In partnership with threat intelligence and security experts across Microsoft, the Digital Crimes Unit (DCU) applies unique legal and technical solutions to identify, investigate, and disrupt malware-facilitated cybercrime and nation-state sponsored activity.
Since 2010, the DCU has collaborated with law enforcement and other partners on 19 malware disruptions, resulting in over 500 million devices rescued from cybercriminals. Traffic from victim devices that once communicated to criminal servers is safely rerouted to Microsoft’s Cyber Threat Intelligence Program (CTIP). Victim devices are cleaned through antivirus programs such as Windows Defender Antivirus or intelligence is shared with Computer Emergency Response Teams (CERTs) and Internet Service Providers (ISPs) around the world to notify victims and assist with removal of the malware.
For more information related to malware disruptions in which DCU played an integral role: DCU Malware Disruptions.