Government // Cybersecurity
News
12/4/2013
09:06 AM
50%
50%

Microsoft Launches Cybercrime Center

Microsoft expands global role supporting law enforcement, government, and businesses fighting cybercrime.

9 Android Apps To Improve Security, Privacy
9 Android Apps To Improve Security, Privacy
(click image for larger view)

Microsoft has unveiled its latest effort to combat cyberthreats with the opening of its new Cyber Crime Center. The state-of-the-art operations facility, located on Microsoft's Redmond, Wash., campus, provides specialists with an array of advanced tools to visualize and identify cyberthreats around the world.

The center is not simply for Microsoft, though. In addition to the technical experts who can track criminal activities, the center is working closely with law enforcement agencies, customers, and academics to develop ways to keep the public safe from cyber criminals. Microsoft is also including legal experts who can advise the best ways to navigate international law.

"The center provides an unprecedented opportunity to bring together people with different expertise -- engineers, investigators, lawyers, etc. -- and equip them with the best tools and technology available," Bonnie MacNaughton, assistant general counsel for the Digital Crimes Unit (DCU), told InformationWeek.

[ Is it time for Congress to reconsider privacy protection laws? Its own watchdog group thinks so. Read Consumer Privacy Protections Need Review, GAO Tells Congress. ]

The DCU team is made up of nearly 100 lawyers, investigators, forensic analysts, and business professionals all around the world. The company has established a dozen satellite offices or regional labs in major cities, including Beijing, Berlin, Bogota, Dublin, Hong Kong, Sydney, and Washington, D.C. It can provide the latest technology and monitor developments internationally -- two aspects that can be challenging for US law enforcement.

Housed within the Cyber Crime Center, the DCU team brings cybercrime experts across the areas of IP, botnets, malware, and child exploitation under one umbrella, "so that when focus areas intersect … we can work better together to eliminate cyber threats to Microsoft's businesses, customers, and the entire digital ecosystem," said MacNaughton.

Microsoft's new Cyber Crime Center. (Photo: Microsoft)
Microsoft's new Cyber Crime Center. (Photo: Microsoft)

Many federal agencies are working on aspects of cyberthreats: the Department of Homeland Security's US Computer Emergency Readiness Team (US-CERT), the FBI's Cyber Crime division, the Secret Service network of Electronic Crimes Task Forces, and Immigration and Customs Enforcement, to name a few, do everything from tracking threats, to cyber forensics, to taking down internationally wanted criminals.

Almost every country has its own cybercrime program, not to mention Interpol, NATO, and other regional alliances.

Where does Microsoft's center fit into this veritable galaxy of cyber law enforcement?

"The DCU understands that Congress has traditionally seen fit for private entities to protect themselves, and their customers, through legal action," MacNaughton said. "Microsoft is very deliberate about pursuing disruptive measures through the civil judicial system, as the U.S. Congress envisioned when it created a civil component to the RICO and Lanham acts. By effectively leveraging these civil causes of action, Microsoft has sought to bring additional pressure against a determined and sophisticated adversary."

But the company knows that only law enforcement agencies can really crack down on cybercriminals.

"[We work] closely with law enforcement to combat cybercrime, and whenever possible we use the evidence gathered in civil actions to refer cases to law enforcement for criminal prosecution," MacNaughton said. "For instance, in the Rustock and Zeus botnet cases, after closing our civil cases we made a criminal referral to the FBI." Those are two of seven botnets tied to criminal organizations committing consumer, financial, and advertising fraud, according to Microsoft briefing materials. The others include Citadel, Bamital, Nitol, Kelihos, and Waledac.

In another worldwide botnet investigation targeting cybercriminals out of Eastern Europe, Microsoft and financial services industry leaders affected by the Citadel botnet investigated and filed their own civil case, MacNaughton said. Then they worked with the FBI and coordinated a worldwide disruption of the Citadel zombie network and shut down nearly 90% of enslaved computers.

"When Microsoft seizes the command and control infrastructure of a botnet, it severs the connection between the cybercriminals running it and the computers they infected with that botnet's malware," she said. "These infected computers continue to try to check into the botnet command for instructions until they are cleaned of the malware. Every day, Microsoft's system receives hundreds of millions of attempted check-ins" from infected computers.

The company shares data gathered by its Azure-based Cyber Threat Intelligence Program (C-TIP) with ISPs and CERTs, giving them better situational awareness of cyber threats.

Microsoft officials also noted that as a result of joint operations with Interpol, the FBI, ICE/HSI, Scotland Yard, and the Medicines and Healthcare Products Regulatory Agency (MHRA), more than 20,000 illegal online pharmacies selling dangerous counterfeit drugs were identified through Microsoft's SitePrint tool and subsequently taken down.

Consumerization 1.0 was "we don't need IT." Today, we need IT to bridge the gap between consumer and business tech. Also in the Consumerization 2.0 issue of InformationWeek: Stop worrying about the role of the CIO. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
12/4/2013 | 9:59:32 AM
Smart move
I think this is a great move for MS. Its PhotoDNA technology is particularly interesting, and the "CSI" setting will ensure a stream of good PR -- MSM journalists "get" that.

Redmond's been focused on beefing up its security chops for awhile, why not bring the efforts under one umbrella?
WKash
50%
50%
WKash,
User Rank: Author
12/4/2013 | 10:38:37 AM
Microsoft Cyber Crime Center
These days, it seems you can't appear serious about an online initiative without building an impressive Operations Center to show off to your stakeholders.  While many fault Microsoft's products for giving hackers plenty to exploit, Microsoft does deserve credit for having devoted a significant amount of intellectual capital into fighting cyber crime for many years -- and to pulling in law enforcement, legal, and other specialists behind the scenes -- long before this Cyber Crime Center opened. 

 
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
12/4/2013 | 11:35:43 AM
Re: Microsoft Cyber Crime Center
It's almost as laudable as (and comparable to) Bill Gates' efforts to stamp out polio. 
William Welsh
50%
50%
William Welsh,
User Rank: Strategist
12/4/2013 | 7:23:05 PM
Fighting Cyber Crime Requires Major Investments
We need more all-out efforts, and this is a good one, to produce digital forensic evidence that can be used in national and international courts against cyber criminals. It's a daunting task that requires major investments of time, funds, and highly skilled personnel.
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.