Feeds

Microsoft loads botnet-crushing data into Azure

C-TIP gives ISPs near-realtime access to MARS data

Choosing a cloud hosting partner with confidence

Microsoft is plugging its security intelligence systems into Azure so that service providers and local authorities can get near-realtime information on botnets and malware detected by Redmond.

The new Windows Azure-based Cyber Threat Intelligence Program (C-TIP) was unveiled on Tuesday by Microsoft as an extension of its crime-busting Microsoft Active Response for Security (MARS) program.

C-TIP will let ISPs and Computer Emergency Response Teams (CERTS) get a direct link between their servers and Windows Azure to ingest near-realtime data on malware-infected computers tracked by Microsoft. Previously, these organizations would get MARS data via emails from Microsoft.

"Participation in this system allows these organizations almost instant access to threat data generated from previous as well as future MARS operations." Microsoft's director of security for its Digital Crimes Unit TJ Campana, wrote.

"While our clean-up efforts to date have been quite successful, this expedited form of information sharing should dramatically increase our ability to clean computers and help us keep up with the fast-paced and ever-changing cybercrime landscape,"

ISPs and CERTS plugging into C-TIP will get updated threat data for their specific country or network every 30 seconds, Microsoft said. The Spanish CERT, INTECO, will be one of the first organizations to get C-TIP data, Microsoft said, along with CERTS, CIRCL and govCERT in Luxembourg. Several other unnamed CERTs and ISPs have signed up as well.

Project MARS was started in 2010 as a way for Microsoft to share data on infected PCs with CERTs and ISPS. Mars has helped take down numerous botnets including Bamital, Waledac, Rustok, Kelihos, and Nitol.

Microsoft did not disclose whether C-TIP will use all of Azure's data centers and edge locations or merely those located in the US. ®

Internet Security Threat Report 2014

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.