Microsoft Hack May Not Be Malicious

While folks at Microsoft Corp. are working feverishly to figure out how
hackers hooked into its corporate network and viewed bits of its software’s
source code, officials at the giant firm said Friday that government
authorities are doing their part by trying to track the perpetrator down.


Microsoft’s International Public Relations Manager Ricardo Adame echoed
Steve Ballmer’s comments from Europe earlier this morning when he said the
company was satisfied that the code, which yields the synthesis of popular
Windows and Office software, was not “modified, corrupted or taken away.”


Adame also told InternetNews.com that Microsoft is investigating the network
to see how a hacker entered while “government officials,” though he would
not specify which group, are looking for any footprints a perpetrator may
have left.


Microsoft is certainly no stranger to the government, but this time Big
Brother is working for them rather than against them. Other reports indicate
that the Federal Bureau Investigation has taken the helm in the
investigation.


When asked if he thought catching the culprit, or possibly culprits for all
anyone knows, is a realistic possibility, Adame said he believed so.


“They did track that guy in the Philippines,” he said, alluding to Onel de
Guzman, who was accused of spawning the “Love Bug” virus that terrorized
e-mail clients on a global basis.


Guzman told the New York Times last week that the virus, which
analysts guessed did somewhere in the ball park of $10 to $15 billion in
damage, could have been one of his that was stolen from, but he wasn’t sure.


But G. Mark Hardy, managing director at security services firm Guardent
Inc., said it could be very easy to track the source of the QAZ Trojan
Horse. In fact, he said it is quite possible the worm showed up unknowingly
and remotely.


“It could have come from a employee’s notebook computer,” Hardy said. “Some
employee without a firewall or some sort of anti-virus program running could
have introduced it to Microsoft’s network.”


Billed by security sites as “in the wild,” but “low risk,” Hardy said QAZ
Trojan Horse has been kicking around since July, but that detecting whose
computer it showed up on would be easy.


“There would be a record of the worm having been on there,” Hardy said.


Still Hardy said there is no question that Microsoft, by virtue of its being
a premiere software giant, is a more attractive target for hackers trying to
establish themselves. He also said a “super user” would be able to
infiltrate a network and modify the system erasing detection systems to the
point where no one would know he or she was there.


While possible, Hardy said no source code was damaged or modified, which
lead him to think that the Trojan Horse entered unintentionally.


“What this tells you, is that one of the dangers to systems security is an
unsuspecting or uneducated user who is just not educated on the security
angle,” Hardy, whose firm hosts security seminars for companies, said. “My
advice is to educate all users about risks and if there is a security
problem say ‘We need help.'”

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web