Microsoft said Tuesday that it has moved its botnet-fighting capabilities to the cloud, a step that will make its response teams both faster and more effective in fighting hijacked PCs.
Microsoft launched its Microsoft Active Response for Security (MARS) program in 2010, relying on a series of daily emails to ISPs and other clients to warn them about the networks of hijacked PCs, known as botnets, operating within their borders.
Now, Microsoft's new effort, dubbed the Cyber Threat Intelligence Program (C-TIP), taps the Microsoft Azure cloud to send updates as frequently as every 30 seconds, providing near-real-time threat intelligence to its clients.�All the information is uploaded directly to each organization?s private cloud via Azure, Microsoft said.�
Botnets are typically formed when hackers exploit vulnerabilities in a number of different computers, either via a Trojan, infected Web site, or a phishing attack. The "zombie" PCs are then networked together and ordered about by a command-and-control server or servers. The botnet can then be used for anything including distributed denial-of-service attacks, distributing malware, to "clickjacking," such as the automated clicking of ads that the "Chameleon" botnet recently exploited to the tune of an estimated $6 million per month.
To read this article in full or to leave a comment, please click here
No comments:
Post a Comment