LONDON — July 8, 2005 — Microsoft Corp. today announced that two individuals who helped identify the creator of the notorious Sasser worm in 2004 will share a reward of $250,000 (U.S.). The author of the worm, arrested in May 2004, was found guilty Friday by a court in Verden, Germany, and handed a sentence of one year and nine months on probation and 30 hours of community service.
The Sasser worm, designed to attack the Microsoft® Windows® operating system, infected computers worldwide, causing them to crash and reboot. When the worm was released in May 2004, Microsoft moved quickly to help protect customers. Within 48 hours of the worm’s appearance, Microsoft provided a free, software-based cleaner tool that automatically removed Sasser from infected machines. However, despite this, Sasser became a destructive and widespread piece of malicious code. From that point on, Microsoft collaborated with law enforcement officials, sharing information that led to an arrest in the case. The author of the worm was arrested by German police authorities within seven days of Sasser’s launch. More information about the case can be found at: http://www.microsoft.com/presspass/press/2004/may04/05-08sassertelepr.mspx.
“We’re pleased that the author of the Sasser worm has admitted responsibility for the damage he caused and is being held accountable,” said Nancy Anderson, vice president and deputy general counsel at Microsoft. “It has been important and gratifying to collaborate with and support law enforcement in this case, and we’re glad to provide a monetary reward to those individuals who provided credible information that helped the German police authorities solve this case.”
The reward will be paid from Microsoft’s anti-virus reward program, an initiative established by the company with Interpol, the Federal Bureau of Investigation and the United States Secret Service in November 2003 to provide an incentive for people to help identify those responsible for unleashing malicious viruses and worms on the Internet and deter cyber-criminals. The reward is paid to informants who are not involved in the criminal activity and provide credible information to law enforcement agencies that leads to an arrest and conviction.
“The Sasser worm is just one example of the speed at which malicious code can spread across borders and how damaging it can be to industry and the public,” said David Gork, director of Specialized Crimes at Interpol. “Law enforcement must continue to work with private industry to solve this type of crime.”
“Law enforcement agencies take great strides to aggressively, but thoroughly, investigate cybercrimes such as the Sasser worm,” said Brian Nagel, assistant director with the United States Secret Service. “Cooperation from industry, such as that displayed by Microsoft and the anti-virus reward program, contributes tremendously to speedily and effectively pursuing these cases.”
“Internet crime such as the one resolved today with this conviction in Germany know no boundaries or borders,” said Louis M. Reigel, assistant director of the Cyber Division of the FBI. “It is critical that law enforcement and private industry continue to work together across borders to address these issues.”
“At Microsoft, even as we continue to work to make our technology more secure and to educate users about how to protect themselves, we remain committed to working in close relationship with law enforcement officials and agencies around the world to help stamp out criminal behavior,” Anderson said.
The reward program is just one of several ways in which Microsoft is working to help better protect consumers and industry. In addition to the reward program, Microsoft is focusing on five key areas:
Technical innovation toward improving the resiliency of computers in the face of threats and improving the ability to isolate worms and viruses
Engineering excellence to improve code quality
Software and hardware advances in authentication, authorization and access control
Improvements to help consumers better update their computers and networks when a security update is made available
Prescriptive guidance to help customers increase computer and network security
Information about Microsoft’s cooperation with Interpol through the anti-virus reward program can be found at http://www.interpol.int/public/icpo/pressreleases/pr2003/pr200331.asp.
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.