Microsoft Takes Botnet Threat Intelligence Program to the Cloud



I wanted to reach out to you to let you know that Microsoft announced today a new cloud-based version of its Cyber Threat Intelligence Program (C-TIP), providing near real-time information about known malware infections to participating ISPs and CERTs Worldwide, so they can help victims regain control of their computers.  Last Friday in Madrid, Microsoft’s Orlando Ayala joined with the Secretary of State of Telecommunications and Information Society of Spain, Victo Calvo Sotelo, to announce an agreement for the Spanish CERT, INTECO, to become one of the first organizations to receive data from the Windows Azure-based service.  The Spanish CERT joins the Luxembourg CERTs, CIRCL and govCERT, as an early adopter of this program, which allows ISPs and CERTs to receive updated threat data related to infected computers in their specific country or network approximately every 30 seconds. 

Since launching the Project MARS (Microsoft Active Response for Security) program in 2010, Microsoft has been actively sharing information from our botnet operations with Internet Service Providers (ISPs) and Computer Emergency Response Teams (CERTs) around the world to notify people and businesses of potential security issues with their computers and to provide them with free cleanup tools. Because each of our botnet operations has helped us cut off communication between the cybercriminals and the computers infected with the MARS malware (Waledac, Rustock, Kelihos, Zeus, Nitol and Bamital), the infected computers now check in with Microsoft. This data provides valuable information that can be used by ISPs and CERTs to notify victims and help them regain control of their computers. Now, by tapping into Microsoft’s vast cloud resources, we are able to share our cyber threat intelligence on known botnet malware infections with ISPs and CERTs in near real time with the new Windows Azure-based C-TIP cloud
service. This program will allow these organizations to have better situational analysis of cyber threats, and more quickly and efficiently notify people and businesses about potential security issues with their computers. 

More information about today’s news can be found at:


For updates on Microsoft’s ongoing work to combat digital crime, follow the Digital Crimes Unit on Facebook and Twitter.




Comments (0)

Skip to main content