If the rumors are true, Microsoft is stepping up significantly to join the fight against cyber crime. Reportedly, Microsoft is developing a real-time feed that records current cyber threats and gives necessary steps to protect against them.
With Microsoft’s success in tackling botnets, they have been able to acquire a lot of information around the specific threats these botnets pose. By allowing the botnets to infect highly monitored environments, Microsoft had been able to identify and remove the harmful bots and also discover how they work.
Previously this information had not been shared, but now this data can be given to the government and private organizations, CERTs, & ISPs. Although the number of attacks will likely not decrease thanks to this real-time feed, the impact of a feed like this will be amazing. The amount of damage from a cyber attack will likely be greatly diminished because IT security professionals should be able to more rapidly answer a threat.
Another great result a real-time threat feed could have is an improvement in overall information sharing between IT security companies. For too long IT companies have been reluctant to share threat information for the fear that it might fuel more attacks. Most experts say this an unsupported fear. The cyber criminal “community” has already been sharing and learning from each other. It is only logical therefore that IT security professional share as much information as possible to combat the seemingly endless barrage of new cyber threats.
Let’s hope that security professionals soon realize that sharing information is more important than secrecy. And let’s hope that Microsoft’s move is a first step in this change of attitude.