Inside Microsoft's Digital Crimes Unit

← Back to Stories (view on slashdot.org)

Inside Microsoft's Digital Crimes Unit

Posted by samzenpus on Thursday December 19, 2013 @01:03AM from the throwing-crime-out-the-window dept.

jfruh writes "You may find it mildly creepy that Microsoft has a private police force, but the Digital Crimes Unit has helped real law enforcement do things like disrupt huge botnets. According to Richard Boscovich, assistant general counsel for the Digital Crimes Unit, Microsoft is only able to do all this by relying on the company's existing infrastructure, including its Azure cloud service. The DCU can provision compute time from the cloud as necessary to combat complex threats, he said, and also uses cloud services to share information with law enforcement agencies quickly."

72 comments

Min score:

Reason:

Sort:

Digital Crimes Unit by korbulon · 2013-12-19 01:10 · Score: 5, Funny

AKA the Windows 8 development team.
1. Re:Digital Crimes Unit by korbulon · 2013-12-19 01:37 · Score: 4, Funny
  
  A joke at Microsoft's expense moderated as Troll on Slashdot? Well now I've seen everything.
2. Re:Digital Crimes Unit by fisted · 2013-12-19 01:55 · Score: 1
  
  You didn't honestly think /. wouldn't have its share of Microsoft fanboys?
  
  Best Regards, A member of the BSD fanboy fraction.
  
  --
  CLI paste? paste.pr0.tips!
3. Re:Digital Crimes Unit by MickyTheIdiot · 2013-12-19 02:26 · Score: 1
  
  I was thinking that the Office development team was renamed for few seconds...
4. Re:Digital Crimes Unit by Anonymous Coward · 2013-12-19 02:43 · Score: 0
  
  No, pretty sure that's the Digital Crimes Against Humanity Unit.
5. Re:Digital Crimes Unit by Nerdfest · 2013-12-19 02:44 · Score: 0
  
  There seem to be a large number of even remotely anti-Microsoft posts moderated down heavily these days. It's looking very much like they're (still) paying people to hang out on Slashdot and other forums to try to boost their image. It could just be rabid MS fanboys, but that really seems unlikely.
6. Re:Digital Crimes Unit by Anonymous Coward · 2013-12-19 02:48 · Score: 0
  
  A joke at Microsoft's expense moderated as Troll on Slashdot? Well now I've seen everything.
  In Capitalist America, /. trolls you
7. Re:Digital Crimes Unit by korbulon · 2013-12-19 02:59 · Score: 4, Funny
  
  I was thinking that the Office development team was renamed for few seconds...
  That would be the Special Victims Unit.
8. Re:Digital Crimes Unit by Anonymous Coward · 2013-12-19 03:46 · Score: 3, Insightful
  
  Microsoft doesn't have fanboys, Apple does. Microsoft has shills -- nobody but Microsoft employees, computer repairmen, antivirus companies, and MS shareholders have any love at all for Microsoft.
  Apple has fans.
  Microsoft has shills.
  Linux has zealots (I'm one)
  If Microsoft didn't suck I wouldn't be using Linux.
9. Re:Digital Crimes Unit by Kalriath · 2013-12-19 08:41 · Score: 0
  
  You know, you are probably also a Microsoft shareholder. I'd say practically every retirement/pension fund on earth has Microsoft shares in their portfolio, since they have decent dividends and almost never devalue.
  So what does this mean for your original point?
  
  --
  For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
10. Re:Digital Crimes Unit by hcs_$reboot · 2013-12-19 13:16 · Score: 1
  
  ++1. Too bad I run out of mod points.
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
Misinterpeted headline by SirGarlon · 2013-12-19 01:11 · Score: 4, Funny

And here I thought from the headline that TFA would be about a group at Microsoft in charge of *committing* digital crimes!
(That would have been funnier 15 years ago. At this point, I would say if Microsoft needed a full-time team to commit crimes, it would be only so they could catch up to the competition.)

