https://www.technologyreview.com/s/614646/inside-the-microsoft-team-tracking-the-worlds-most-dangerous-hackers/
By Patrick Howell O'Neill
MIT Technology Review
November 6, 2019
When the Pentagon recently awarded Microsoft a $10 billion contract to
transform and host the US military’s cloud computing systems, the mountain of
money came with an implicit challenge: Can Microsoft keep the Pentagon’s
systems secure against some of the most well-resourced, persistent, and
sophisticated hackers on earth?
“They’re under assault every hour of the day,” says James Lewis, vice president
at the Center for Strategic and International Studies.
Microsoft’s latest win over cloud rival Amazon for the ultra-lucrative military
contact means that an intelligence-gathering apparatus among the most important
in the world is based in the woods outside Seattle. These kinds of national
security responsibilities once sat almost exclusively in Washington, DC. Now in
this corner of Washington state, dozens of engineers and intelligence analysts
are dedicated to watching and stopping the government-sponsored hackers
proliferating around the world.
Members of the so-called MSTIC (Microsoft Threat Intelligence Center) team are
threat-focused: one group is responsible for Russian hackers code-named
Strontium, another watches North Korean hackers code-named Zinc, and yet
another tracks Iranian hackers code-named Holmium. MSTIC tracks over 70
code-named government-sponsored threat groups and many more that are unnamed.
The rain started just before I arrived on a typical fall day in Redmond,
Washington. It kept coming down for my entire visit. Microsoft headquarters is
as vast and labyrinthine as any government installation, with hundreds of
buildings and thousands of employees. I’d come to meet the Microsoft team that
tracks the world’s most dangerous hackers.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
