Cleaning without the user’s consent: Microsoft’s war on botnets

Version imprimable, PDF et e-mail

Our Spam Saturday post
looks at Microsoft's role in diminishing the ZeroAccess botnet.  Microsoft's anti-botnet initiative is something I've been meaning to discuss for a while, so there's no better time than the present.

Microsoft has an impressive Digital Crimes Unit (DCU), formerly known as the Internet Safety Enforcement Team (ISET), which has been in operation for over ten years.  ISET was created to address cybercrimes that were directly related to Microsoft, such as:

  • fraud and abuse through Microsoft systems
  • use of domain names illegally using Microsoft names / brands to draw in victims

ISET also worked on initiatives related to child protection.

The rise of Conficker and the advent of botnets pushed ISET into a more proactive approach toward digital crimes.  It became clear that Microsoft needed to take more aggressive technical countermeasures to deal with these types of attacks.  This opened up a whole new can of worms (rimshot) on how to handle the legality of the technical operations.

The Waledac botnet was the first test for the new DCU, in terms of legal and technical operations.  This is where the cyber crimes team cut their teeth on things like,

  • different cybercrime laws among jurisdictions around the world
  • technical challenges regarding disinfection and notification
  • operational strategy regarding where to focus the countermeasures

SecurityWeek has a great podcast that gets into detail on all of this, as well as other questions like:

  • At what point does it become Microsoft's responsibility to clean a computer?
  • How do you clean a computer without consent of the owner?
  • What can Microsoft do if it does not have legal authority to disinfect?
  • How does Microsoft deal with the problem of preloaded malware?
  • How are criminals infiltrating the unsecure supply chain?  (aka “pirated software”)

Learn all about these things and get more info on Microsoft's Digital Crimes Unit here in this podcast and here at the Microsoft website.


Microsoft CyberCrimes Center.  More images here.

Barracuda provides award-winning security and storage solutions. Check out our full line of products here.

Connect with us on Facebook, LinkedIn, Twitter or Google +. Check out our videos on YouTube

S'abonner au blog

Remonter en haut de page