Google has acquired VirusTotal, a free service that analyzes suspicious files and URLs and facilitates the detection of viruses, worms, trojans and malware.

According to VirusTotal, two key elements of the acquisition are “great news for (customers), and bad news for malware generators.” Namely, VirusTotal says the quality and power of its malware research tools will keep improving and most likely get faster and Google’s infrastructure will ensure that its tools are always ready when needed.

Google May Have Internal Motives

Some observers think Google is purchasing VirusTotal in an effort to boost the security of its own Internet services, rather than to increase the security of VirusTotal customers. For example, a FirstPost Technology article states Google bought the “fledgling but widely used cyber-security industry player in a move that could beef up protection for its Internet services.”  

The article goes on to say VirusTotal “could significantly shore up the search giant’s ability to weed out infectious content from Gmail, social network Google+ and even the pages it shows search users.”

And stating “Companies like Google have to be especially cautious when it comes to security,” VentureBeat also speculated Google is looking to internally benefit from VirusTotal’s security know how, commenting, “Google plans to keep the technology up and running, and, in return, gain from the employees’ expertise in the security industry.”

So far Google has made minimal public commentary on the acquisition, but did tell VentureBeat it is “delighted to be able to provide (VirusTotal) with the infrastructure they need to ensure that their service continues to improve.”

Google Takes Security Seriously

Even before purchasing VirusTotal, Google made it clear that as a company it takes IT security seriously. In May 2012, Google earned an ISO 27001 information security certification for Google Apps Business. The certification designates that Google is following security best practices for systems, technology, processes and data centers that support Google Apps for Business. ISO certification is well-respected, especially in highly regulated industries, for its rigorousness.

This is not the first security certification for Google. The company obtained FISMA certification for Google Apps Government and has regular third-party audits for SSAE 16/ISAE 3402, a standard similar to the ISO 27001 certification. But as CMSWire pointed out in an article about the certification, “It’s unlikely that Google is seeking a pat on the back for its hard work achieving the certification. This move is about one thing: Wooing customers.” Purchasing VirusTotal is likely another signal to users of Google’s various Internet services that their security is a top priority.

Google is a longtime VirusTotal partner. VirusTotal will continue to operate independently, maintaining partnerships with other antivirus companies and security experts. Financial details were not disclosed.