The recent story below from motleyfool is interestingly similar to:
MS Windows source code hacked
Which was posted here on Friday, 27 October 2000, 3:03 p.m.
A powerful question here is why is MSFT close to 70 after all this bad press? I have yet to see mainstream press ask that question.
--
Source link: http://biz.yahoo.com/mf/001101/news02_001101.html
Wednesday November 1, 2:25 pm Eastern Time
MotleyFool.com - Fool News
What's Bad for Microsoft
By Nico Detourn
Five days after word broke that intruders had snuck into
Microsoft's (Nasdaq: MSFT - news) corporate computers, it's still unclear what actually happened.
That's not surprising. At this point, probably no one knows for sure, and those who might know have
reasons to not spill the beans. Still, the information that is out there doesn't entirely add up, especially
the chronology of what Microsoft knew and when they knew it.
According to early reports, intruders initially broke into company computers and then used hacked
passwords to gain deeper access to the system and eventually to the source code for Microsoft
applications. The intrusion lasted five to six weeks. Citing unnamed sources, The Wall Street Journal
said the break-in was discovered when security people detected passwords being sent to a computer
in St. Petersburg, Russia.
The paper said network logs showed source code for Microsoft software -- including the
bread-and-butter Windows operating system and Office applications -- had been transferred outside
the company's Redmond campus.
Microsoft on Friday called the incident "a deplorable act of industrial espionage." It also said the
incident was "narrower than originally thought" and the source code for Windows and Office remained
untouched by hacker hands. "That is very good news," said Microsoft spokesperson Mark Murray.
High-level access
Over the weekend, certain details of the original story were updated, others were filled in, and new
questions were raised.
Microsoft now says intruders only saw source code for unidentified products that are still under
development and years away from release. These files were neither changed nor damaged, Murray
said. "We don't believe customers are going to be affected in any way."
The period of the attack was similarly scaled down. Microsoft says that access to "high-level" areas
and files was limited to a 12-day period between October 14 and 25, although it acknowledges that
the intruder could have entered the system before then.
Microsoft says it initially thought the attack might be related to a virus from some weeks earlier and
that it did not want to underestimate how long the intruder had been worming through its computers.
They now believe the two events are unrelated.
Real-time hacker tracking
Microsoft also now says it was aware of the intrusion from the get-go. Rick Miller, another Microsoft
spokesperson, says the company tracked the hacker's movement through its network in real time and
"knew what the person was doing."
Presumably by way of reassurance and to further minimize the significance of the situation, Miller said
that if attempts had been made to transfer source code files, they do not show up in the network's
logs. But this suggests that such activity may not always be recorded, so one wonders about
Microsoft's ability to actually know what did or did not happen.
In addition, Miller says the size of the source code files make it unlikely that they were surreptitiously
snatched. The company's reputation for "bloatware" notwithstanding, however, 12 days is more than
enough time to mess with Microsoft's family jewels, according to security experts and, frankly,
common sense.
The company says it originally planned to deal with the attack on its own but called in federal
investigators last Thursday. "We realized the intrusion had grown to the level that warranted bringing in
the FBI," according to Miller.
Microsoft's front-door access
Getting hacked places Microsoft in an embarrassing, tricky position. While acknowledging its
vulnerability to such attacks, it must also reassure customers and partners that what's bad for
Microsoft is not bad for them. The situation requires skillful damage control and has something in
common with cases of product tampering.
It's interesting that Microsoft has said "there is no evidence" that the source code for Office and
Windows products has been compromised or that its online services have been or will be affected by
the incident. Instead, the company has shifted the focus to future products.
This makes some sense. It gives them time to assess any damage to the code before compromised
products can work their way into the pipeline. But even taking the company's statements at face value,
how reassuring is that?
The main risk in the high-level hacking of Microsoft is that bad guys can sabotage the company's code
and add "backdoor" access to the computers that run the finished software. To state the obvious,
though, the main reason this matters is because Microsoft has already gained front-door access to
those same computers.
A company spokesperson said Friday that consumer, business, and government computers running
Microsoft software should be safe. That's virtually all of the computers in service today -- an
impressive number. And a sobering one, for while Microsoft can be reasonably counted on to reduce
its vulnerability to the world's bad guys, the world's vulnerability to the good guys at Microsoft is an
altogether different story.
--
