CBSN

Stakes Rising In Cyber Manhunt

Bill Gates, 11-1-02
AP
If he were still around, Wild West outlaw Jesse James might feel like small fry by comparison.

The creators of the LovSan/Blaster worm and the SoBig virus have large bounties out for their arrest - rewards to be posted Wednesday at an unusual joint news conference being held in Washington by the FBI, the Secret Service, Interpol and Microsoft Corporation.

CBS News has confirmed that Microsoft will be providing the reward money for information leading to the apprehension and conviction of the still unidentified creators of the LovSan/Blaster worm and the SoBig virus: reportedly $250,000 in each case.

There was an arrest last August in a related case - Jeffrey Parson, 18, of Hopkins, Minn. - but he is not accused of being the original creator of Blaster, which is also known as LovSan and MSBlast. Parson, whose trial is scheduled to begin Nov. 17 in Seattle, has pleaded not guilty to crippling over 7,000 computers by modifying Blaster and then unleashing it into cyberspace.

If convicted, Parson could be sentenced to as much as ten years in prison, plus fines.

In September, federal authorities in Seattle revealed they had made a second arrest - of an individual whose name is being withheld because the suspect is a juvenile. The crime is the same as Parson: making a variant of Blaster, called "RPCSDBOT," and then distributing it along with its harmful effects.

Various versions of the Blaster worm snarled computer networks around the world beginning last August, affecting over a million computers.

Just as computer users were recovering from Blaster, they got hit only days later by the equally hated SoBig virus, which clogged e-mail in-boxes with a ferocity that caused trouble for both networks and individuals.

The rewards being posted by Microsoft represent a new tactic by the software giant, which was specifically targeted by the creator of Blaster. The computer worm exploited a security flaw in Microsoft Windows - which was subsequently repaired, with a patch available for download, although many computer users and networks got zapped regardless when they failed to download the patch.

The worm came with two messages: "I just want to say LOVE YOU SAN" and "Billy Gates, why do you make this possible? Stop making money and fix your software!"

Even before 2003's many worms and viruses were unleashed on millions worldwide - Microsoft had begun a new campaign to improve computer security, to protect its flagship product, Windows, and convince consumers that it is safe.

"New security risks have emerged on a scale that few in our industry fully anticipated," said Gates, Microsoft chairman, in a January e-mail launching the company's campaign, pointing to estimates that hackers and other electronic attacks caused $455 million in damage to various companies in the year 2001.

At that time, Gates pointed to passwords as the weak link, and said Microsoft will increase its support for their replacement by smart cards, which employ other methods including random numbers to identify authorized users.

This year's harvest of cyber crime has not gone unnoticed in Washington.

Amit Yoran, a vice president from the anti-virus company Symantec, was chosen in mid-September to be the cyber security chief at the Department of Homeland Security.

His mission is strengthening computer networks and convincing Americans to improve their defenses against hackers, disgruntled employees, commercial rivals and foreign governments.

At the same time, the Department announced plans to establish a new Computer Emergency Response Center for Cyber Security. The Center, working with experts at Carnegie Mello University, is charged with protecting against, and responding to, cyber attacks.

It's hoped that by the end of the year, the Center will be able to reduce response time to cyber attacks to just 30 minutes.

  • David Hancock

    David Hancock is a home page editor for CBSNews.com.