Digital Edition

SYS-CON.TV
$5 Million Fund Helps Nail Teenage Sasser Offender
German authorities were able to arrest the alleged perpetrator of the Sasser worm within seven days of its launch

He was only 18, he lived in Rotenburg, Germany, and he remained a free man for only a week after releasing his perverted creation, the Sasser virus. Reports say that the same man is also suspected of releasing all 28 versions of the equally notorious NetSky worm.

The investigation which led to his arrest came from a tip-off to Microsoft from as yet unspecified individuals. They stand to collect a payout of up to $250,000 under the company's $5m anti-virus reward program.

"As this case demonstrates," wrote Brad Smith, senior vice president and general counsel at Microsoft, in an official announcement last week, "we will move quickly to support law enforcement worldwide to identify and hold responsible those who break the law by launching viruses and worms targeted at our customers." 

"The information leading to this arrest resulted in part from Microsoft's anti-virus reward program," he continued, "as well as new technical and investigative techniques we have developed during the past year to address precisely this type of situation."

Here is the official account:

Microsoft entered into a partnership last November to create a $5 million anti-virus reward program, supporting Interpol, the FBI, and the Secret Service. Aware of this program, certain individuals in Germany approached Microsoft investigators last week, offered to provide information about the creator of the Sasser virus, and inquired about their potential eligibility for a reward. Microsoft informed the individuals that the company would consider providing a reward of up to $250,000 if their information led to the arrest and conviction of the Sasser perpetrator.

Following this discussion, the individuals provided information to Microsoft and local authorities in Germany. Microsoft reviewed this information and, in conjunction with law enforcement authorities, pursued technical analysis to verify the accuracy of the information provided. The FBI also provided investigative support for German law enforcement.

The investigation led by German police over the past week led to information relating not only to all four variants of the Sasser worm, but also to the Netsky worm, which was launched on Feb. 16, 2004. Ultimately there were 28 variants of the Netsky worm, and German authorities are alleging that all these variants are connected to the individual arrested yesterday.

Microsoft is working in other ways too "to help better protect its customers and the industry," as it expresses it, with five key areas of activity detailed on its Web site:

  • Technical innovation toward improving the resiliency of computers in the face of threats and improving the ability to isolate worms and viruses
  • Engineering excellence to improve code quality
  • Software and hardware advances in authentication, authorization and access control
  • Improvements to help customers better update their computers and networks when a security update is made available
  • Prescriptive guidance to help customers secure their computers and networks

But the site sounds a warning note, too: "Malicious code such as Sasser seldom disappears from the Internet, even once those responsible are brought to justice, and customers should still take steps to both update and clean their computers and networks."

The final statement is worth underlining too:

Microsoft continues to encourage customers to follow the advice on microsoft.com/protect: use a personal firewall, remain up-to-date on software updates and maintain anti-virus protection.

About Jeremy Geelan
Jeremy Geelan is Chairman & CEO of the 21st Century Internet Group, Inc. and an Executive Academy Member of the International Academy of Digital Arts & Sciences. Formerly he was President & COO at Cloud Expo, Inc. and Conference Chair of the worldwide Cloud Expo series. He appears regularly at conferences and trade shows, speaking to technology audiences across six continents. You can follow him on twitter: @jg21.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Imagine for a minute that you were a consultant and wrote code for a large corporation that has significant security flaws. Later your security flaws cost the corporation money as well as lawsuits from their customers due to personal information being stolen and abused.

Who do you think that the corporation would hold responsible?

I see the reward program for virus writers as sheer genius, for these reasons:

1. These virus authors are almost always part of a peer group. They get accolades from their peers by getting their creation mentioned in the news, for how many machines it took down, etc. Part of the payoff comes from the acknowledgement of their peers. Without this, their is much less reason to do it. I doubt that any of them operate in total anonymity.