--
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
1. Re:Misinterpeted headline by Anonymous Coward · 2013-12-19 01:32 · Score: 1
  
  That was true 15 years ago: how do you think Windows NT happened? They hired David Cutler from DEC, and he brought along the guts of VMS.
2. Re:Misinterpeted headline by Anonymous Coward · 2013-12-19 02:41 · Score: 1
  
  Failing that they could always employ apk to fine-tune their hosts file security, and he has plenty of stalking experience already.
Real Stories of the Windows Cyber Patrol by Anonymous Coward · 2013-12-19 01:15 · Score: 0

Did the CEO ever throw a chair through the forensics labs' plate glass window?
1. Re:Real Stories of the Windows Cyber Patrol by Anonymous Coward · 2013-12-19 02:38 · Score: 0
  
  No, the dent is from his head.
not creepy at all by Anonymous Coward · 2013-12-19 01:16 · Score: 0

merely confirmation of corporate dystopia
it's a great future we live in!
If only... by Anonymous Coward · 2013-12-19 01:20 · Score: 0

Too bad that what they're really doing is play whack-a-mole with botnets, apparently more for the fawning press releases than to actually solve a problem. If only they'd been a little less lax with their code "security was not a priority" practices, we'd all been far better off. So much for redmond improving the world through their wonderful software.
1. Re:If only... by RaceProUK · 2013-12-19 02:32 · Score: 4, Interesting
  
  Yes they could have had a proper security model in the early 90s, and yes they could have forced all users to run under limited accounts by default. But let's not let that get in the way of the #1 reason Windows has this many known vulnerabilities - when you're on 90%+ of the world's PCs, you make one hell of a juicy target.
  
  --
  No colour or religion ever stopped the bullet from a gun
2. Re:If only... by Anonymous Coward · 2013-12-19 03:43 · Score: 0
  
  All the more reason to do your homework, instead of being the low hanging fruit as well as the most prolific target.
  That is, I'm saying that them being the juiciest target they had a responsibility to be extra careful it didn't lead to the monoculture problems we're seeing now. A responsibility they knowingly didn't take--by their own admission.
  So yes, yes you are right, and that makes two strikes against them; it is quite the oppsite of an excuse. Especially since "taking over the world" has always been a goal and in fact a core value of the company. That makes the company's acting criminally irresponsible, doubly so.
3. Re:If only... by Anonymous Coward · 2013-12-19 10:28 · Score: 0
  
  Yes they could have had a proper security model in the early 90s, and yes they could have forced all users to run under limited accounts by default. But let's not let that get in the way of the #1 reason Windows has this many known vulnerabilities - when you're on 90%+ of the world's PCs, you make one hell of a juicy target.
  Microsoft didn't bother with even basic system security for decades. The fact that they were operating in a large market is irrelevant. They largely created the malware market themselves and should be held accountable for it.
4. Re:If only... by RaceProUK · 2013-12-19 14:45 · Score: 1
  
  Had they known in '85 how important the (as yet nonexistent) Internet would be, would they have made the same mistakes?
  What if Linux was dominant instead? Do you really believe there'd be no malware market?
  It never ceases to amaze me how many people don't realise hindsight is always 20/20.
  
  --
  No colour or religion ever stopped the bullet from a gun
Creating a Solution for a Problem they Created by stonebit · 2013-12-19 01:26 · Score: 5, Insightful

Does this sound corrupt or what? They created the problem and now they have a solution, but at a cost. Sounds like double dipping into the customer's wallet.
1. Re:Creating a Solution for a Problem they Created by Anonymous Coward · 2013-12-19 02:36 · Score: 0
  
  Really how do you blame MS for what hackers are doing? What do you say about the recent hacks on Linux servers? Whose making is that? I understand in here it is a fad to bash MS for everything? Thieves are there everywhere brother. You secure something, they will try to find a way to hack it.
2. Re:Creating a Solution for a Problem they Created by Anonymous Coward · 2013-12-19 03:21 · Score: 0
  
  Does this sound corrupt or what? They created the problem and now they have a solution, but at a cost. Sounds like double dipping into the customer's wallet.
  The US defence contractors have been operating under this business model since the Cold War. Microsoft is only 50 years late to the party but fortunately for them the battleground is changing from physical to virtual. Have you tried flying a F/A-18 in a virtual world? Oh wait! Microsoft developed Flight Simulator a few decades ago. I guess they were the geeks nobody invited to the party so they are hosting their own party now. Those "cool kids" from the 1980s are going to sorry now. ;-)
3. Re:Creating a Solution for a Problem they Created by jader3rd · 2013-12-19 04:52 · Score: 1
  
