Microsoft have announced that they intend to make more help available in combating cyber-crime by making a real-time, hosted threat intelligence feed available to help government, industry and security experts combat malware.
An application programming interface (API) is to be made available to help integrate the intelligence feed into other applications that organisations deploy. Microsoft are already very active in helping emergency response teams clean up and contain malware threats. The information they use to do this is now to be made available to others “who can take action to address infections in a more systematic and ongoing manner”, a company spokesman is quoted as saying in an article in scmagazine.com.
Such information will help security companies to combat the threat more quickly. It may also assist in helping companies and forensic analysts identify the threats and causes of security incidents within client companies.
Investigation of computer security incidents in corporate and government networks can help uncover the path and causes of malware infections, and help identify internal behaviours by staff that led to initial infections. Understanding these causes can feed in to developing forensic awareness training within an organisation. Computer forensic examiners can assist in identifying and neutralising future threats and malware infections.