REDMOND, Wash., May 8 – LAWFUEL – Microsoft Corp. today
commended German law enforcement for its prompt arrest relating to the Sasser
worm and confirmed that the company’s anti-virus reward program investigators
had worked with informants on the case during the past week. German
authorities were able to arrest the alleged perpetrator of the Sasser worm
within seven days of its launch, based on fast action by local police and
broad cooperation among German law enforcement agencies, the FBI and Secret
Service in the United States, and Microsoft.
(Logo: http://www.newscom.com/cgi-bin/prnh/20000822/MSFTLOGO )
“As this case demonstrates, we will move quickly to support law
enforcement worldwide to identify and hold responsible those who break the law
by launching viruses and worms targeted at our customers,” said Brad Smith,
senior vice president and general counsel at Microsoft. “The information
leading to this arrest resulted in part from Microsoft’s anti-virus reward
program, as well as new technical and investigative techniques we have
developed during the past year to address precisely this type of situation.”
Microsoft entered into a partnership last November to create a $5 million
anti-virus reward program, supporting Interpol, the FBI, and the Secret
Service. Aware of this program, certain individuals in Germany approached
Microsoft investigators last week, offered to provide information about the
creator of the Sasser virus, and inquired about their potential eligibility
for a reward. Microsoft informed the individuals that the company would
consider providing a reward of up to $250,000 if their information led to the
arrest and conviction of the Sasser perpetrator.
Following this discussion, the individuals provided information to
Microsoft and local authorities in Germany. Microsoft reviewed this
information and, in conjunction with law enforcement authorities, pursued
technical analysis to verify the accuracy of the information provided. The FBI
also provided investigative support for German law enforcement.
The investigation led by German police over the past week led to
information relating not only to all four variants of the Sasser worm, but
also to the Netsky worm, which was launched on Feb. 16, 2004. Ultimately there
were 28 variants of the Netsky worm, and German authorities are alleging that
all these variants are connected to the individual arrested yesterday.
“We understand that the lure of a cash anti-virus reward program can
prompt those with information to come forward and assist law enforcement,”
Smith said. “For this reason, Microsoft decided to reward the informants who
provided information vital to this Sasser worm arrest with a reward of
$250,000, pending the successful conviction of this case.”
The reward program is just one of several ways that Microsoft is working
to help better protect its customers and the industry. In addition, the
company is focusing on five key areas:
— Technical innovation toward improving the resiliency of computers in
the face of threats and improving the ability to isolate worms and
viruses
— Engineering excellence to improve code quality
— Software and hardware advances in authentication, authorization and
access control
— Improvements to help customers better update their computers and
networks when a security update is made available
— Prescriptive guidance to help customers secure their computers and
networks
Malicious code such as Sasser seldom disappears from the Internet, even
once those responsible are brought to justice, and customers should still take
steps to both update and clean their computers and networks. Microsoft
continues to encourage customers to follow the advice on
microsoft.com/protect: use a personal firewall, remain up-to-date on software
updates and maintain anti-virus protection.