  Does this sound corrupt or what? They created the problem and now they have a solution, but at a cost. Sounds like double dipping into the customer's wallet.
  So people or companies shouldn't try to fix problems they created?
4. Re:Creating a Solution for a Problem they Created by Anonymous Coward · 2013-12-19 06:00 · Score: 0
  
  Really how do you blame MS for what hackers are doing? What do you say about the recent hacks on Linux servers? Whose making is that? I understand in here it is a fad to bash MS for everything? Thieves are there everywhere brother. You secure something, they will try to find a way to hack it.
  I suppose the difference is that with MS products, the hacks are more likely to succeed.
5. Re:Creating a Solution for a Problem they Created by icebike · 2013-12-19 09:15 · Score: 1
  
  Does this sound corrupt or what? They created the problem and now they have a solution, but at a cost. Sounds like double dipping into the customer's wallet.
  So people or companies shouldn't try to fix problems they created?
  Not sure I've heard anyone complaining, other than about the price of Azure services.
  It now appears Azure users are picking up the tab for building Microsoft's private bot army which it uses to take down other bot armies. Some of this is good, but you have to assume most of it is self serving. In addition to taking down hackers, we can only guess what else they might be collecting and who else they might be serving.
  I won't pay for Azure when I know significant parts of the infrastructure are intended only for Microsoft's private vendettas.
  
  --
  Sig Battery depleted. Reverting to safe mode.
Yea ok by Anonymous Coward · 2013-12-19 01:27 · Score: 1

"Microsoft is only able to do all this by relying on the company's existing infrastructure, including its Azure cloud service"
Yea sure, the cloud enabled you to do this. Infomercial much?
1. Re:Yea ok by hawguy · 2013-12-19 02:29 · Score: 3, Insightful
  
  "Microsoft is only able to do all this by relying on the company's existing infrastructure, including its Azure cloud service"
  Yea sure, the cloud enabled you to do this. Infomercial much?
  I was wondering about that too -- how much compute power does it take to combat a Botnet, and why does it require Azure -- couldn't Amazon AWS would just as well?
2. Re:Yea ok by RaceProUK · 2013-12-19 02:35 · Score: 1
  
  Why use someone else's cloud when you can plug your own? That, and the money stays in-house instead of going to a competitor.
  
  --
  No colour or religion ever stopped the bullet from a gun
3. Re:Yea ok by hawguy · 2013-12-19 02:38 · Score: 2
  
  Why use someone else's cloud when you can plug your own? That, and the money stays in-house instead of going to a competitor.
  Well yeah, I understand why Microsoft uses Azure, but they make it sound like Azure is an important part of why Microsoft can fight off a botnet, when there are plenty of other cloud services out there that have similar capabilities.
4. Re:Yea ok by TFlan91 · 2013-12-19 04:20 · Score: 2
  
  My point wasn't how does Azure suddenly make this possible. My point was how does cloud computing in general make this happen?
  Anything you do on the "cloud", i can do in my basement.
5. Re:Yea ok by hawguy · 2013-12-19 04:31 · Score: 2
  
  My point wasn't how does Azure suddenly make this possible. My point was how does cloud computing in general make this happen?
  Anything you do on the "cloud", i can do in my basement.
  The cloud can make some things much more economical. If you need 1000 servers spun up within an hour and only need them for 24 hours, you're going to spend a lot more doing that in your basement than you'd spend at a cloud provider.
6. Re:Yea ok by icebike · 2013-12-19 09:20 · Score: 1
  
  Why use someone else's cloud when you can plug your own? That, and the money stays in-house instead of going to a competitor.
  And why build your own cloud when you can have your users fund it for you. If Microsoft wasn't funneling off resources from Azure for their own pet projects, who much less would it cost the average user?
  
  --
  Sig Battery depleted. Reverting to safe mode.
7. Re:Yea ok by hawguy · 2013-12-19 09:25 · Score: 1
  
  My point wasn't how does Azure suddenly make this possible. My point was how does cloud computing in general make this happen?
  Anything you do on the "cloud", i can do in my basement.
  The cloud can make some things much more economical. If you need 1000 servers spun up within an hour and only need them for 24 hours, you're going to spend a lot more doing that in your basement than you'd spend at a cloud provider.
  How did this get modded "troll"?
8. Re:Yea ok by Anonymous Coward · 2013-12-19 11:05 · Score: 0
  
  you made a comment that didn't make MS look bad, you are on Slashdot where anything not abusing MS MUST be trolling.
Law & Order: DCU by Anonymous Coward · 2013-12-19 01:34 · Score: 2, Funny

In the digital justice system, the people are represented by two separate yet equally important values. The ones who investigate crime and the zeros who prosecute the offenders. These are their stories. Dun Dun.
1. Re:Law & Order: DCU by rmdingler · 2013-12-19 02:03 · Score: 1
  
  Well done, ac, well done.
  
