Sections

Microsoft: "Together we can prevail over criminals"

Xbox Live GM issues plea to users for help in fight against hackers

Microsoft's Alex Garden, general manager of Xbox Live, has issued an open letter calling for gamers' assistance in the ongoing struggle against hackers.

Garden posted the letter to Major Nelson's blog as part of Safer Internet Day, and noted the "surge of personal information being compromised and sold" over the last year.

While Garden didn't name any specific examples, the attack on the PlayStation Network is the most high-profile example among several that have blighted games companies in the last year.

The letter claims that Xbox has "no evidence" of any security breach on its Live service, though it does acknowledge "members whose accounts have been compromised by malicious and illegal attacks."

"Security is an ongoing battle. No matter how well we work to improve security - and we are working every day to bring new forms of protection to Xbox LIVE - our work will never end. With every measure we put in place, ill-intentioned people will create new ways to attack online services."

"Some of the security measures we have in place to help protect our members include password-attempt throttling, CAPTCHA (an industry-standard anti-scripting measure designed so that an actual human needs to answer the challenge), strong proofs (trusted PC, pin sent to cell phone, secondary e-mail and security questions), and account lockout for multiple failed attempts and compromised accounts, which we investigate and recover to the rightful owner."

Garden insists that Microsoft is also working towards improving the speed of recovery when an account has been compromised. The letter also describes Microsoft as an "industry leader" in investigating "cyber-criminals and bot nets."

However, Garden also appeals to Xbox users to arm themselves against these attacks by improving their knowledge of methods of attack, and the best steps to safeguard their own information.

The letter warns users about phishing, malicious software designed to capture passwords, re-using passwords from previously breached accounts, and "social engineering" in order to guess a user's password.

It also emphasises the importance of setting and regularly changing strong passwords, using unique passwords for each service, and reducing the amount of personal information shared through social networks.

The letter precedes the departure of Stephen Toulouse, director of policy and enforcement for Xbox Live, on February 15.

"I have nothing but confidence in the future of Microsoft and specifically Xbox and Xbox Live," Toulouse wrote in a post on his personal blog. "I have enormous gratitude for my time there. I want to finish my next book, and explore other opportunities."

Related stories

110,000 PS4 and Xbox One machines sold in the UK last week

Xbox One price discounting and PS4 Pro launch boost sector

By Christopher Dring

Is HoloLens a consumer gaming device yet?

Microsoft's Leila Martine on why games developers should consider HoloLens today

By Christopher Dring

Latest comments

Sign in to contribute

Need an account? Register now.