November 5, 2003 4:44 PM PST
Microsoft bounty to disrupt virus writers?
The initiative, as first reported by CNET News.com, promises a reward of up to $250,000 for information leading to the conviction of the person or group responsible for launching the MSBlast worm and another $250,000 for similar information about the Sobig.F virus. The program has been funded with $5 million from Microsoft's coffers and will offer similar amounts for future threats.
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
"It really depends on the demographic," said Carey Nachenberg, chief architect for security firm Symantec. "It will make the typical virus writers--13- to 25-year-olds--think twice about releasing viruses."
Virus writers who intend to release bugs will have to be a lot more careful about who they associate with on the Internet, said Peter Allor, director of vulnerability research for network protection provider Internet Security Systems.
"You have a fair chance of someone turning their buddy in," he said. Virus writers "are going to be very careful about who their alliances are with and who they work with."
Others believe the reward won't have a practical effect, aside from marginally increasing the distrust in an already paranoid community.
"Nothing will change," said Roberto Preatoni, founder of security site Zone-H.org. "I guess it's more like a publicity advertising stunt. (Microsoft Chairman) Bill (Gates) cares about security, and he will pay on behalf of the world."
The litmus test for the new initiative will be whether the $250,000 bounties produce additional suspects in the MSBlast and Sobig virus investigations, which have seemingly stalled.
MSBlast, also known as Blaster and Lovsan,
The U.S. Department of Justice, the FBI and Microsoft earlier announced the arrests of two men who are suspected of modifying and releasing minor variations of the MSBlast worm, but have made little progress in catching the original author or the person or group responsible for the Sobig virus. Those attacks were serious enough to hurt Microsoft's bottom line and boost security companies' profits.
The main measure of the new initiative's success will be whether fewer major attacks are seen, Symantec's Nachenberg said.
"This bounty is really meant to deter people from releasing malicious code into the wild, not necessarily writing malicious code," he said.