The German teenage who confessed to creating the Sasser computer worm, which wreaked havoc as it raced around the world’s computers last year, was handed a suspended sentence on Friday.
A German court found Sven Jaschan guilty of computer sabotage and altering data illegally in a court. The 19-year-old was sentenced to one year and nine months of probation, plus 30 hours of community service.
The charges against Jaschan carried a maximum five-year jail sentence, but the court said in his ruling that Jaschan did not act for commercial gain, rather out of a need for recognition.
Also, he was caught just short of his eighteenth birthday.
Microsoft said Friday it would pay $250,000 reward to two informants who helped identify Jaschan, which led to his arrest on May 2004, within days of Sasser’s launch.
The Sasser worm attacked Windows operating system and infected computers worldwide, causing them to crash and reboot. Sasser reportedly caused millions of dollars in damages.
We’re pleased that the author of the Sasser worm has admitted responsibility for the damage he caused and is being held accountable, said Microsoft deputy general counsel Nancy Anderson, in a statement.
It has been important and gratifying to collaborate with and support law enforcement in this case, and we’re glad to provide a monetary reward to those individuals who provided credible information that helped the German police authorities solve this case.
Microsoft’s bounty would be paid from the company’s anti-virus reward program, which it established with Interpol, the Federal Bureau of Investigation and the US Secret Service in November 2003.
The program pays informants who are not involved with the criminal activity a reward for providing credible information to police that leads not just to an arrest but also a conviction.
It shows that people will rat our their ‘friends,’ so to speak. Money talks, said Gartner security analyst Lawrence Orans.
But while the company’s reward program paid off this time, the rise of malicious-code writers working for money means it may not be so effective in the future.
After all, unlike mischievous code writers, such as Jaschan, others increasingly are hacking for profit.
In late May, for instance, police in Israel detained 18 suspects for allegedly using Trojan horses to commit industrial espionage against several major Israeli businesses.
Rewards from Microsoft and other software makers won’t be as alluring to these types of money-making hackers.
The bounties will be less effective, Orans said. But it certainly works well for teenagers who can turn in other teenagers.
It was not immediately clear whether Jaschan’s sentence enabled him to continue working for German security outfit Securepoint GmbH, which hired him last year amid industry scorn.