Microsoft Defender for Endpoint integrates Intel threat detection technology to improve the responsiveness to hidden mining malware on workstations.
According to Intel, together with Microsoft, the company will fight against cryptojacking attacks by improving the speed and efficiency of malware detection for hidden cryptocurrency mining on users’ devices.
Microsoft Defender for Endpoint extends Intel Threat Detection Technology (TDT) beyond accelerated memory scans to enable central processing unit (CPU) -based machine learning detection. This will speed up detection and response to cryptojacking attacks on workstations without compromising quality of service.
“This is a real watershed moment for the security industry,” said Michael Nordquist, senior director of strategic planning and architecture for Intel’s business clients group. “The scale of deployment of CPU-based threat detection on client systems is unmatched and helps close corporate security gaps.”
Intel’s new technology aims to more accurately detect malware, regardless of how malicious code is hidden. Intel TDT helps workstation security solutions leverage CPU telemetry and hardware acceleration to identify threats and anomalous activity. The solution uses a combination of CPU telemetry and machine learning heuristics to detect abnormal behavior.
The CPU performance monitoring unit is located below the application, operating system, and virtualized application tiers to provide a more complete view of active threats in the stack. Intel TDT supports EDR solutions and improves attack detection where it has historically been a problem, including the growing trend for malware to hide itself in a virtual machine.
“This partnership is one example of our ongoing investment and close collaboration with technology partners in the industry. We are working closely with chip manufacturers to research and deploy new hardware that delivers robust and resilient protection against cyberthreats, ”said Karthik Selvaraj, general manager of security research at Microsoft.
According to a January Check Point report, cryptojacking continues to dominate cyberattacks. Analysts predict an increase in the distribution of software for hidden cryptocurrency mining in cloud infrastructures. Microsoft said last December that hackers are increasingly using cryptojacking attacks as a distraction for more serious security incursions.
