CSM and Microsoft in malware threat intelligence initiative
By Digital News Asia November 13, 2014
- Threat intelligence gathered for Microsoft to take down and disrupt malicious software
- Follows MoU exchange between CSM and Microsoft at CSM-ACE last year
NATIONAL cybersecurity agency CyberSecurity Malaysia (CSM) has announced the activation of a Cyber Threat Intelligence Programme (CTIP) in partnership with Microsoft Malaysia.
Microsoft’s CTIP is focused on the collection and distribution of existing actionable cyberthreat information to help governments, network owners and Internet service providers (ISPs) identify and help machines that have been compromised by malware, the US technology giant said in a statement.
It comprises threat intelligence gathered for Microsoft’s Redmond, Washington-based Digital Crimes Unit (DCU) and its Cybercrime Centre to take down and disrupt malicious software.
“With more people connected to the Internet, the importance of cybersecurity cannot be over-emphasised,” said Dr Ewon Ebin, Malaysia’s Minister of Science, Technology and Innovation.
“It is our collective responsibility to ensure that Malaysians are safe from unscrupulous individuals or criminal organisations which thrive on unsuspecting victims for personal gain,” he said at the CTIP activation at the Cyber Security Malaysia Awards, Conference & Exhibition (CSM-ACE) 2014 in Ipoh, Perak on Nov 12.
The announcement comes just a day after Microsoft issued a security update fixing zero-day vulnerabilities being actively used by cybercriminals in targeted attacks, one of its biggest security patches in recent history.
The company issued 14 security bulletins, four rated critical, as part of its November 2014 Patch Tuesday updates.
“Microsoft has disclosed a potentially catastrophic vulnerability in virtually all versions of Windows. People operating Windows systems, particularly those who run websites, should immediately install a patch Microsoft released Tuesday morning,” tech blog Ars Technica reported.
READ ALSO: Fortinet sets up regional solution centre in Malaysia
Meanwhile, the CTIP followed a Memorandum of Understanding (MoU) exchange with Microsoft at CSM-ACE 2013 last year, which outlined mutual collaboration between CSM and Microsoft in identifying and remediating cybersecurity threats.
“The data provided by Microsoft’s DCU through its CTIP would not only give us valuable insights as to where and how cybercriminals operate and target Malaysians, but would also allow us to act on these findings to protect victims, in our continuing efforts against cybercrime,” said CSM chief executive officer Dr Amirudin Abdul Wahab.
“The CTIP is not a standalone programme … it cuts across the multitude of initiatives we are currently undertaking.
“What this means is that Microsoft’s CTIP provides data which will allow CSM to extract valuable intelligence for our current initiatives, with insights like malware infestations and new malware threats, which in turn enables us to combat the ever-evolving landscape of malware, keeping Malaysians safer from cybercriminals,” he added.
To date, the DCU has rescued over 85 million IP (Internet Protocol) addresses globally, as part of its botnet takedown initiatives.
Botnets are a network of malware-infected computers which are controlled by cybercriminals. Criminals distribute malware that can turn a computer into a bot, also called a zombie, Microsoft said.
When this occurs, the victim’s computer can perform automated malicious tasks over the Internet without his or her knowledge. Botnets can be used to steal personal and confidential information, send out spam email messages, spread viruses, attack computers and servers, and commit other kinds of crime and financial fraud.
Removing malware is just one aspect of the entire solution in the war against cybercrime, according to Keshav Dhakad, regional director (IPR & DCU), Microsoft Asia, Legal and Corporate Affairs.
“Organisations like CSM and the DCU have the tools and resources to fight cybercrime, but the biggest impact comes from awareness and prevention.
“Consumers and businesses need to be aware of how malware infects through poor Internet practices and unsecure supply chain, such as usage of non-genuine software, and the proactive steps that can be taken to ensure that they are safe online.
“A genuine and trusted software ecosystem is far more agile and protected against cyber-threats,” he said.
Heartbleed being monitored by CSM and MCMC
Cybercriminals shifting to more deceptive tactics: Microsoft
CSM-ACE security conference to be held Nov 11-13 in Ipoh