  --
  Happiness in intelligent people is the rarest thing I know.
  Ernest Hemingway
Re:More like the NSA's crime unit by noh8rz10 · 2013-12-19 01:43 · Score: 0

Why have their been so many Microsoft stories recently? Are they a sponsor?
"Microsoft has a private police force" by rmdingler · 2013-12-19 02:01 · Score: 1

Not nearly quite as unsettling as the government having a public one.

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
When do we get Law and Order:DCU by WolfgangPG · 2013-12-19 02:08 · Score: 0

Law and Order: DCU will certainly be a show within 2 years maybe?
1. Re:When do we get Law and Order:DCU by WolfgangPG · 2013-12-19 02:08 · Score: 1
  
  Ugh, I got beat... :(
only with azure? by ZiggyM · 2013-12-19 02:29 · Score: 1

Can be done with any of the cloud providers. They just chose azure but doesnt mean it can "only" be done with it like they say in the slashvertisement.
Finally, Honesty in Branding! by Anonymous Coward · 2013-12-19 02:45 · Score: 0

Such a better name that the old one "Internet Explorer".
yeah yeah yeah, but... by BringsApples · 2013-12-19 02:56 · Score: 4, Informative

They may assist the police with some things, but what they mostly do is go around making sure that you have (the correct) licenses for your windows boxes. Anyone that's dealt with Microsoft's licenses knows that it's a huge mess that's difficult to understand as some licenses overlap in their design. Once you have the wrong license, even if the license that you have is much much more expensive than the one you need, these guys come at you bro, hard - as if you are a criminal.

It's this very business model that we all loathe so.

--
Politics; n. : A religion whereby man is god.
They copy crime-fighting techniques from elsewhere by Anonymous Coward · 2013-12-19 02:59 · Score: 0

... and charge for them, even if they don't work.
Most fitting by Anonymous Coward · 2013-12-19 03:58 · Score: 0

MS knows about criminal behavior all right. Which makes me wonder how anybody can work for them and not fee filthy? Well, money talks, I guess.
Am I the only one deeply disturbed by this? by Anonymous Coward · 2013-12-19 04:52 · Score: 0

Microsoft acting as a law enforcement agency deeply disturbs me. Why is a corporation being allowed to do this? I know there is some oversight by real law enforcement agencies, but the government has essentially picked MS as a white-hat good guy, and allowed them to do things no other citizen could do like be involved in confiscating private property.
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 05:56 · Score: 1

That's troll's getting a little old, son. Better quit now before you lose all your karma... if you have any left.

--
Free Martian Whores!
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 05:57 · Score: 1

(By the way, "their" should have been "there").
The number of aliterates who are visiting slashdot these days astounds me. People who don't read on a nerd site? It's sad how many people here in the last five years or so can't handle homophones, use grocers' apostrophes, and think "lose" and "loose" are synonyms (if the word "synonym is even in their vocabulary).
As to the aliterate's comment, he was right -- just look at this comment. A humorous jab at Microsoft's most hated OS ever and he gets modded "troll". Nobody but a shill would downmod that comment, it should be +3 funny and the shill who modded him down should never get mod points again.

--
Free Martian Whores!
Re:More like the NSA's crime unit by davester666 · 2013-12-19 06:29 · Score: 1

I thought the title was about Microsoft's UI design team.

--
Sleep your way to a whiter smile...date a dentist!
Re:More like the NSA's crime unit by hawkinspeter · 2013-12-19 07:24 · Score: 1

Okay mister, guess I had a good run with that one. I'll be more careful in future - gotta keep good karma.

**waits for McGrew to leave the room and go berate some other young'un, checks the coast is clear and starts looking for another first post to troll**

--
You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
Re:More like the NSA's crime unit by hawkinspeter · 2013-12-19 07:28 · Score: 1

Look, I'm not willing to read all these shenanigans about aliterates (although the lose/loose confusion really bugs me whenever I see it ;)

That comment is currently marked at +5 funny, but I'm confused: isn't Vista the most hated Microsoft "OS"?

--
You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
Article quote & 'sinkholing' Citadel by Anonymous Coward · 2013-12-19 07:37 · Score: 0

"In mid-November, Microsoft unveiled a facility on its Redmond, Wash., campus that had become the new home for its Digital Crimes Unit. It took the opportunity to offer up new details about the multi-agency initiative that disrupted the huge Citadel botnet earlier this year" - from article source -> http://www.itworld.com/cloud-computing/394553/how-azure-helps-microsoft-take-down-cyber-criminals

Citadel's STILL alive though -> https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
(Sinkholing, while effective, doesn't ALWAYS work... that's proof...)
It's also WHY I almost never remove validly known botnet C&C Servers (malware-in-general etc.) in my custom hosts file @ 2,199,119++ entries strong & growing daily.
Why? Fastflux & Dynamic DNS utilizing botnets is why. They recycle/reuse them. Even if only "eventually" after long periods. So not responding to pings (easily faked in TCP parameters), or just not being up currently? Doesn't prove a valid testbed for removal either since that occurs.
I.E.-> Want to *try* to recycle them to use vs. me? Good luck - I'm "pre-covered" with data since 1997...
APK
P.S.=> I get the data & merge it with my existing hosts file (built since 1997) via this app I created in 32/64-bit code http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 to make the impossible for 1 person alone to do import-> deduplication & normalization filtering stages with that many entries vs. a 24-hour period - especially to combat this threat but it's only a partial reason why I use hosts. They give added speed, security, reliability vs. DNS hijack or failure, & even added "anonymity" to an extent if you wish as a "side-effect" of speedup & reliability features they yield...
... apk
Re:More like the NSA's crime unit by Some_Llama · 2013-12-19 07:43 · Score: 1

you missed the trailing " on "synonym
not pedantic enough perhaps?
Re:More like the NSA's crime unit by Anonymous Coward · 2013-12-19 07:52 · Score: 0

I always though Windows ME was the most hated. Or is the public memory that short?
Re:More like the NSA's crime unit by noh8rz10 · 2013-12-19 08:37 · Score: 1

(By the way, "their" should have been "there").
The number of aliterates who are visiting slashdot these days astounds me. People who don't read on a nerd site? It's sad how many people here in the last five years or so can't handle homophones, use grocers' apostrophes, and think "lose" and "loose" are synonyms (if the word "synonym is even in their vocabulary).
Frownie face... Believe it or not, when I'm banging out a comment on my phone while on the crapper, I don't act like I'm composing a masterpiece. No need to hate, man.
fuck slashdot beta won't autofill the subject on r by Anonymous Coward · 2013-12-19 09:42 · Score: 0

Muphrey's law.
Re: fuck slashdot beta won't autofill the subject by NicWilson · 2013-12-19 10:51 · Score: 1

Murphy...
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 14:30 · Score: 1

That's why I never comment with the phone. That's what the laptop is four; oops, FOR.

--
Free Martian Whores!
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 14:40 · Score: 1

Talk to my editor, it's his fault.

--
Free Martian Whores!
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 14:50 · Score: 1

Not any more, W8 surpassed it. Yet another triumph for Microsoft!
I'm surprised that nobody thought "aliterate" was a misspelling of "illiterate". I usually get chuckles from that one, although the last time I did it somebody actually looked it up.
Aliterates at a nerd site annoy me. You're a nerd, you read books. But these guys that don't know their from there from they're, well, to paraphrase Twain, an aliterate has no advantage over an illiterate."
I think I'll make that my sig after Christmas.

--
Free Martian Whores!
Re:More like the NSA's crime unit by mcgrew · 2013-12-19 14:54 · Score: 1

+5 funny

--
Free Martian Whores!
Re:More like the NSA's crime unit by hawkinspeter · 2013-12-19 20:07 · Score: 1

Actually I had to look it up as I thought it was a misspelling and I'd never seen that word before.

--
You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
Re: fuck slashdot beta won't autofill the subject by Anonymous Coward · 2013-12-20 07:09 · Score: 0

No, Muphry.