2. Because they don''t operate in total anonymity, someone always knows who wrote such-and-such virus. And some of these people like money. Honor among thieves? I don''t think so.

For some reason, this hasn''t been working in the case of Osama bin Laden ($25,000,000 US), but maybe people in this category are more afraid of the judgement of Allah (according to their twisted system of ethics) than they are enamored of a deluge of cash. It certainly worked in the case of Saddam Hussein.

Sorry, that was supposed to be "Dave, [nod] to worrying..."

Dave, to worrying that these guys are the ones keeping Microsoft up-to-date. Although I doubt we have to really worry: as long as Microsoft is so huge, they might not have competitors, but they''ll sure be the biggest, ripest target out there.

Marco, you can''t "make an example" of people. It might be effective, but it''s hardly justice.

Dan and Marco''s comments are sophomoric. Are you guys saying you are experts in sociological behavior and social justice? I just want to point out the lynch mob mentality you are expressing. Should people who drive beyond the speed limit be punished severely because they endanger all those around them? And I am sure you guys speed. What if they cause a traffic jam and it slows everyone else down and wastes their gas. What if an ambulance with someone in it that is on life or death status gets stuck in this jam and that individual dies. It seems that the costs can add up, but we never punish those individuals for that behavior that is commensurate with the amount of inconvenience it causes.

And what does the author mean by perverse? Nice spin, jerk.

I have always wondered why Microsoft is never held accountable for their software throttling down the Internet and the World, just to get market share and captivate dumb monkies that require widgets for their attention. This amounts to negligence in my mind. Why is it they insist that the OS be built around accessories and not the other way around. Fix Microsoft culture and hold them accountable, their software could not be used to effect the rest of the World. But they assume they shouldn''t be held accountable for their reckless abuse of a public entity. It is out of their hands, in their minds. Microsofts attitude is like the attitude of rednecks that believe that they have the freedom to take their motorized recreational vehicles where ever and when ever they want with out considering the damage to the environment. Shoot, shouldn''t they be entitled to think of only themselves? Microsoft''s business model does not feel beholden to the environment they operate in. They are just a redneck company. Seems like the World needs to create some control to hold those that are thoughtless responsible.

In a perverse sort of way, individuals such as he provide a valuable service. One could argue that we owe thanks to these guys for holding Microsoft accountable for creating more secure software. Flush out these guys and there will be no one but Al Queda types attacking our systems - with none of the "teenagers" to have revealed the existing vulnerabilities beforehand.

I agree with Marco that consequences are necessary, but in a world with billions of people there will always be someone who thinks they won''t get caught. We cannot trust the security of our information systems to the hope that all potential criminals will be deterred by the consequences. What we need is an interface to the Internet that does not allow unauthorized activity on a computer, and an operating system that does not expect an end-user to figure out what is malicious.

Hmm, I do not think Microsoft, FBI, Secret Service or any authority will be capable of stopping theese people.

Most of them are teenagers, if not they are socially disturbed in one way or another. In both cases, it is an expression of power, that is experienced by trying to control a piece of something: an email system, a network box, or whatever.

Control is their driving force and so is everyone''s else. The more control the happier we are. Of course, "socially well behaved" individuals pursue control in some other more legitimate ways (not neccessarily less destructive ways: look at Bush for example), but the core is still there control.

So given all of the above, the only effective way to deal with theese people is to be prepared. So go and vote against Bush, turn on your firewall, patch your system, stop believing everything CNN brodcasts, etc., etc.

The only way to stop these people is to punish them as harshly as possible so it serves as a deterrant to others with similar clever ideas. If this individual gets something silly like 100 hours community service and then becomes a millionare by writing a book about it, IT community will never win the war.




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
While some developers care passionately about how data centers and clouds are architected, for most,...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...
The question before companies today is not whether to become intelligent, it’s a question of how and...
Kubernetes is an open source system for automating deployment, scaling, and management of containeri...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for ma...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...