Microsoft's Digital Crimes Unit: tackling cyber threats head on

Lindsay James
Lindsay James
By Lindsay James on 30 October 2015
Microsoft's Digital Crimes Unit: tackling cyber threats head on

This article first appeared in the Autumn 2015 issue of OnWindows magazine.

While the digitisation of our world has transformed our lives for the better in more ways than we could ever have imagined, there’s no doubt that it has a dark side. Across the globe, cybercriminals are making increasingly more sophisticated attacks, affecting nearly 400 million people, and costing consumers US$113 billion every year, according to the latest research from security firm Symantec.

For retail financial services firms in particular, this threat presents a huge challenge. Take the recent cyberrobbery by the Carbanak criminal gang, for example. Stealing up to one billion dollars over a two-year period from more than 100 banks worldwide, the cybercriminals were among the first malicious users to steal money directly from financial institutions, rather than targeting customers.

That’s not to say that end users are no longer being exploited; quite the opposite in fact. Between mid-2014 and early 2015, three of the most active banking botnets (whereby networks made up of remote-controlled computers which have been infected with malware are used for malicious purposes) were brought down. Meanwhile, the Dyre financial Trojan (a type of malware designed to provide unauthorised, remote access to a user’s computer) has emerged over the past year to become one of the most potent financial fraud tools in operation. Dyre is configured to defraud the customers of more than 1,000 banks and other companies worldwide.

Against this backdrop, the Microsoft Digital Crimes Unit (DCU) is upping the ante against global cybercrime, taking legal action to clean up malware and help ensure customers stay safer online.

 “It’s a fascinating area in which to work,” says Richard Boscovich, a former attorney and Microsoft’s assistant general counsel for the DCU. “We have observed significant changes over the years. Botnets continue to be the weapon of choice for crime-for-profit individuals, but the way malware is deployed to create botnets has changed dramatically. In the beginning, cybercriminals would take a shotgun approach. However, as we’ve got better at bringing these criminals down and ripping out their infrastructures, they’ve started to reduce the noise level in which they operate by being more specific in the way in which they target their efforts. They’re much more geographically located too. Take ZeusS, Ice IX, Shylock and Ramnit, for example, which have targeted a specific country’s financial vertical.”

This type of activity creates a huge amount of concern for retail financial services firms, which need to assure their customers that it’s safe to bank online. “We’ve seen banks become increasingly aware of the threats over the past few years,” Boscovich explains. “At Microsoft, we have a very open line of communication with many of the biggest banks to identify the specific threats that they’re seeing and combine their intelligence with ours. This means that we can work alongside the industry to better identify, understand and take proactive measures against the threat. For example, since our action against the Citadel botnet – which was used in 2013 to steal more than US$500 million from bank accounts spread around the globe – we’ve seen a 98% reduction in fraud using that malware.”

The intelligence gathered from this work is also incorporated in Microsoft’s cloud to ensure it can offer better security and greater protection for its customers. “Banks are realising that having a secure cloud infrastructure is a way to reduce potential risks,” Boscovich says.

Microsoft’s commitment to ensuring a safer environment for the retail financial services industry to work in doesn’t stop here. The company is also investing heavily in regulation and control. “We work very closely with regulators to understand their concerns,” explains Neal Suggs, Microsoft’s vice president and associate general counsel for business, consumer and the public sector. “The information gained from this is then fed back to our engineering teams so that we can guarantee that every product we offer our customers will meet regulations.

“We are also committed to help shape the laws in this regard,” Suggs continues. “If you think about our lawsuit with the US government [a US judge tried to force Microsoft to hand over e-mails sitting in the company’s Irish data centre – Microsoft appealed the case on the grounds of data privacy], then it’s clear to see that we take our responsibility to keep data safe seriously.”

And the company’s efforts in this regard are showing no signs of slowing down. “We’re doubling our investment to make Azure the most compliant cloud a customer can use,” Suggs says. “It meets international standards, including the privacy laws of over 140 jurisdictions to create a product that is inherently resilient.”

“We’re also really excited about the security in place around Windows 10,” Boscovich adds. “We’ve taken everything we’ve learnt over the last few years to make this operating system our best yet. One of the amazing aspects of what we’ve done is to look at how apps are compromised – Windows 10 now opens apps in a sandbox environment. We’ve also enhanced security at all levels, from the default automatic updates to the integrated antivirus product. This gives our financial services customers the confidence they need that, right through the line, every part of the puzzle is totally secure.”

Number of views (27703)/Comments (-)

Comments are only visible to subscribers.

Theme picker