AXENT Security Expert Available to Explain Hack Attack On Microsoft Headquarters; Blueprints to Latest Microsoft Software Allegedly Stolen.
ROCKVILLE, Md.--(BUSINESS WIRE)--Oct. 27, 2000
Breaking news today states that Microsoft Corporation suffered an astounding computer break-in at its Washington headquarters discovered on Wednesday, October 25, 2000. It is believed that hackers stole valuable blueprints for the latest versions of its Windows(R) and Microsoft(R) Office software. After an initial attempt to handle investigations internally, Microsoft has now publicly confirmed the hacking attack, contacting the Federal Bureau of Investigation for help in responding to the incident.
News sources reported that the hackers appear to have used the QAZ Trojan, malicious code in the form of a benign application, to access the corporate computers at Microsoft. The QAZ Trojan has characteristics of both a worm and a Trojan. It replicates itself to other computers by compromising network shares and it disguises itself on a given system. Microsoft believes that an employee who received the software unintentionally installed this "Trojan Horse" via email, disguised in the form of Microsoft's own Windows Notepad text message program. A remote signal was then sent from the QAZ Trojan software to a computer in Asia, giving the hacker control over the employee's internal Microsoft computer as well as the corporate systems network.
Using another piece of software, the hacker obtained employee passwords and sent them to a Russian email address, where the hacker posed as a Microsoft employee working remotely. Using these stolen passwords, the hacker gained access to highly sensitive areas of Microsoft's corporate network, stealing confidential blueprints and source code files on new versions of Microsoft's Windows and Office products.
Microsoft is not the first high-profile company to fall prey to Trojan Horse software tools used by hackers. Earlier this year distributed denial of service attacks on Yahoo!(R) and other dot-com's showed how security vulnerabilities can easily disable e-businesses. Although Microsoft is the latest victim to these destructive hacking attacks, the success of hackers against the world's most dominant software company raises numerous concerns. The biggest threat to Microsoft is not that its stolen code will be used to create a competing product or to create a backdoor into Microsoft software but that the Microsoft source code will analyzed for security flaws. These flaws could be publicized and used by attackers to create a whole new generation of exploits to compromise all Microsoft products.
Mark Wells of AXENT's Information Security SWAT Team, is available to talk about how Trojan Horses and worms work, specifically the characteristics of the QAZ Trojan. AXENT(R) is one of the world's leading e-security solutions providers for e-business, and has experience securing many of the world's most targeted businesses from hackers, including 45 of the Fortune 50 and governments worldwide. AXENT's SWAT team is the industry's first security research and development team dedicated to rapidly finding new security threats and creating dynamic security updates that allow AXENT's customers the ability to fortify their e-defenses quickly against these security threats. Mr. Wells would be happy to discuss how today's businesses can best protect themselves against such intrusions.
If you are interested in speaking to Mark Wells about the attack on Microsoft, Trojan Horse attacks or solutions to protect against such hacks, please call Mike Schultz or Dan Ring at Schwartz Communications, (781) 684-0770 or firstname.lastname@example.org.
AXENT and the AXENT logo are trademarks or registered trademarks, in the United States and certain other countries, of AXENT Technologies, Inc. or its subsidiaries. Windows and Microsoft are registered trademarks of Microsoft Corporation; Yahoo! is a registered trademark of Yahoo!, Inc. All other product names and trademarks are property of their respective owners.
|Printer friendly Cite/link Email Feedback|
|Date:||Oct 27, 2000|
|Previous Article:||VerticalNet to Host Analyst Event; Meet-the-Management Session To Be Webcast.|
|Next Article:||Amcast Declares Dividend.|