Google moves into anti-malware

Search engine giant and innovator takes a step into the security arena - should traditional security vendors be alarmed?

Google has said it will warn PC users if it suspects their computer of being infected by malware, perhaps marking a first step by the web giant into the IT security market.

The company informed readers of its blog that it had detected unusual traffic during routine maintenance at one of its data centres.

It eventually determined that this traffic was sent from computers infected with a certain strain of malware.

Users infected with this malware will now see a warning telling them that they appear to be infected, with a link to various tips on how best to rid themselves of the unwanted software.

But should traditional security companies be concerned about Google's foray into their territory?

Graham Cluley, senior technology consultant at security firm Sophos said that he believes this is an isolated case and is not evidence of Google's wider intentions.

"This is about a particular piece of malware communicating with one of their servers, rather than a more general move into security," he said.

"We shouldn't read too much into it; it's not something they could easily expand into with the millions of other pieces of malware out there."

In addition, Cluley added that Google has been helping to protect its users for years, without attempting to become an anti-malware vendor.

"Google has been filtering its search results for a number of years, and warning you if the results are malicious. They work with anti-virus vendors behind the scenes, and that's great for protecting end users."

He explained that specific anti-malware software is still needed, because this filtering only protects users while they're performing a search and not, for instance, when plugging in an infected USB stick.

But in its latest browser, Internet Explorer 9, Microsoft has included a powerful reputational database that warns users away from certain websites. Does this combination of search filtering and browser sophistication threaten the traditional security vendor?

Again Cluely didn't think so.

"This just tells you if a site is likely to be dodgy. It doesn't help you when a well-known website gets infected, and we're seeing that more and more."

However, he predicted that this latest move from Google could backfire, with cyber criminals creating fake malware warnings containing malicious links, hoping users will mistake them for Google's attempt to help.

"Google has shown people on their blog what [the warning] looks like, and they link to a page with some suggestions for what to do to clean yourself up.

"I wouldn't be surprised if we soon saw some of the scareware artists taking advantage of this and displaying fake Google alerts," he added.