10 Apr Microsoft’s Cyber Defense Operations Center and Cybercrime Center
Recently several members of the adaQuest team were invited by Microsoft to tour Microsoft’s Cyber Defense Operations Center (CDOC) and the Microsoft Cybercrime Center (MCC).
While we were only allowed to enter and view a limited area of both the CDOC and the MCC, the work carried out at the facilities is impressive as is Microsoft’s commitment to cybersecurity.
The CDOC is solely focused on protecting Microsoft’s IT infrastructure and assets globally. It provides 24-7 coverage to detect and combat cyber adversaries. Operating under the directive of “Protect, Detect, and Respond,” the CDOC’s number one priority is to protect the computing environment used by Microsoft and its’ customers.
The CDOC’s main activities and tactics include monitoring and maintaining control over the physical environments of all Microsoft datacenters around the globe, protecting against intrusions and DDoS attacks, supporting and enforcing appropriate MFA deployment, maintaining proper IT security hygiene including anti-malware software and strict patch implementation procedures, conducting threat modeling, data classification, awareness training, network monitoring, behavior analytics, and a whole lot more.
The modern but relatively nondescript facility is built to withstand physical attacks and features bullet and bomb-proof windows, truck and tank traps, and an ability to operate from it’s own internal power source.
On the opposite side of the building the MCC has been set up to detect cyberthreats regardless if they are targeting Microsoft or not and share that information with law enforcement authorities, other companies, and consumers around the world. Threats that are detected included malware campaigns, botnets, and even large scale hardware thefts.
An example of the successful collaboration between the MCC and law enforcement was includes combined efforts to shutdown 90 percent of the Citadel botnet that reportedly stole over $500,000,000 from individuals and organizations.
The CDOC and MCC are just part of Microsoft’s commitment to cybersecurity and the over $1 billion annual investment the company makes towards cybersecurity.