The Australian Communication and Media Authority has formed an alliance with Microsoft to fight cybercrime.
Microsoft, through its Cyber Threat Intelligence Program (C-TIP), and the Australian Communication and Media Authority’s (ACMA) Australian Internet Security Initiative (AISI) have struck a new agreement to fight cybercrime.
The agreement involves real-time sharing of data on Australian computers identified as being infected with malware.
This collaboration will allow the ACMA to have better situational awareness of cyber threats, which in turn will enable it to more quickly and efficiently notify ISPs of potential security issues with their customers’ computers.
AISI, which has operated since 2005, is recognised globally for its work in sharing threat information with local Internet Service Providers (ISPs).
The announcement coincides with new research from Microsoft that shows cybercriminals are increasingly turning to deceptive tactics for malicious purposes, such as stealing people’s personal and financial information, as attacks against software are become more difficult and expensive.
The data revealed that there has been a 70 per cent decline in the number of severe vulnerabilities exploited in Microsoft products between 2010 and 2013.
However, in the last quarter of 2013, the number of computers that had to be disinfected as a result of deceptive tactics more than tripled.
Microsoft Australia chief security advisor, James Kavanagh, said Australia played a significant role in the global fight against these forms of cybercrime through the Melbourne-based Microsoft Malware Protection Centre.
This centre was established in 2007 and is home to more than 40 researchers, technical writers and developers who are specialists in malware analysis and response.
Together with two similar Microsoft labs located in the US and Germany, they process some 10 billion telemetry reports every month and operate 24 hours a day 7 days a week, 365 days a year to protect more than a billion devices running Windows.
Kavanagh said the centre often dealt with threats and incidents occurring in our region, with cases from Australia, Japan, China and other Asia-Pacific countries often first handled by the Melbourne centre.
"It’s a high-intensity environment that is often abuzz with a shared enthusiasm to combat a new threat or decipher a cybercriminal technique that has just been observed," he said.
"One particular aspect of this lab I’d like to tell you about is how we leverage massive data analytics and machine learning to complement the human expertise of our researchers.
He said the team in Melbourne had been increasingly been innovating with big data approaches and machine learning, bringing on stream new capabilities in the past 6 months.
"This technology sifts through a portion of the 750,000 daily reports we receive of malicious files and using machine learning, it tries to rapidly figure out the probability that any particular file is malicious," he said.
"This really is a combined effort of smart people using smart computers. And it’s having a big impact.
"In April alone, this machine learning approach processed 1.8 million unique files, directly leading to rapid responses that prevented malware infections on 250,000 computers worldwide."
Kavanagh said real-time exchange of information was essential to keep Australians safe online.
"The AISI, which has operated since 2005, is recognised globally for its work in sharing threat information with local Internet Service Providers (ISPs)," he said.
"This information enables ISPs to reach out and help their customers to rid their computing devices of threats.
"The C-TIP program will complement the AISI’s existing work by providing more real-time visibility of infected computer systems in Australia.
"We are thrilled to work with the ACMA on this important initiative."