02:32 PM
Connect Directly
Repost This

Security Experts Strategize At Microsoft HQ

Among the approximately 200 who attended were representatives from Microsoft, Symantec, Cisco, the FBI, Department of Homeland Security, and the Secret Service.

Security professionals from the private sector, law enforcement officials, and representatives from government and academia met last week at the Redmond, Wash., campus of Microsoft to craft strategies against botnets, spam, and phishing fraud, a participant said Monday.

It was the second meeting of the group, which is largely made up of people on several closed security-related mailing lists. Among the approximately 200 who attended were representatives from Microsoft, Symantec, Cisco Systems, the FBI, Department of Homeland Security, and the Secret Service.

"It was all about sharing information and developing trust relationships that allow for better sharing of information," says Randy Abrams, the director of technical education with antivirus vendor ESET. The networking at the meeting, even more than its presentations, are crucial for sharing data, tactics, and ideas, he adds. "We all need to know who's working for the good guys, who can take action, who those people trust, and who are their resources."

The meeting -- which was hosted by the Internet Security Operations Task Force -- was a follow-up to last summer's debut meeting, which was held at the headquarters of Cisco. Like the 2006 conference, last week's was closed to reporters. It was hardly hush-hush, however.

"It's hard to be a secret when the agenda's on the Web," Abrams says.

"The real value isn't in the presentations, it's in the networking. I'm not in a position to shut down a [phishing] Web site, but I know who can," says Abrams. "Now, if the FBI contacts me and asks who to go to, I can put them in touch. A lot of that kind of networking goes on."

Most of the presentations and conversation, says Abrams, were about botnets -- fast-growing collections of compromised computers that are used to launch phishing attacks and spread malware -- and the recent boom in spam.

"These are what we're seeing as the predominant problem," says Abrams, who declined to get specific. "We don't want the bad guys to know that we know what they know."

Much of the formal and informal emphasis was on strategies and technologies that work, and when. " 'This is where this is effective,' someone from an ISP would say," says Abrams. "Or 'this is how we tracked down spammers.' "

Abrams might have been bullish on the networking opportunities at the meeting, but he sounded pessimistic on the chance that the security community would soon get a handle on botnets or spam. "We won't, not in the near term, but eventually I think we'll be able to knock down the numbers," he says.

"Next year when we meet it will be a lot more focused on specific recommendations," Abrams says. "We won't be waiting until then to implement [strategies], but we'll have a much better idea of what we can do [that works] and what we should do."

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.