With the support of US and international law enforcement, Microsoft [MSFT] has put a price on the heads of the authors of the SoBig and MSBlast worms, as the first step in a new $5 million anti-virus rewards program. The potential of a nice, fat paycheck may be enough to attract the attention of security researchers and virus writers’ friends, but it could also add kudos to writing a major virus.
Microsoft is offering cash rewards to catch virus writers.
Company general counsel Brad Smith, joined by representatives of the Information Technology Association of America, Interpol, the US Secret Service and the FBI, told reporters that Microsoft will give $250,000 to whoever turns in the authors of either SoBig or MSBlast.
It’s a small amount given Microsoft’s cash pile, small even compared to the $768 million decline in unearned revenue Microsoft experienced in the third quarter and attributed partly to viruses scaring away long-term contract opportunities.
But the amount will likely be enough to catch the attention of the teenage friends of script kiddies and/or independent security researchers looking to supplement their income and make a name for themselves.
While this is currently a Microsoft-only initiative, it seems that the company, and law enforcement, is implicitly encouraging other vendors to follow suit.
Peter Nevitt, director of information systems at Interpol, says: If it stops where we are today, we think its effects will be limited, but if it is used as a building block for something more tangible, cooperation between private sector and public sector, then I think it can really hit the mark.
The initiative’s effect on members of the hacking underworld may become clear with time. Virus writers, unlike other types of online criminals, are not often motivated by money. It’s more often spite, curiosity, or to prove their abilities.
It will also be interesting to see if the promise of a quarter-million-dollar paycheck will increase the number of security researchers doing detective work on virus code and hanging around in IRC chat rooms waiting for somebody to start bragging.
However, it’s possible having a bounty on their head could be seen as a mark of cool by some virus writers, particularly those who perceive themselves to be out of reach of the law’s arm due to their age or the country in which they live.
This article is based on material originally published by Computerwire
