Microsoft turns to Spamhaus for security help

Ed Gibson, newly appointed chief security advisor for Microsoft UK, applauded Internet security and anti-spam organisation Spamhaus on Tuesday, particularly for its work with Microsoft.

Gibson revealed that Microsoft had used Spamhaus' services to find problems in its own abuse management system, which Microsoft uses to identify which of its products and services are being used by spammers and cybercriminals.

"Microsoft's systems needed to be adjusted [and Spamhaus pointed that out]," Gibson said. He went on to liken Spamhaus' influence on the IT industry to that of a defence barrister probing a case, in that their presence can force companies to raise their game.

Gibson did not go into details as to the exact nature of the security adjustments that were carried out. "We acted on the intelligence [Spamhaus gave us]. I'm not going into the bits and bytes".

What is also laudable is that Spamhaus "do it for free", Gibson added.

Gibson also highlighted the risks of working at the sharp end of the Internet security landscape. "Some people from Spamhaus have had death threats," he said. "It's like the Wild West out there. It's the OK Corral." This is because of, he explained, the nature of the criminals who are making money from spam and scams.

Gibson became chief security advisor to Microsoft UK this summer after working for the FBI as a special agent and as an assistant legal attaché for the UK.

Speaking at the Westminster eForum, after Spamhaus chief information officer Richard Cox had accused Yahoo of hosting thousands of phishing sites, Gibson also said: "Hats off to Spamhaus. We don't do a good job of responding to abuse. Spamhaus are excellent to highlight areas of deficiency."