| By Jeremy Geelan |
Article Rating: |
|
| May 10, 2004 12:00 AM EDT |
Reads: |
15,493 |
He was only 18, he lived in Rotenburg, Germany, and he remained a free man for only a week after releasing his perverted creation, the Sasser virus. Reports say that the same man is also suspected of releasing all 28 versions of the equally notorious NetSky worm.
The investigation which led to his arrest came from a tip-off to Microsoft from as yet unspecified individuals. They stand to collect a payout of up to $250,000 under the company's $5m anti-virus reward program.
"As this case demonstrates," wrote Brad Smith, senior vice president and general counsel at Microsoft, in an official announcement last week, "we will move quickly to support law enforcement worldwide to identify and hold responsible those who break the law by launching viruses and worms targeted at our customers."
"The information leading to this arrest resulted in part from Microsoft's anti-virus reward program," he continued, "as well as new technical and investigative techniques we have developed during the past year to address precisely this type of situation."
Here is the official account:
Microsoft entered into a partnership last November to create a $5 million anti-virus reward program, supporting Interpol, the FBI, and the Secret Service. Aware of this program, certain individuals in Germany approached Microsoft investigators last week, offered to provide information about the creator of the Sasser virus, and inquired about their potential eligibility for a reward. Microsoft informed the individuals that the company would consider providing a reward of up to $250,000 if their information led to the arrest and conviction of the Sasser perpetrator.
Following this discussion, the individuals provided information to Microsoft and local authorities in Germany. Microsoft reviewed this information and, in conjunction with law enforcement authorities, pursued technical analysis to verify the accuracy of the information provided. The FBI also provided investigative support for German law enforcement.
The investigation led by German police over the past week led to information relating not only to all four variants of the Sasser worm, but also to the Netsky worm, which was launched on Feb. 16, 2004. Ultimately there were 28 variants of the Netsky worm, and German authorities are alleging that all these variants are connected to the individual arrested yesterday.
Microsoft is working in other ways too "to help better protect its customers and the industry," as it expresses it, with five key areas of activity detailed on its Web site:
- Technical innovation toward improving the resiliency of computers in the face of threats and improving the ability to isolate worms and viruses
- Engineering excellence to improve code quality
- Software and hardware advances in authentication, authorization and access control
- Improvements to help customers better update their computers and networks when a security update is made available
- Prescriptive guidance to help customers secure their computers and networks
But the site sounds a warning note, too: "Malicious code such as Sasser seldom disappears from the Internet, even once those responsible are brought to justice, and customers should still take steps to both update and clean their computers and networks."
The final statement is worth underlining too:
Microsoft continues to encourage customers to follow the advice on microsoft.com/protect: use a personal firewall, remain up-to-date on software updates and maintain anti-virus protection.
Subscribe to .NET Developer's Journal Email News Alerts
Subscribe via RSS
