News

Google Finds Evil All Over the Web

By Robert McMillan

February 15, 2008 — IDG News Service —

The Web is scarier than most people realize, according to research published recently by Google.

The search engine giant trained its Web crawling software on billions of Web addresses over the past year looking for malicious pages that tried to attack their visitors. They found more than 3 million of them, meaning that about one in 1,000 Web pages is malicious, according to Neils Provos, a senior staff software engineer with Google.

These Web-based attacks, called "drive-by downloads" by security experts, have become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers.

In the past year the Web sites of Al Gore's "An Inconvenient Truth" movie and the Miami Dolphins were hacked, and the MySpace profile of Alicia Keys was used to attack visitors.

Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim's browser that redirects it to a malicious Web server. That server then tries to install code on the victim's PC. "The bad guys are getting exceptionally good at automating those attacks," said Roger Thompson, chief research officer with security vendor Grisoft.

In response, Google has stepped up its game. One of the reasons it has been scouring the Web for malicious pages is so that it can identify drive-by-download sites and warn Google searchers before they visit them. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.

Some of the data surprised Provos.

"When we started going into this I had the firm intuition that if you go to the sleazier parts of the Web, you are in more danger," he said.

It turns out the Web's nice neighborhoods aren't necessarily safer than its red-light districts.

"We looked into this and indeed we found that if you ended up going to adult-oriented pages, your risk of being exposed [to malicious software] was slightly higher," he said. But "there really wasn't a huge difference."

"Staying away from the disreputable part of the Internet really isn't good enough," he noted.

Another interesting finding: China was far and away the greatest source of malicious Web sites. According to Google's research, 67 percent of all malware distribution sites are hosted in China. The second-worst offender? The U.S., at 15 percent, followed by Russia, (4 percent) Malaysia (2.2 percent) and Korea (2 percent).

1 | 2 |next page »

Comments

Share [+]

TOOLS

Comments

Digg This

SlashDot

CENTER OF EXCELLENCE

Infrastructure

» Outbound Email and Data Loss Prevention
This report shows the findings of a recent Proofpoint and Forrester Consulting study on e-mail security, data loss prevention, and includes statistics on electronic risks.

» A Modern Approach to On-Demand Email and Data Security
Learn how Proofpoint delivers a dedicated, hosted e-mail security solution that combines state-of-the-art anti-spam and virus control.

» A Proactive Approach to e-Discovery
Learn about the key e-discovery challenges facing legal and IT departments today and how businesses can develop an e-mail archiving strategy to deal with e-discovery requests.

» The Advantages of Identity Based Encryption
Download this paper to learn why e-mail encyrption is critical to an organization's overall security architecture and the advantages of identity-based encryption.

» Global Best Practices in Email Security, Privacy and Compliance
This whitepaper discusses the latest global regulations that impact the e-mail security policies and strategies of today's enterprises, universities and government organizations.

Center sponsored by