Imagine negotiating an important business deal only to discover that the people sitting across the table from you already knew your bottom line because your company’s computer network had been hacked the night before.
Or having to spend a year’s profit trying to fix your IT system – and your reputation – because someone in your company installed software from an unsecure source, for example a personal laptop brought into the office, which was infected by malware. This in turn infected your company’s network and sensitive customer information was stolen.
You’d never let that happen to you, right? But it happens to 1 in 12 of us every second, so you, or someone you know, will have been affected by cybercrime at some point. This could include being tricked by phishing attacks and email scams, having your personal financial information recorded through monitoring of the keys you strike on your keyboard, or having your commercial IP stolen.
Viewed individually, these kinds of events can be worrying, expensive and extremely difficult to tackle. Analyzed collectively it’s clear that the cybercriminals behind them have made their global operations far more sophisticated and can now create and distribute malware that are evolving at the speed of light. The risk to individuals and companies is growing and the traditional response won’t suffice. Proactive action is required if they are to be stopped. For example, the Rustock malware infected 2.5 million computers and sent 30 billion spam emails a day before it was successfully disrupted in 2011. This was not the work of amateurs and it was only effectively dismantled thanks to the coordination and planning of a public-private partnership forged through cyber threat intelligence.
The financial costs of cybercrime are difficult to quantify but even conservative estimates are staggering at €100 billion a year for consumers alone. This year, businesses in Europe are expected to spend €44 billion on cleaning up the mess associated just with malware, the infected software which can lead to click fraud, financial fraud, denial of service attacks and identity theft. And that’s before you factor in phishing and a whole host of other activities that inflict tremendous damage and frustration to those attacked.
No wonder cybercrime has been called a tax on innovation.
The borderless nature of the internet makes it fertile ground for criminals who want to commit crimes anonymously and remotely to avoid prosecution. That’s why we’ve also been evolving through educating and raising awareness, as well as taking the fight directly to the criminals through innovative legal action. This approach culminated with the opening of the Cybercrime Center in November 2013, which is the home of Microsoft’s Digital Crimes Unit (DCU).
The DCU’s global team of legal, investigative, technical and business experts work in close partnership with law enforcement, policymakers and other private sector organizations from all over the world to protect people and create a safe digital environment. Every day DCU servers are pinged around 700 million times by computers that are infected by malware. Through our Cyber Threat Intelligence Program we are then able to share cyber-threat intelligence with government computer emergency response teams enabling them to better protect their critical computer infrastructure. In turn, those government organizations can work with internet service providers so they can alert their customers to potential infections and provide a remedy to remove the malware.
So far we’ve made some real breakthroughs with this approach. Last year we were part of the team that pulled the rug from under the Zero-Access botnet, which had infected almost 2 million computers and stolen millions of dollars from online advertisers. Working alongside Europol’s new EC3 cybercrime unit (with whom we have also signed a memorandum of understanding) and, through them, the high-tech crime units of Germany, the Netherlands, Latvia, Luxembourg and Switzerland we were able to take coordinated action to effectively dismantle botnet criminal infrastructure on the internet.
The work of the Cybercrime Center also focuses on helping to protect vulnerable groups, such as children and the elderly, from online exploitation. This aligns with the priorities of EU policymakers who are increasingly focused on helping Member States develop their own capacity to fight cybercrime.
Together industry, policymakers and law enforcement professionals have worked hard to prevent the fight against cybercrime becoming a game of ‘whack-a-mole’. Criminals will continue to evolve and we will continue to invest in the latest tools and technologies, increase our knowledge of the criminal infrastructure, undertake pro-active disruption, build strong and secure products and cloud services and forge strong public-private partnerships. Working together in public-private partnerships means we can proactively contain and disrupt current and future cyber-threats. But we must remain one step ahead. Otherwise, an outdated approach runs the risk of being outfoxed by the criminals we aim to stop.