Microsoft’s Cybercrime Center

November 24, 2013 5:03 PM

110 0

Many months ago, over five million infected computers began a silent invasion of their users’ personal information, all across the world, and sent them to cybercriminals.

The users had no way of knowing. There was no evidence of any criminal activity taking place. Half a billion dollars were stolen from people and in businesses by a botnet called the Citadel, a malware that captures everything typed on screen – passwords, credit cards, anything important and private are being hijacked and sent directly to the botnet’s masters.

They become dangerous when they have access to your credit card, they can max out your credit, leaving you with a massive debt. They will gain access to your bank, and take away every cent – so the next time you try to take out cash in the ATM, you will end up crying and angry, and you will end up in a very difficult situation.

One of the worst possible things that could happen, is someone stealing your identity, and if that happens, things will definitely get messy, with a risk of being accused and thrown in jail for things you’ve never done.

The Citadel ran for more than a year, and it stole information everywhere. There were of course, attempts how to put a stop on this, a massive collaboration with the FBI, bank investigators, and Microsoft.

In due time, about 90 percent of the Citadel-infected computers have been put down.

“As a result, we’re hopefully identifying or producing evidence that we can provide to national and international law enforcement so they can not only identify these criminals but apprehend them,” Richard Boscovich, assistant general counsel for Microsoft’s Digital Crimes Unit (DCU), said.

There are many websites containing malware continue to infect computers each day. A Microsoft employee, former lawyer, came up with an idea that allowed them to seize all these websites for them to disinfect.

The idea was simple, place a restraining order against the spammers. This would have them appear in court, which of course, they didn’t, causing a default win for US.

Microsoft informed users and released support to disinfect the users’ computers.

Meanwhile, 3,600 laptops had been stolen. Donal Keating, senior manager of forensics, was contacted if he could locate the missing laptops. He did, by accessing the laptops’ activation codes, and it didn’t take very long for Keating to map out everything, and whenever a laptop goes online, he knows exactly where it did.

Microsoft’s PowerMap is used to visualize piracy data, and this was what Keating and his team use to detect piracy. They have noticed that there is a stronger risk of malware detected in counterfeit software.

It shows then that not all PCs infected with malware are from spammers and websites they have visited. It could originate from brand new devices with pirated software installed. This also means that not all vendors are reliable and some of them could install counterfeit software with potential malware to customers who believe are purchasing devices and/or authentic software.

Discs of counterfeit software end up looking authentic. Even experts may be fooled by how these discs present themselves. The company of course, would keep on taking complex measures on how to make their discs unique.

But criminals will always find a way to produce authentic-looking counterfeits.

The Cybercrime Center is a world-class laboratory where everything happens in there is something you think only happens on TV. Inside are video screens, news clippings, and cybercrime statistics, facts, and case studies, powered with with super high-tech devices to keep track of criminal activity.

Almost 400 million people become victims and billions of US dollars are stolen each year, David Finn said, associate general counsel for Microsoft’s DCU.

“We understand that there’s no one single country, business or organization that can tackle cyber security and cybercrime threats alone. That’s why we invest in bringing partners into our center – law enforcement agencies, partners and customers – into this center to work right alongside us.”

The laboratory has offices, evidence rooms, and everything else needed in order to monitor any cybercrime activity. Finn said that this is not a TV show and in those labs and offices are real cases they are working on.


To category page