Google's Transparency Report boosted by malware and phishing numbers

Firm admits it still underestimates the problem

Google has bolstered its increasingly important Transparency Report with a new section that documents the number of malware and compromised websites detected by the firm as well as the volume of Safe Browsing warnings fed to users through the Chrome, Firefox and Safari web browsers.

From this it is possible to see that in the first week of June alone, Google detected around 42,000 sites hosting malware, 23,000 phishing websites and in the week to 16 June issued 88 million Safe Browsing warnings to its user base.

Google's move is potentially significant for an industry that has historically depended almost entirely for its malware statistics on individual security companies reporting what their customers are seeing.

Although Google is also a private sector firm with its own commercial interests, it is also one with a much broader importance than a single antivirus client running on one operating system.

According to Google, the malware element of system works by scanning a subset of indexed websites once per day, running any software encountered in a virtual machine to test infection.

The company divides the activity it finds into two categories, attacks sites (those hosting malware or phishing) and compromised sites (those that lead to secondary sites hosting malware). Sites deemed malevolent are added to Google's blacklist within half an hour while compromised sites are re-checked in case they are subsequently cleaned by their owners.

"Sharing this information also aligns well with our Transparency Report, which already gives information about government requests for user data, government requests to remove content, and current disruptions to our services," said Google software engineer, Lucas Ballard.

As for Safe Browsing, Google has gradually expanded its scope since its appearance in 2006, adding automatic blocking for malware downloads as recently as January this year.

Although the tens of millions of Safe Browsing warnings recorded by the Transparency Report every week sound vast, the company admits they underestimate the number of sites detected because not all users opt into monitoring.

Google's Chrome currently uses version 2 of the Safe Browsing API, while Apple's Safari and Mozilla's Firefox were was still using version 1 for a test run by NSS Labs in May. This found that both versions of the API were still bested by Internet Explorer 10's SmartScreen equivalent, but that version 1 was significantly inferior to version 2 in this respect.

Microsoft's apparent superiority was attributed to the reputation system that supplies data on which sites to block.

Automated defences built into browsers have become a major front line for stopping malware, arguably more important than that offered by traditional antivirus software.

However, not everyone is convinced they are a one-stop solution to the problem of malware and phishing websites.

"Internet users need to reflect on their own actions rather than resting on their laurels in the belief that the exposure of threats alone will keep them safe," said ESET UK's technical director, Mark James.

"Running anti-virus software alone doesn't necessarily mean it's possible to visit websites indiscriminately believing all malicious code will be detected. New attack methods are constantly in development."

Join the CSO newsletter!

Error: Please check your email address.

Tags FirefoxPersonal TechGooglesecurity

More about AppleGoogleMicrosoftMozilla

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place