[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Hackers Break Into Microsoft

Sunday October 29 1:52 PM ET
Microsoft Hack Shows Companies Are Vulnerable 

Hackers Break Into Microsoft
Windows Media - 28.8, 56, 100, 220, 300, 
Realplayer G2 
Download Players Here 

By Eric Lai

SAN FRANCISCO (Reuters) - In the annals of industrial espionage, last week's
hacker attack on Microsoft's (NasdaqNM:MSFT - news) in-house computers ranks
low on the scale for both sophistication and results.

But the high-profile incident, which let hackers tap some of the digital
blueprints for the software giant's future products, highlights major security
holes that computer experts say plague a surprising number of Fortune 500 and
Silicon Valley corporations with weak or disorganized defenses.

Some analysts fear it may usher in a new era in which viruses -- now often the
hallmark of pranksters -- become serious tools for professionals with corporate
theft or extortion on their minds.

``Eighty percent of the security incidents I see are teen-age kids out to have
a good time,'' said Joel de la Garza, an expert with Securify, a Silicon
Valley-based computer security firm. ``But the remaining 20 percent is starting
to grow, with the emergence of attackers with a stated objective and a definite
plan on how to accomplish it.''

According to the San Francisco-based Computer Security Institute, nine out of
10 companies and government organizations surveyed reported security breaches
in the last year. Of the 42 percent willing or able to quantify the damages and
financial losses, the total ran to $265 million.

ICSA.net, a security consultant based in Reston, Virginia, says that it has had
seven client companies report attempted break-ins using the ``QAZ'' virus
believed to be behind the Microsoft incident.

But experts say that these numbers are likely undercounts as few companies are
willing to be as open as Microsoft and expose themselves to both public
ridicule and hits on their stock price.

``How often does it happen? A lot. How often do we see it reported in public?
Not a lot,'' said John Vranesevich, founder of AntiOnline, a Pittsburgh-based
computer security firm.

Virus Opens Dangerous Windows

While Microsoft products such as Windows, Office, Outlook and Word are
routinely infected by viruses, this appears to be the first time that
Microsoft's own network was infected and infiltrated to this degree.

The intruders broke into Microsoft's corporate network through the computer of
an employee working outside of the office, possibly at home, sources told the
New York Times on Saturday.

With about six weeks of access, the intruders were able to download part of the
source code, the instructions behind how software operates, for some early
production versions of unreleased Microsoft software.

Security analysts believe the hackers infected the network with the QAZ virus
by an e-mail attachment, using the virus to open connections that allowed
hackers to rummage around for more valuable data -- such as passwords, which
could then open the door to other computers.

QAZ, first detected in China in July, is not particularly complicated or hard
to engineer. But analysts say it may be that corporate security officers simply
are not looking hard enough. ``This should have been pretty easy to catch,'' de
la Garza said. ``It's embarrassing.''

Internet Boom Makes For Tempting Targets

The fact that the Internet, just a decade ago the sleepy backwater of academics
and hacker enthusiasts, is now the go-go province of dot-coms and big business
alike, has made hacking into the computers hooked up to it that much more
tempting, analysts say.

``It used to be that if you hacked into someone's computer, all you'd find is a
bunch of research papers,'' de la Garza said.

Today, however, hackers can find everything from e-tailers storing consumers'
credit card information to bank account records to corporate intellectual

In most cases, these are protected by a firewall -- software that acts as a
gatekeeper to keep out unauthorized users and viruses. But experts said
Microsoft's security policy appeared to have had some obvious weaknesses.

For instance, they said Microsoft apparently made the mistake of keeping the
source code in parts of its network protected only by a simple password --
which eventually turned up in e-mail accounts in Russia.

``Your source code should be in the digital equivalent of Fort Knox,'' said
Richard Powers of the Computer Security Institute, who is also the author of a
book chronicling computer break-ins.

Microsoft could have considered measures like encrypting the source code so as
to be unreadable, stronger firewalls and requiring users to carry smart cards
that generate random passcodes verifiable by the computer, he said.

But with large corporations routinely having tens of thousands of machines
hooked up to networks at varying levels of access, the task of keeping each
machine protected while not inconveniencing its users becomes daunting.

``In a large, large corporation, all it takes is one machine to be unprotected
(for the virus) to be introduced into the network,'' said Vincent Weafer,
director of anti-virus research for security software maker Symantec.

Computer companies and dot-coms, surprisingly, often sport the weakest
security. In the former case, it is often an over-reliance on technology in
place of proper policies, while in the latter case, it is often an oversight
due to the frenzied pace at the typical dot-com, analysts said.

Dibyendu Saha

Do You Yahoo!?
Yahoo! Messenger - Talk while you surf!  It's FREE.