Assistant General Counsel, Microsoft Digital Crimes Unit
Yesterday, I had the pleasure of being able to serve as a panelist at an @Microsoft Breakfast Conversation held at Microsoft’s Innovation and Policy Center in Washington, D.C., an event which focused on how public-private partnerships can be a useful tool in fighting cybercrime, and more specifically, battling botnets. The panel featured keynote remarks from Senator Sheldon Whitehouse (D-R.I.), who contextualized the scope and impact that botnets have had in recent years and opened a discussion exploring how the public and private sectors can work together to disrupt and undermine the cybercriminal ecosystem.
I was joined by esteemed co-panelists Errol Weiss, Director of Citi’s Cyber Intelligence Center and a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC); Joseph Demarest, Assistant Director of the Federal Bureau of Investigation’s Cyber Division; and moderator Allan Friedman, Research Director of the Center for Technology Innovation at the Brookings Institution. We discussed the challenges associated with tackling botnets and the roles that the public and private sectors can play separately, as well as collectively, in helping protect people, businesses and critical infrastructure from online threats.
Microsoft has in recent years been deeply focused on public-private cooperative actions for cybercrime disruption – especially when it comes to botnets. By disrupting the infrastructure cybercriminals use to make money and increasingly building the capacity to be able to do so at scale, our actions increase the risks and therefore the costs for cybercriminals to develop and manage botnet infrastructures they use to commit a myriad of crimes. In each of our botnet operations to date, we have used a multi-faceted approach, which includes evolving technology to withstand threats more effectively, leveraging legal process and technology to take botnets away from criminals and make the operation of botnets less profitable, and partnering with others to clean infected computers and educate people about the threat.
The most recent example of this approach being used is when Microsoft cooperated with financial services industry leaders, technology industry partners and the FBI to disrupt more than 1,400 Citadel botnets in June. By combining our collective expertise and taking coordinated steps to dismantle the botnets, we have been able to significantly diminish Citadel’s operation, rescue victims from the threat, and make it more costly for the cybercriminals to continue doing business.
According to our data, as of July 23, our coordinated action against the threat has disrupted roughly 88 percent of the Citadel botnets operating worldwide. In addition, our analysis shows that approximately 40 percent of the computers we believe to have been infected with Citadel and directly impacted by our operation have been cleaned since the time of our action in June, and we continue to work with others to help clean the remaining victims. As I stated in a recent blog post sharing our initial revelations from this operation, we believe that this was a very successful action, and we continue to be pleased with the positive results we’re seeing.
We see the collaborative actions taken by public and private sector partners as both deliberate and instrumental in helping maximize our efforts to reduce the impact of botnets and other online threats. These partnerships are essential to our success in addressing cybercrime, and I’m proud to work for a company that is committed to working responsibly, creatively and collaboratively with these groups to tackle this problem. I look forward to exploring how we can grow these partnerships and continue the thoughtful exchange of ideas in order to advance the fight against cybercrime. Together, the private and public sectors can disrupt criminal networks and protect innocent people around the world.
To hear more of the discussion, please watch the video embedded in this post. To stay up-to-date on the latest developments on the fight against cybercrime, please follow the Microsoft Digital Crimes Unit on Facebook and Twitter.