[ComputerWeekly.com] RSA 2014: Microsoft and partners defend botnet disruption

by Alchemic posted May 21, 2015


Prev이전 문서

Next다음 문서


크게 작게 위로 아래로 댓글로 가기 인쇄

크리에이티브 커먼즈 코리아 저작자표시 Creative Commons License
이 저작물은 크리에이티브 커먼즈 코리아 저작자표시-비영리-동일조건변경허락/3.0에 따라 이용하실 수 있습니다

Link : http://www.computerweekly.com/news/2240215443/RSA-2014-Microsoft-and-partners-defend-botnet-disruption

Microsoft, security firm Agari and the Financial Services Information Sharing and Analysis Center (FS-ISAC) have defended their actions to disrupt criminal botnets at RSA Conference 2014 in San Francisco.

The three organisations worked with the FBI in June 2013 to disrupt the Citadel botnet that was being used to steal online banking credentials and personal identities.


This approach to security is controversial, with opponents arguing that collateral damage is too high and researchers complaining that such actions limit their opportunity to learn more from botnets in action.

“Our goal is always to protect the ecosystem and people whose computers have become infected with botnet malware,” said Richard Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit.

“We measure the effectiveness of this campaign by the fact that financial partners reported between 86% and 98% reduction in fraud after our action against the Citadel botnet,” he said.

Microsoft also observed a drop in activity by other botnet operators in the wake of the Citadel operation.

“This demonstrates that disruption works in a similar way to the traditional model of law enforcement where action against some criminals deters others,” said Boscovich.

Dismissing criticism that such operations are tantamount to playing Whack-A-Mole, he said: “At the very minimum, the disruptive approach eliminates the less sophisticated cyber criminals, reducing the noise, which enables us to concentrate on the bigger threats.”

The FS-ISAC joined the operation because it wanted to take action as an association after hundreds of its members had reported total losses of around $477m, said Errol Weiss, board member of FS-ISAC.