National Consumers League

Google's Transparency Report reveals widespread global malware

  graphBy Sam Hamer and R.J. Smith, Public Policy Interns Last week, tech giant Google released its semiannual Transparency Report, which for the first time included data about malware and security threats drawn from the company’s Safe Browsing program. The program began in 2006 as a way to identify infected sites and warn browser users who attempt to access them.

According to Google: “Our security team built Safe Browsing to identify unsafe Web sites and notify users and webmasters so they can protect themselves from harm. By providing details about the threats we detect and the warnings we show, we hope to shine some light on the state of web security and encourage safer web security practices.” As part of the Safe Browsing program, Google scans a fraction of sites in each country and utilizes the data to indicate the prevalence of sites hosting malware. A country-by-country breakdown of the prevalence of malware-infected sites shows, for instance, that approximately 2 percent of the over 14 million sites in the United States contain malware or phishing scams.

By comparison, roughly 15 percent of sites in India tested positive for malware, one of the highest rates in the world. Google’s worldwide tracker identifies as many as 90,000 unsafe Web sites per week, notifying webmasters each time fraudulent code is discovered. In addition to delivering a warning page to browser users who attempt to access these infected sites, webmasters receive a report notifying them of the corruption and instructing them to fix the problem. Google’s disclosure of malware infection data has received significant media coverage, with the New York TimesNBC News, and CNN covering the release, in addition to a smattering of online magazines and tech blogs. Many credit Google with increasing popular awareness of “just how unsafe the Internet has become,” as the New York Times put it.

Google’s Dorothy Chou disclosed in an email that, “the coverage has been fairly neutral to positive.” But, she notes, “[it is] probably too early to know what people are doing with the data release yet.” Indeed, while Google’s collection of malware and phishing data over the past half-decade has provided greater certainty of where malicious online activity persists, just what the vanguards of online security should do with the data is less certain. As privacy blogger John Hawes notes on the blog Naked Security, webmasters can now monitor the Safe Browsing site for data about their site provider service.

If Google’s data show that a particular site provider comes up as a host for a number of infected sites, then webmasters will know that they should start asking questions, Hawes suggests. Moreover, webmasters can better inform themselves about which site providers have a clean record, and flag those providers who host numerous infected sites. If anything, the Safe Browsing program has contributed to a heightened awareness of Internet scams among the general populace. While many Internet users have heard of the words “phishing” and “malware,” Google has shed additional light on the scope of the problem. As Google engineer Niels Provos put it, “[Safe Browsing] is about making the Internet a safer environment... We want to make as much information available about the state of the Web as we see it...By putting [the data] out there, we want to educate Web masters that this is very real, that the danger of you getting infected is very large.”