Longtime computer security rivals are joining forces to battle increasingly sophisticated online attacks by cyber criminals.
“The attacks are getting more complex, and if we want to get ahead of attackers the call is to work together in a community approach,” Microsoft Security Response Center director Mike Reavey said.
“One of the things becoming clear is that customers want vendors to work together, and they want information and protection out faster,” he said.
Microsoft used a premier Black Hat security conference taking place this week in Las Vegas as a stage to unveil enhancements to the software giant’s computer defense collaboration efforts.
Microsoft released a new tool designed to make it easier for software security firms to model hacker threats and craft defenses.
The Redmond, Washington-based technology firm also unveiled a guidebook to demystify the realm of software security updates and vulnerability patches.
“There is a sea of information out there and we want to help customers navigate those waters,” Reavey said. “The guide walks them through what we do.”
A Microsoft Active Protections Program launched at Black Hat last year has grown to 47 members that share information to minimize time hackers have to craft and launch attacks on newly discovered software weaknesses, Reavey said.
“By working together, the security vendors get free vulnerability information, Microsoft knows their products will be protected from widespread exploitation when the disclosure goes out, and customers win by remaining protected,” TippingPoint security researcher Jason Avery said in a release.
“Everyone wins,” he said.
Microsoft provides computer security allies with an “exploitability index” that gauges the likelihood hackers will target various vulnerabilities to help security companies prioritize responses.
Microsoft also shares lessons learned while analyzing software for flaws.
“What we are seeing is they are working well with us and we are working well together,” Reavey said of allies in the software security world.
Security industry teamwork was crucial in countering a Conficker virus that plagued the Internet early this year.
Microsoft rallied a task force to stamp out Conficker, also referred to as DownAdUp, and the software colossus has placed a bounty of US$250,000 on the heads of those responsible for the threat.
The worm, a self-replicating program, takes advantage of networks or computers that haven’t kept up to date with security patches for Windows.
It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another.
Conficker could be triggered to steal data or turn control of infected computers over to hackers amassing “zombie” machines into “botnet” armies.
Tools to remove Conficker virus and prevent its spread have been released, but computers without properly updated software could still be vulnerable.