Rewards shift nature of worm hunt
Published: 11 Jun 2004 11:25 BST
What if you are part of the virus underground? Does that exclude one from the reward if not directly involved in the case in hand?
I would hope that if somebody has done something criminal, and law enforcement is investigating that person, that the individual gets prosecuted. Whether or not legally that precludes them, I do not know.
There is always the suspicion of whether or not a reward programme such as this might entice certain people who would say: "OK, there's three of us; one of us creates a worm, one gets offered a reward, and then the other two turn him in."
The reward program is designed to provide an incentive for people to offer information that would lead to an arrest and a conviction of somebody who has done something illegal by launching some sort of malicious virus or worm. I think that law enforcement is going to engage in what I would call due diligence and examine who their witnesses are. They will examine the information provided and make a good determination on whether that information does, in fact, lead to an arrest and conviction -- and whether the person providing that information is involved in some manner or not. That is something that law enforcement does daily in many, many investigations, in many different types of crimes, so it is not anything different than what they are engaging in, typically.
What about spam? With the Can-Spam Act, certain ways of sending spam are now illegal. Would Microsoft consider putting up a reward to stop that sort of activity?
Well, my focus is on viruses and other types of malicious code. All I can say about the spam area is that we are working very closely with law enforcement and also on the civil side to bring lawsuits against individuals under the Can-Spam Act.
Do you think that you are going to slowly get to a situation in which you will be approached by someone saying, "I have information on this specific threat and who did it" rather than Microsoft first announcing that it is offering a reward for information leading to whoever released this specific threat?
I cannot predict. There are about two to 300 viruses that get released on any given day, but each one has a different type of impact. We are going to continue to review the types of malicious code out there and see what kind of impact it is having -- and often most importantly, what law enforcement feels about the helpfulness of a reward in any given situation.
Since you have done a lot of prosecuting in the past, how long do you think that process will normally take between someone coming to you and saying, "here is the information" until there is generally a conviction in the case?
As I used to have to say to victims who would ask that same question, it all depends. It depends on the criminal justice system; it depends on the court that a case goes to; it depends on where in the world that crime is being prosecuted. For example, Sasser is in Germany; Blaster (or MSBlast) was in the United States. Every court system is different, and every court system moves at a different pace. We hope that justice is served as quickly and as efficiently as possible.
Previous
Did you find this article useful?
208 out of 366 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
Full Talkback thread
2 comments
-
It's a very expensive debugging exercise. Kikki Bona Sijabat -
This all nice and good but I can`t find a contact... Anonymous
