Google – Get Off Your Collective Butts and Fix The Problem!

google-logo Internet security is a “sexy” business – one gets to work in the “dark side” of the Internet and is constantly challenged to stay ahead of the learning curve, develop new techniques, appliances and applications to protect Web sites, and attached devices and systems, from hackers, cyber-crooks, malware and while understated, terrorists.

Failure to protect the Internet, which by definition is an open network, has substantial penalties ranging from productivity decreases, infrastructure compromise, to a failure in consumer confidence and more. It’s this last one – a failure in consumer confidence that is the focus of this article.

In dealing with Internet security issues, I’m often frustratingly reminded of the “head in the sand syndrome” – if we ignore it will go away, if we ignore it then it can’t be real, if we ignore it will get better, anon. It’s no surprise then that a substantial security issue, well known to Google, which has failed to come up with an effective solution, continues to plague the Internet.

Those of us who are involved in Internet security know, and have known for a considerable time, that cyber-crooks are unrelenting in their chase to infect web search results. We know that there has been a steady increase in the use of custom-built Websites designed to drop malicious code on computers, and in the manipulation of legitimate pages in order to infect computers with malware.

For example, until quite recently (less than 3 weeks ago), a user searching for the following string on Google “Microsoft Office 2002 download” would have encountered a Microsoft.com redirection link as the first result. That link had been redirecting visitors to a malicious web site, that then launched a malware attack which included an attempt to convince victims to download rogue security software. Microsoft has since fixed the problem.

Equally as disturbing, seventy nine percent of compromised web pages tracked in the last year were on legitimate web sites; including web sites belonging to Fortune 500 companies, government agencies and ironically, security vendors.

google_adwords_machine

If one were to poll a group of typical Internet users as to the safety and reliability of search engine results there is little doubt that the answer would be positive. Given that search engine results can be manipulated in the ways described above, and other ways, it is reasonable to ask the question – why aren’t typical Internet users aware of this situation.

Arguably, a case could be made that Google and others subscribe to the “head in the sand syndrome” – if we ignore it will go away, if we ignore it then it can’t be real, if we ignore it will get better, since to acknowledge this issue, and to give it the focus it deserves, would erode consumer confidence in the product. Good corporate thinking, huh?

Here’s a sample of what Internet users are facing, posted on the Internet just today, January 16, 2009:

“I’m the owner of the site http://www.xxxxxx.net. When anyone searches Google for our firm, the first result looks like the link to our site. But when anyone clicks on that result they get redirected to an alarming site that tries to sell fake spam software. The hijack site takes control of the browser! This is happening when our potential clients search for us! Help! If I type the address directly into my browser then it works fine. I submitted a spam report to Google a couple of days ago, but nothing has changed yet”.

So how do the crooks do it?

Common techniques used by cyber-criminals include the manipulation of search engine results, and the seeding of fake Websites among the top results returned by these engines. When a potential victim visits one of these sites (as described above), the likelihood of the downloading of malicious code onto the computer, by exploiting existing vulnerabilities, is extremely high.

There are several ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate.

An additional method, employed by cyber-crooks is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.

So will Google address this issue? Sure, but only when malicious hackers finally force them to. Great business model Google!

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Checkout Need Free Security Programs? – 10 Of The Best! on this site

3 Comments

Filed under Anti-Malware Tools, Don't Get Hacked, Google, Interconnectivity, Internet Safety, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, System Security, trojans, Viruses, worms

3 responses to “Google – Get Off Your Collective Butts and Fix The Problem!

  1. Google will also make no effort to verify that the websites paying for ads in their AdSense program are, in fact, not exploit and/or phraming sites.

    Hackers pay, and their poisoned site appears in the “Sponsored links” column.

  2. jowazzoo

    Sheesh .. almost posted before I got past 3 sentences. :-)) You asked: “why aren’t typical Internet users aware of this situation.” BECAUSE most don’t know any better or don’t care. “Hey … that’s the way the internet works.”

    One big freaking libertech (libertarian technological) (c) mess. What percent of (l)users do you suppose stop and ask things like why ….? Now in many ways I am quite a libertarian myself, but lean mostly in the conservative direction. What does this have to do with Google? They are the Freaking King of the Heap.

    Kings occasionally need to show leadership. Particularly when they can afford to.

    Other gripes: 1) the number of junk/spam/template sites is amazing. And where do they show up? Near the top of course. Want to improve your ranking at least for Ad$ sake? Bury some hidden links to xHamster. 2) forced contextually correct adsense ads. As an abuse/malware fighter I never cease to be amazed at how many of the commercial wares can do everything. Oh and yeah its a FREE download. 3) near top of heap listing for sites you cannot access unless you pay up. e.g. experts-exchange. (There are ways to beat that though :-))

    I could go on but not in a good mood since I spent 6 hours yesterday cleaning up after the gall darned Downadup/Conficker piece of ^@!* dumped a smorgasbord on one of my machines. (Yes – it was protected. Looked like an ad for Trojanz.)

    • billmullins

      Hey jowazzoo,

      As usual, a well thought out comment. Always appreciate your comments.

      Thanks for stopping by.

      Bill