Microsoft Applies Disruption Strategy towards Combating Botnets

Microsoft's DCU (Digital Crimes Unit) has found that disrupting botnets' operations can best help in dealing with cyber-crime associated with the malicious networks. Computerweekly.com published this on June 21, 2012.

As a proof-of-concept (POC) approach is the dismantling of botnet Waledac the army of compromised PCs, during February 2010, which Microsoft along with associates apply even now.

Following Waledac's takedown, this approach has been made sophisticated via combination of legal and technical skills for shutting down other botnets namely ZeuS, Kelihos and Rustock during 2011-12.

Microsoft's DCU, comprising technical professionals, program managers and lawyers, initiated the strategy for utilizing civil law towards capturing as also thwarting the command-and-control systems of the botnets.

Senior Attorney Richard Boscovich at DCU states that attackers choose botnets as their preferred weapon. Computerweekly.com published this.

According to the Attorney, whilst it's hard for attacking big government and enterprise networks, the possibilities of success are far better when the power that innumerable bot-infected PCs possess is exploited.

Therefore, cyber-criminals primarily aim at raising their power via the hijacking of maximum possible computers to include them into their botnets.

Elsewhere Boscovich explained that the most important action was to make a halt of a botnet as well as its infrastructure, whilst raising expenses for the network's controllers. Infosecurity-magazine.com published this on June 21, 2012.

Boscovich's assertion reverberated what Jonathon Ness his colleague said about how vital it was to reduce the attackers' Return on Investment (ROI), as they spent more money and time for re-creating and re-classifying 'compromising' malware.

Microsoft, following any botnet takedown, utilizes the time earned to help victimized computer owners sanitize their systems, while passes on the intelligence garnered onto agencies of law enforcement. To a query regarding an accusation that Microsoft interrupted the activities of law enforcement following botnet takedowns, Boscovich responded that his organization was doing to make sure that other groups' interference was reduced.

T.J Campana, Senior Program Manager of DCU too stated that it was most important to shutdown botnets for combating Internet crime, adding that splitting infrastructure was one fine way for reaching offenders. Scmagazine.com.au published this on June 21, 2012.

Related article: Microsoft Counters Cybersquatters

» SPAMfighter News - 6/30/2012