Microsoft to use Windows Azure to fight botnets in the cloud

For the past few years, the Microsoft Digital Crimes Unit has been proactively going after criminal botnets by physically raiding and shutting down their servers in cooperation with law enforcement under a program called Project MARS (Microsoft Active Response for Security). This week, the company announced a new effort made to help Internet service providers get more information on current botnet threats.

In a post on the Microsoft On the Issues blog, the company revealed its new Cyber Threat Intelligence Program (C-TIP), which uses Microsoft's Windows Azure cloud services. C-TIP resources are available for use by ISPs as well as Computer Emergency Response Teams.  Once an organization is signed up to use C-TIP, Microsoft says that threat data on infected computers from botnets in their country or network " ... can be uploaded to any organization's private cloud server inside of 30 seconds."

Previously, Microsoft's Digital Crimes Unit have been central in shutting down a number of botnets such as Rustock, Kelihos, Zeus and most recently the Bamital servers. In this week's blog post, TJ Campana, the director of security for the company's Digital Crimes Unit, stated:

While our clean-up efforts to date have been quite successful, this expedited form of information sharing should dramatically increase our ability to clean computers and help us keep up with the fast-paced and ever-changing cybercrime landscape.

Source: Microsoft
Botnet image via Shutterstock

Report a problem with article
Previous Story

Microsoft has sold more than 20 million Office 2013 licenses + subscriptions

Next Story

Microsoft releases Bing wallpaper packs for Mac OS X users

6 Comments

Commenting is disabled on this article.

Hello,

While that's a very nice showcasing of Windows Azure, I'm unsure of what the exact benefit of this is over existing notification strategies. In many cases, I would think an ISP would just need to pull a secure XML feed to push into their own enterprise network security solutions, most of which are probably Linux-based.

Regards,

Aryeh Goretsky

M_Lyons10 said,
I'm really impressed by Microsoft's continued action to get rid of all of these threats... What a great initiative.

Maybe it's just the Negative Nelly inside of me, but I feel like they are only doing it because it affects the reputation of THEIR software.

djdanster said,

Maybe it's just the Negative Nelly inside of me, but I feel like they are only doing it because it affects the reputation of THEIR software.

With or without their own agenda behind it, it's a great initiative!

djdanster said,

Maybe it's just the Negative Nelly inside of me, but I feel like they are only doing it because it affects the reputation of THEIR software.



When Linux/unix/mac brakes the 2% world wide desktop shares. Then maybe the botnet "herders" will start focusing on exploiting them, other than Windows.

Seriously, Linux/Unix/Mac based machine are exploitable. Why would a botnet "herder" bother with a market share that so small when you need thousands of computer to serve spam?