Security Problems

Stephen Yagielowicz
Microsoft has a big problem with security. It is not simply a case of any particular deficiencies or vulnerabilities in its wares, but of the sheer volume of attacks that are carried out against its often market-leading wares — which includes a third of the web server market and nearly the entire desktop market.

For example, security experts GData found that Windows-based systems (desktop, mobile and server) were targeted by more than 94 percent of the malware released this year, by exploits including keyloggers, Trojans and viruses — predicting that in excess of 2 million new malware entities will be created in 2010 alone.

That is an attack rate of four new threats emerging every minute: a volume of attack that computer users cannot possibly be fully protected against, regardless of the number of antivirus programs they use or the frequency with which virus definitions are updated.

While no on suggests that taking proper security precautions such as using updated antivirus software and a firewall is ineffective, preventing an attack seems impossible, leaving careful monitoring and quick responsiveness as important defensive measures.

“Go out and practice incident response!” exclaimed security consultant Dr. Anton Chuvakin. “I freak out when I hear people talk about being proactive. You need to focus on being quickly reactive.”

For its part, Microsoft is fighting the attackers on a variety of fronts, including its successful Operation b49, which is responsible for the elimination of the Waledac botnet, “a network of tens of thousands of computers hijacked by bot-herders to spread malware, send spam and commit other forms of cybercrime.”

Microsoft obtained ownership of 276 domain names used by the botnet in a court judgment — despite the botnet’s DDOS attacks against the company’s attorney’s offices.

The victory will serve as a template for further disruptions of criminal hackers.

“Through this process, the courts and the security community have paved the way for future takedowns in cases where criminals are abusing anonymity to victimize computer users around the world,” Microsoft stated on its official blog.

“The Waledac takedown is the first undertaking in a larger Microsoft-led initiative called Project MARS (Microsoft Active Response for Security), which is a joint effort between Microsoft’s Digital Crimes Unit, the Microsoft Malware Protection Center (MMPC), Microsoft Support and the Trustworthy Computing team to annihilate botnets and help make the Internet safer for everyone,” the statement continued. “We believe the Waledac takedown will be the first of many successful endeavors for Project MARS and we’re already working to apply the lessons we learned from this operation to future initiatives.”

As a result of these and other initiatives, Windows system administrators may face an easier time of keeping the bad guys at bay.