Top
220°

Microsoft Shores Up Its Cyberattack Defenses

The Microsoft facility, which opened in November, brings together roughly 50 security experts from Microsoft's Office and Windows group, its Xbox and Azure divisions and several other business units. The idea is to unify its disparate security teams, as well as the roughly 3,500 other security employees spread among offices nearby and throughout the world.

Microsoft declined to disclose the center's cost, but it said it spent $1 billion on security last year, including acquisitions.

"We can be much more predictive about security than we've been in the past," said Pete Boden, Microsoft's general manager of Cloud and Enterprise Security.

Oculus Quest Giveaway! Click Here to Enter
The story is too old to be commented.
PhoenixUp1382d ago

Companies need to take more action towards network security.

I'm glad this action means they're taking more of an initiative towards that goal.

1381d ago
christocolus1382d ago (Edited 1382d ago )

Good to see MS improving on this aspect. Security shouldn't be taken likely and it is one of the reasons Xbox live stands out.The recent attacks on the network proves they still got some work to do and i'm glad they realise this.

"The ubiquity of Microsoft's products makes it a big target for hackers."

"According to Microsoft, the key to rapid response is an emerging technology known as machine learning. The company has hired a group of so-called white-hat hackers known as the Red Team to attack its networks and software. Machine learning programs watch those incidents, as well as real attacks, to learn what attacks looks like and improve defenses. The system sifts the billions of pieces of data—customers logging in and out, using various software features, uploading and downloading files—looking for patterns that match, possibly indicating an attack."

FallenAngel19841382d ago

The Xbox Live issues just further shows how bad of an idea that Microsoft's original idea of an always online console would've been.

It's great to see them taking this matter a lot more serious.

jb2271381d ago

Crazy that people are disagreeing w/ at least the first sentiment. Imagine owning a $500 brick for even hours at a time, much less days or weeks. There needs to always be an offline option for devices, bottom line.

IGiveHugs2NakedWomen1382d ago

That's nice and everything, but it will do nothing to stop DDoS attacks. The only way to PREVENT a denial of service attack is to disconnect your network from the internet entirely, which for a corporation like Microsoft, is utterly impossible.

Khaotic1381d ago

I really have to doubt that the ONLY way to stop a ddos attack is to disconnect. To me it seems like if someone can do it then it can be stopped. It's just a matter of having the right security software. Like they said smart software.

Aenea1381d ago

Problem with this sort of thing is that it's a chicken and egg game, MS does something to their servers to detect most DDOS attacks and handle it well, then the people who do the DDOSing try to circumvent that and bring the network down claiming MS needs to up their security, etc., etc.

You can never prevent it from happening again...

rainslacker1381d ago

DDoS can only be prevented on private servers with proprietary access, and is still susceptible to attacks at different nodes within the network(hops on the internet which is where most of the current attacks take place).

The key to DDoS "prevention" is not stopping it completely, because that would be impossible on an open network by it's very nature, rather mitigating it's impact on the network to be negligible, or having no effect on the legitimate user.

The key to mitigating these attacks is being able to recognize when they happen sooner. The normal DDoS program will actually build it's attack over time, so it's less noticeable, and at first appears as a spike in normal traffic, until it gets to a tipping point where the servers can't keep up, and almost every packet is lost. This is why MS is trying to look at things which indicate an attack earlier, so they can actually do something about it before it happens. Such things will probably trickle down into other areas later on as well, so it's a good thing.

Anyhow, if you can detect the attack sooner, then they have the chance to block the false traffic, while allowing legitimate traffic through. This of course will mean that some people will still be effected, however, who and how many are affected can be greatly reduced.

If this happens, it leaves the only option for DDoS to just go balls to the wall right from the start, in which case, the internet infrastructure has ways to mitigate it's impact already using a virtual redundancy model which distributes those packets, and filters out erroneous and false data much faster than a companies servers.

1nsomniac1381d ago (Edited 1381d ago )

Rubbish, No it's not. My standard home router has DDOS protection.

The company I used to work for provided networks for oil companies that are obviously always under attack & we offered them DDOS protection solutions.

My current company that I work for has DDOS protection over the corporate VLAN which will actually show you a popup when it has blocked a DDOS attack. Which I get a lot on my work laptop.

It's success will obviously vary with the volume of DDOS attacks but this stupid notion that everyone has, that DDOS attacks are some kind of magical kryptonite is silly & getting out of control.

Aenea1381d ago

Wow, then all those big corporations like MS must be stupid to not be able to just use the simple DDOS attack solutions you've come across! /s

That's the thing, a DDOS attack from a single machine or a few can be effectively handled, but they use botnets with 1000s of machines hammering away. Use enough machines for it and even the best protection can't handle it.

So no, it's not rubbish, DDOS attacks can't be defended against. Or because you are nitpicking: massive DDOS attacks can't always be defended against...

rainslacker1381d ago (Edited 1381d ago )

If I knew your IP address I could DDoS your home router with a single computer. All I would need is a command line and a piece of code built into every operating system. I learned how to do it in college in a curriculum class. It's quite simple really.

The thing is, those routers only protect against DDoS that use erronious network protocols, however, most DDoS attacks today use standard protocols which your router has to accept in order to actually function as a router for the internet.

DDoS protection does not prevent the DDoS, and a DDoS against you only protects that erroneous data from getting to your personal devices. It does not prevent the stalling of your network services...which is the effect most people experience when these DDoS attacks happen against big companies.

The protection is there to recognize the attack, and allow you to mitigate it's effects and protect you from potential harmful hacks. It does not prevent the DDoS itself, nor it's inevitable results.

There are several high end ways to mitigate the effects of DDoS, and the level at which something is considered a DDoS attack can be modulated by the company based on their needs. However, this mitigation does not alleviate potential disruption, and the most important part of mitigation, is detection.

NeoGamer2321381d ago

Nice to know they are willing to spend to keep my data secure.

Aenea1381d ago

With a DDOS attack your data is not in jeopardy...

Khaotic1381d ago

The media has glorified these attacks as hacks, therefore scaring the general public into thinking its something more. In reality it's nothing more than spam software and an annoyance on the company and consumer.

NeoGamer2321381d ago

When did I say DDOS attack?

I am simply happy that they poured a billion dollars into security last year. And that they are working to have their security teams work more together.

Not many companies pour a billion dollars into security alone. I am glad MS is doing that. It shows me they are taking this seriously.

It would be interesting to know how much the competitors are pouring into the security of their servers and networks.

PS: DDOS attacks in some cases can trigger things on the servers that allow elevated privilege, hijacking, and then ultimately compromising of personal data.

rainslacker1381d ago

@Neo

The DDoS attack itself does not elevate privileges, nor compromise data. The packets in a DDoS don't work by expecting an answer, because if that answer came, it would stall the attacking computers.

DDoS can often be used to mask an actual hack, because with all the incoming unfiltered data, the attack packets may go unnoticed, or security people may be looking elsewhere. Typically though, when a DDoS on the server happens, the first thing looked for is if a hack is also happening, while others are trying to mitigate and stop the DDoS attack. In any case, the actual hack is a separate attack.

Show all comments (22)