Microsoft brings anti-botnet fight to the cloud with Azure level-up

Microsoft is moving to better defend businesses against cybercrime, loading its anti-botnet security intelligence systems into Windows Azure, therby offering firms real-time information on the threats facing them.
The move was announced on Tuesday and is the latest stage of Microsoft's Active Response for Security (MARS) programme. The move will offer businesses direct real-time access to threat intelligence data from Microsoft and other Computer Emergency Response Teams (CERT), which was previously distributed via email.
TJ Campana, Microsoft's director of security for its Digital Crimes Unit, wrote: "By tapping into Microsoft's vast cloud resources, we are now able to share information on known botnet malware infections with ISPs and CERTs in near real-time. The new Windows Azure-based Cyber Threat Intelligence Program (C-TIP) will allow these organisations to have better situational awareness of cyber threats, and more quickly and efficiently notify people of potential security issues with their computers."
Campana said the upgrade is an essential step in Microsoft's ongoing battle against criminal operated zombie botnets, which it claims have become more tenacious in recent years.
"Cybercrime is a global phenomenon and malicious software poses grave risks to computer owners, businesses and users of the internet in general. Among the risks are bank fraud, identity theft, critical infrastructure and denial of service attacks, intellectual property theft and much more," he wrote.
"Every day our system receives hundreds of millions of attempted check-ins from computers infected with malware such as Conficker, Waledac, Rustock, Kelihos, Zeus, Nitol and Bamital."
This upgrade to Azure is the latest stage in Microsoft's ongoing battle against botnets. To date Microsoft has participated in several high-profile operations. These have included a take-down of Kelihos botnet in 2011 and the Bamital sting in February. Campana said that while the Azure upgrade won't result in any more direct takedowns, it will further squeeze cyber criminals' wallets, hampering their ability to expand their operations.
"While our clean-up efforts to date have been quite successful, this expedited form of information-sharing should dramatically increase our ability to clean computers and help us keep up with the fast-paced and ever-changing cybercrime landscape," he wrote.
"It also gives us another advantage: cyber criminals rely on infected computers to exponentially leverage their ability to commit their crimes, but if we're able to take those resources away from them, they'll have to spend time and money trying to find new victims, thereby making these criminal enterprises less lucrative and appealing in the first place."