search-engine level. Some Google users may begin seeing a notification at the top of their search results that warns about malware.
"As we work to protect our users and their information, we sometimes discover unusual patterns of activity. Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers," Damian Menscher, a security engineer at Google, wrote in the company blog. "After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or malware."
Spear Phishing Skyrockets
The strain Google discovered causes infected computers to send traffic to Google through a small number of intermediary servers called proxies. By notifying users whose traffic is coming through these proxies, Google hopes it can help searchers update antivirus software and remove the infections.
Any move to prevent malware from infecting a computer is likely to receive a warm welcome from consumers, especially as phishing attacks and data breaches are making more frequent headlines. Although daily spam volumes have dipped from 300 billion messages in June 2010 to 40 billion in June 2011, more dangerous -- and more profitable -- attacks are gaining momentum, according to Cisco's latest security report.
Cisco reported spear-phishing attacks have tripled in the past 12 months while personalized scam, malicious and targeted attacks have quadrupled. The reason: Phishing campaigns can result in at least 10 times greater profits than spam attacks. Cisco estimated the cost of targeted attacks on organizations is $1.29 billion annually.
Search-Engine Poisoning
But where is the greatest danger and which company has the best solution? The danger is everywhere. Browsers are a common vector, but a recent study from Blue Coat Systems identified an emerging threat: Search Engine Poisoning. Search Engine Poisoning is when web pages look legit, but serve up a malware payload. These pages typically contain keywords that work to rank them high in search results.
"On the whole, this is positive. However, there may be some user confusion and malware sources may try and mimic or exploit the warning. Indeed, the warning unfortunately is not unlike what malware itself already does: Tell people they have infected computers to get them to download malware, thinking it's a fix," said Greg Sterling, principal analyst at Sterling Market Intelligence.
"While this may be helpful to many users the information provided so far by Google is incomplete. If they're going to warn people about infected computers, they need to do a bit more with an explanation of what's on their machines and offer clearer instructions about what to do to remedy the problem."
Source: http://us.rd.yahoo.com/dailynews/rss/security/*http%3A//news.yahoo.com/s/nf/20110720/tc_nf/79438
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.