Microsoft steps up fight against cybercrime

REDMOND — In his quest to take down cyber criminals, seasoned Microsoft digital forensics sleuth Donal Keating has gone from tackling brutally violent Mexican drug lords to identifying covert one-person operations in China and cracking large-scale international piracy syndicates.

The Irishman, based in the recently-opened Microsoft Cybercrime Center at the company’s Redmond headquarters in the United States, goes on raids four or five times a year, assisting law enforcement officials all over the world in looking for evidence that could nail even the wiliest cyber criminal.

In one case last December, the 14-year veteran and his fellow cybercrime fighters detected thousands of product keys for Microsoft Office 2010 were being tested on four computers and tracked the source to an individual in the US.

Mr Keating, 51, who went on the raid recalled: “They are like drug dealers now. He had bought the product keys from multiple sources and was testing them because some suppliers can be unreliable. He didn’t want customers to have product keys that failed, and then alert Microsoft to it.”

Increasingly, cyber criminals are also lacing counterfeit software with dangerous malware that can compromise the security of computer users, Mr Keating said.

According to a study commissioned by Microsoft last year, 78 per cent of pirated software downloaded from websites or peer-to-peer networks included some type of spyware, while 36 per cent contained Trojans and adware.

To beat them at their game, the centre, which was opened last November, has invented a new algorithm that will alert the team to computers that are testing thousands of keys at one go.

Internationally, the centre is supported by 12 satellite offices, including one in Singapore.

According to Mr Keating and his long-time partner in the division, Ms Zoe Krumm, big data is being increasingly used in cyber forensics to identify and predict criminal behaviour patterns and see where stolen product keys are being activated.

In today’s interconnected world, stolen product keys can travel far and wide. In one breach at a China facility last July, an employee was found to have copied more than 300,000 product keys. Tracking the keys was a mammoth task — more than 6,000 computers were found to be using the keys, with an additional 60,000 new computers every month all over the world. In this case, 1,476 computers in Singapore were found to be using the stolen keys, said Mr Keating.

Sourse: todayonline.com