Microsoft: real-time threat feed
It looks as if Microsoft is ready to do its part to deter cyber crimes. Microsoft intends to offer real-time feeds that partners can use to analyze possible cyber threats and take the proper steps to boost their defenses against these attacks.
With Microsoft’s success in tackling botnets, they have been able to acquire a lot of information around the specific threats these botnets pose. By allowing the botnets to contaminate highly monitored environments, Microsoft had been able to identify and remove the malicious bots and also discover how they work.
This collected data is now given to ISPs, private and government organizations, & CERTs. While real-time data may not reduce the quantity of attacks by malicious code, the result of sharing this data will likely be quite remarkable. IT security companies should be able to respond more speedily to these threats and therefore be able to reduce the level of damage they can cause.
Another great result a real-time threat feed could have is an improvement in overall information sharing between IT security companies. For too long IT companies have been reluctant to share threat information for the fear that it could fuel more attacks. Most experts say this an unsupported fear. The cyber criminal “community” has already been sharing and learning from each other. It’s only logical therefore that IT security professional share as much information as possible to battle the seemingly endless barrage of new cyber threats.
The IT industry has for too long considered the sharing of the information of a cyber attack an invitation for a copycat attack. Hopefully Microsoft’s first small steps toward a more connected IT security force will take root and that sharing data and information is a better choice than secrecy.