RealTime IT News

Hackers Get into Microsoft

While folks at Microsoft Corp. are working feverishly to figure out how hackers hooked into its corporate network and viewed bits of its software's source code, officials at the giant firm said Friday that government authorities are doing their part by trying to track the perpetrator down.

Microsoft's International Public Relations Manager Ricardo Adame echoed Steve Ballmer's comments from Europe earlier this morning when he said the company was satisfied that the code, which yields the synthesis of popular Windows and Office software, was not "modified, corrupted or taken away."

Adame also told InternetNews.com that Microsoft is investigating the network to see how a hacker entered while "government officials," though he would not specify which group, are looking for any footprints a perpetrator may have left.

Microsoft is certainly no stranger to the government, but this time Big Brother is working for them rather than against them. Other reports indicate that the Federal Bureau Investigation has taken the helm in the investigation.

When asked if he thought catching the culprit, or possibly culprits for all anyone knows, is a realistic possibility, Adame said he believed so.

"They did track that guy in the Philippines," he said, alluding to Onel de Guzman, who was accused of spawning the "Love Bug" virus that terrorized e-mail clients on a global basis.

Guzman told the New York Times last week that the virus, which analysts guessed did somewhere in the ball park of $10 to $15 billion in damage, could have been one of his that was stolen from, but he wasn't sure.

But G. Mark Hardy, managing director at security services firm Guardent Inc., said it could be very easy to track the source of the QAZ Trojan Horse. In fact, he said it is quite possible the worm showed up unknowingly and remotely.

"It could have come from a employee's notebook computer," Hardy said. "Some employee without a firewall or some sort of anti-virus program running could have introduced it to Microsoft's network."

Billed by security sites as "in the wild," but "low risk," Hardy said QAZ Trojan Horse has been kicking around since July, but that detecting whose computer it showed up on would be easy.

"There would be a record of the worm having been on there," Hardy said.

Still Hardy said there is no question that Microsoft, by virtue of its being a premiere software giant, is a more attractive target for hackers trying to establish themselves. He also said a "super user" would be able to infiltrate a network and modify the system erasing detection systems to the point where no one would know he or she was there.

While possible, Hardy said no source code was damaged or modified, which lead him to think that the Trojan Horse entered unintentionally.

"What this tells you, is that one of the dangers to systems security is an unsuspecting or uneducated user who is just not educated on the security angle," Hardy, whose firm hosts security seminars for companies, said. "My advice is to educate all users about risks and if there is a security problem say 'We need help.'"