Microsoft employees recently teamed up with United States marshals to raid buildings housing botnet equipment, according to the New York Times.
Microsoft lawyers and technical employees "gathered evidence and deactivated Web servers ostensibly used by criminals in a scheme to infect computers and steal personal data. At the same time, Microsoft seized control of hundreds of Web addresses that it says were used as part of the same scheme." The Microsoft personnel had obtained a warrant from a federal judge to conduct the sweep, which was part of a civil lawsuit brought by Microsoft targeting equipment used to control the botnets.
Microsoft argues that the individuals behind the botnets are violating Microsoft trademarks through their fake e-mails.
Mr. Boscovich said the
Friday sweep was meant to send a message to the criminals behind the
scheme, whose identities are unknown. “We’re letting them know we’re
looking at them,” said Mr. Boscovich after participating in the
Pennsylvania raid, in Scranton.
Before Friday’s sweep,
Microsoft attacked three botnets in the last couple of years through
civil suits. In each case, Microsoft obtained court orders that
permitted it to seize Web addresses and computers associated with the
botnets without first notifying the owners of the property. The secrecy
was necessary, Microsoft argued, to prevent criminals from
re-establishing new communications links to their infected computers.
The Times quoted some security
experts as deeming Microsoft's approach effective in fighting botnets.
Richard Perlotto, of Shadowserver Foundation, which tracks tools used
for online fraud and computer crime, pointed out that the activity is
not a replacement for law enforcement action. Microsoft's Richard
Boscovich equated the effort with a neighborhood watch program.
By Laura Spadanuta
http://www.securitymanagement.com/
