[ISN] New Microsoft portal will help cops

InfoSec News isn at c4i.org
Thu Sep 1 05:16:51 EDT 2005


By Joris Evers
Staff Writer, CNET News.com
August 31, 2005

MONTEREY, Calif. -- Expanding its efforts to help law enforcement with
cybercrime investiga1tions, Microsoft plans in the coming months to
launch a new online resource.

The Web site will include training, tips and tools for investigations
and information on cybercrime, Richard LaMagna, director of worldwide
law enforcement programs at Microsoft, said in an interview with CNET
News.com on Wednesday at the annual High Technology Crime
Investigation Association event here.

"We want to help law enforcement develop the capability to deal with
these cybercrime problems," said LaMagna, a former federal agent. "We
believe it is important for private industry to support law
enforcement, particularly with cybercrime. It is not the kind of thing
the FBI, NYPD or customs agents can do on their own."

Microsoft's online training will include simple forensic skills--for
example, guidance on digging up information on the hard drive of a
seized Windows PC, and basic online investigation techniques such as
trace routes and Whois domain database lookups, LaMagna said.

"There are still a lot of law enforcement people out there who don't
know how to trace an IP address or an Internet domain," he said.

Other information on the Web site will include details on recent
legislation. Microsoft also plans to offer specialized technical
support to investigators.

Microsoft already is active in helping law enforcement. For example,
the company has hosted two multiday training sessions on botnets in
the past year, one in the United States and one in Europe. A third
session is scheduled for October at Microsoft's Redmond, Wash.,
campus, LaMagna said.

Botnets are networks of hijacked computers that are typically used for
criminal activity. Criminals have used botnets for sending spam,
spreading malicious code, launching denial-of-service attacks and
extortion attempts, according to security experts. Microsoft's new
portal will offer a software tool to help detect botnets, LaMagna

The "Law Enforcement Portal" also will have contact details for people
within Microsoft who deal with requests from the authorities, LaMagna
said. These could be requests for information on Hotmail users, for
example, he said.

Educating law enforcement is only part of Microsoft's efforts to fight
cybercrime. The company also has its own team of about 50
investigators. Intelligence gathered by this "Internet Safety
Enforcement" group has helped track down the suspected creators of the
recent Zotob worm, among other cybercriminals.

Microsoft also is active in fighting spammers in court. And it
introduced a computer system designed to let police agencies share
information for tracking online child predators.

The new Law Enforcement Portal should be online by November, LaMagna
said. The site will initially be in English only, but there are plans
to translate it into other languages. Access will be limited to law
enforcement officials.

More information about the ISN mailing list