For the past few years, the Microsoft Digital Crimes Unit has been proactively going after criminal botnets by physically raiding and shutting down their servers in cooperation with law enforcement under a program called Project MARS (Microsoft Active Response for Security). This week, the company announced a new effort made to help Internet service providers get more information on current botnet threats.
In a post on the Microsoft On the Issues blog, the company revealed its new Cyber Threat Intelligence Program (C-TIP), which uses Microsoft's Windows Azure cloud services. C-TIP resources are available for use by ISPs as well as Computer Emergency Response Teams. Once an organization is signed up to use C-TIP, Microsoft says that threat data on infected computers from botnets in their country or network " ... can be uploaded to any organization's private cloud server inside of 30 seconds."
Previously, Microsoft's Digital Crimes Unit have been central in shutting down a number of botnets such as Rustock, Kelihos, Zeus and most recently the Bamital servers. In this week's blog post, TJ Campana, the director of security for the company's Digital Crimes Unit, stated:
While our clean-up efforts to date have been quite successful, this expedited form of information sharing should dramatically increase our ability to clean computers and help us keep up with the fast-paced and ever-changing cybercrime landscape.