IWS - The Information Warfare Site
News Watch Make a donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

06 November 2003

Microsoft Works with U.S. Law Enforcement to Catch Cybercriminals

Software corporation offers rewards for information on malicious code incidents

Microsoft Corporation and U.S. law enforcement agencies are joining forces to step up the international pursuit of those responsible for the release of malicious computer code on the Internet. Microsoft is funding a $5 million reward program to support U.S. and international law enforcement in solving these episodes of cybercrime. The company November 5 announced that it is offering $250,000 rewards for information leading to the arrest and conviction of those who released the MSBlast.A computer worm and the SoBig virus earlier this year.

Malicious codes exploit vulnerabilities in Microsoft software by entering computers loaded with the software and performing operations not authorized by the computer owner. Experts estimate that corporations with computer systems infected by MSBlast.A starting in August 2003 spent more than $500 million to eliminate it, regain control of their equipment and restore lost data. Damages attributed to SoBig, which first appeared in January 2003, may approach $1,000 million, according to the CERT/Coordination Center, a federally supported agency monitoring computer security incidents.

"These are not just Internet crimes, cybercrimes or virtual crimes," said Brad Smith, senior vice president and general counsel at Microsoft in a news release issued jointly by the Microsoft and the U.S. Secret Service. "These are real crimes that hurt a lot of people. Those who release viruses on the Internet are the saboteurs of cyberspace, and Microsoft wants to help the authorities catch them,"

Representatives of the U.S. Secret Service, the Federal Bureau of Investigation and Interpol joined Microsoft representatives in the November 5 Washington news conference where the reward program was announced. Acting Deputy Assistant Director of the FBI's Cyber Division Keith Lourdeau emphasized the seriousness of the crimes, explaining that his agency is engaged in a partnership with industry to track down those who are releasing Blaster and other malicious code.

"To date, subjects have been charged and arrested in connection with the release of three of the six Blaster variants. While this is a sign of progress, the FBI will continue in its pursuit of the original authors of these worms," said Lourdeau in a separate statement.

Further information about Microsoft's reward program is available at HYPERLINK "http://www.microsoft.com/presspass/features/2003/nov03/11-05AntiVirusQA.asp"

Further information about viruses and malicious codes is available at HYPERLINK "http://www.cert.org/other_sources/viruses.html"

Following is the text of the Microsoft-Secret Service announcement:

(begin text)

Nov. 5, 2003

Microsoft Announces Anti-Virus Reward Program

Microsoft Teams With Law Enforcement to Root Out Malicious Code Distributors With $5 Million Reward Fund as a Part of Broader Security Initiative

WASHINGTON -- Nov. 5, 2003 -- Microsoft Corp. today announced the creation of the Anti-Virus Reward Program, initially funded with $5 million (U.S.), to help law enforcement agencies identify and bring to justice those who illegally release damaging worms, viruses and other types of malicious code on the Internet. Microsoft will provide the monetary rewards for information resulting in the arrest and conviction of those responsible for launching malicious viruses and worms on the Internet. Residents of any country are eligible for the reward, according to the laws of that country, because Internet viruses affect the Internet community worldwide.

As part of the Reward Program, Microsoft announced the first reward in the amount of a quarter-million dollars (U.S.) for information leading to the arrest and conviction of those responsible for unleashing the MSBlast.A worm. Although two arrests were made in connection with the B and C variants of the MSBlast worm, those responsible for releasing the original worm this summer remain at large. The worm was designed to attack Microsoft's www.windowsupdate.com Web site, which provides fixes for vulnerabilities and helps protect users against malicious attacks. Microsoft offered a second quarter-million-dollar reward for information that results in the arrest and conviction of those responsible for unleashing the Sobig virus. This virus, the first variant of which was detected Jan. 10, 2003, attacked individual machines and e-mailed itself to each e-mail address in the computer's contact list. The Sobig.B and Sobig.C variants of the virus made messages appear as if they had come from official Microsoft e-mail addresses. No arrests have been made in connection with the Sobig virus.

"Malicious worms and viruses are criminal attacks on everyone who uses the Internet," said Brad Smith, senior vice president and general counsel at Microsoft. "Even as we work to make software more secure and educate users on how to protect themselves, we are also working to stamp out the criminal behavior that causes this problem. These are not just Internet crimes, cybercrimes or virtual crimes. These are real crimes that hurt a lot of people. Those who release viruses on the Internet are the saboteurs of cyberspace, and Microsoft wants to help the authorities catch them."

Partnership Program With Law Enforcement

Representatives of three law enforcement agencies, the Federal Bureau of Investigation (FBI), the Secret Service and Interpol, today joined Microsoft at the National Press Club news conference, where the company provided details of the reward program.

"The malicious distribution of worms and viruses, such as MSBlast and Sobig, are far from victimless crimes," said Keith Lourdeau, Acting Deputy Assistant Director of the FBI Cyber Division. "Such attacks on the Internet cost businesses worldwide millions -- some estimates claim billions -- of dollars and wreak havoc on individuals by ruining files, hard drives and other critical data. We intend to vigorously pursue the perpetrators of these crimes, and we hope to see additional industry-government collaboration to identify these individuals."

"Not only are we concerned with apprehending those individuals who commit computer crimes but also in limiting the damage done by these criminals to private industry and the public," said Bruce Townsend, deputy assistant director of investigations at the Secret Service. "By working together, the public, the private sector and law enforcement can combine their resources to effectively combat computer-based crimes like the MSBlast.A worm and Sobig virus."

"Interpol is particularly interested in fighting the malicious spreading of viruses because this represents truly borderless crime that requires a truly global response, a global collaboration between police and private industry," said Interpol Secretary General Ronald K. Noble, at the organization's headquarters in Lyon. "This Microsoft reward program is an opportunity to continue building effective relationships between the world's police and the private sector in order to prevent and prosecute cybercrime."

Individuals with information about the MSBlast.A worm or the Sobig virus, or any other worms or viruses, should contact the following international law enforcement agencies:

-- International/Interpol: via the Interpol National Central Bureau in any of Interpol's 181 member countries or at http://www.interpol.int/

-- FBI or Secret Service: via any local field office

-- The Internet Fraud Complaint Center: at http://www.ifccfbi.gov/ Microsoft has made security a top priority and is committed to developing the most secure software possible and making it easier for customers to protect themselves against attacks launched by malicious law breakers. Over the past year, the company delayed several product development projects to provide intensive training for more than 18,000 developers on how to write more secure code. The company has taken numerous steps to alert users to possible vulnerabilities and steps they can take to protect themselves, including the recent "Protect Your PC" campaign. This information is available at http://www.microsoft.com/protect/. While working hard to improve the security of its software, Microsoft also cooperates with international, federal and state law enforcement to help bring the perpetrators of these attacks to justice.

Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and Internet technologies for personal and business computing. The company offers a wide range of products and services designed to empower people through great software -- any time, any place and on any device.

(end text)