Microsoft has announced a new initiative aimed at sharing information about botnets, malware and other threat data with Internet Service Providers and Computer Emergency Response Teams (CERTs)
Microsoft Digital Crimes Unit security director TJ Campanaat said it was sharing information from its botnet operations as part of its Project MARS (Microsoft Active Response for Security) program and it was now sharing that information on known botnet malware infections in near real-time.
“The new Windows Azure-based Cyber Threat Intelligence Program (C-TIP) will allow these organisations to have better situational awareness of cyber threats, and more quickly and efficiently notify people of potential security issues with their computers.
“All the information is uploaded directly to each organisation's private cloud through Windows Azure. Participation in this system allows these organisations almost instant access to threat data generated from previous as well as future Mars operations.”
Forty four organisations in 38 countries receive the threat intelligence gathered from botnet sinkholes.
“ISPs, CERTs and the security community in general have played a vital role in our proactive fight against cyber crime to date,” Campana said.
“We look forward to continuing our partnerships with these organisations in order to make life more difficult for the cyber criminals and protect innocent people around the world.”
Lumension forensic analyst Paul Henry said information sharing was overdue good news.
“This new effort by Microsoft will go a long way in reining in infected PCs and thereby reducing the size of botnets overall and is likely to have a significant impact on cyber crime,” Henry said.