Vendors cautiously optimistic over Google buying VirusTotal

While optimistic over Google's acquisition of VirusTotal, antivirus vendors were concerned Monday over whether any changes would be made in the way VirusTotal collects and shares malware samples among dozens of vendors.

VirusTotal uses the antivirus engines of more than 40 organizations to provide a Web service for scanning URLs or personal files for malware. In return, discovered malware samples are shared among members of the VirusTotal community.

The Spanish company, launched in 2004, announced the Google acquisition on Friday.

While VirusTotal will continue to operate independently, using Google's massive infrastructure is expected to greatly improve the quality and power of the smaller company's tools.

"Google's infrastructure will ensure that our tools are always ready, right when you need them," VirusTotal said in a blog post.

Antivirus vendors agreed that Google's backing would make a much better service for the industry. "Google's massive infrastructure is much more stable than the existing stand-alone VirusTotal infrastructure and we believe it will be a much more reliable source and so a benefit for the industry as a whole," Trend Micro chief Eva Chen said in a blog post.

[See also: Timeline - A decade of malware]

Others were concerned over changes Google could decide to make. Pedro Bustamante Lopez-Chicheri, senior research adviser at Panda Security, said Google could make changes to the backend systems used to retrieve samples and to the access terms.

In addition, Bustamante hoped that Google would continue with VirusTotal's policy of neutrality. The concern here is whether Google would use data from VirusTotal in its commercial services. Under VirusTotal's terms of use, no member is allowed to benefit commercially from the company's data.

"[VirusTotal's] crew is made up of top notch and very ethical people and if they continue running the service, I can only see [the company] improving much more thanks to Google's resources," Bustamante said.

Chester Wisniewski, a senior security adviser at Sophos, said he was also taking a wait-and-see approach, while expecting improvements in VirusTotal's service. "Like the rest of the industry, we expect it will strengthen our partnership with Google," he said.

Google has not said how it plans to use VirusTotal. Industry observers say the search giant could incorporate the service in the Chrome browser or use the technology in Bouncer, an automated system that Google uses to scan for malware in its Android app store, called Google Play.

The only hint of Google's plans was in a Twitter posting by Justin Schuh, a Chrome security engineer at Google. "Here's a little secret. Having a huge index of suspected and confirmed malware is really handy for protecting hundreds of millions of users," he tweeted.

On Monday, Google told CSO Online that its infrastructure would be available to VirusTotal. "We're delighted to be able to provide them with the infrastructure they need to ensure that their service continues to improve," the company said.

Despite other security-related purchases, Google has shown no interest to date in launching standalone products. In 2007, Google paid $625 million for Postini and integrated its security and archiving capabilities into Google Apps. Google dropped the Postini brand this year.

Among the biggest security headaches Google faces is with its Android operating system for smartphones and tablets. The OS has become a favorite target of cybercriminals, because anyone can launch a marketplace for selling Android apps, providing lots of stores where hackers can try to hide malware.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts