USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0498 Microsoft Provides Botnet Tracking Tool To Law Enforcement:

Microsoft is giving law enforcement access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed the Malicious Software Removal tool that ships with Windows. Although Microsoft is reluctant to give out details on its botnet buster - the company said that even revealing its name could give cyber criminals a clue on how to thwart it - company executives discussed it at a closed door conference held recently for law enforcement professionals.

The tool includes data and software that help law enforcers get a better picture of the data being provided by Microsoft's users, said Tim Cranton, associate general counsel with Microsoft's World Wide Internet Safety Programs. Microsoft security experts analyze samples of malicious code to capture a snapshot of what is happening on the botnet network, which can then be used by law enforcers, Cranton said. "They can actually get into the software code and say, 'Here's information on how it's being controlled.'"

In February, Canadian authorities in Quebec used Microsoft's botnet analysis tool to break up a network that had infected nearly 500,000 computers in 110 countries, according to Captain Frederick Gaudreau, the head of the provincial police force's cybercrime unit.

(ComputerWorld.com 19APR08)

Last Modified: Saturday, 02-Aug-2008 22:20:04 EDT

NOW READ THIS ("Security Advisory")

NRT-0498 Microsoft Provides Botnet Tracking Tool To Law Enforcement:

NOW READ THIS
("Security Advisory")