ADVISOR Home Boomer Advisor DataBased Advisor FileMaker Advisor Advisor Basics of FileMaker Pro How-To CDs Advisor Store: Subscriptions & CDs Help
My.ADVISOR.com Sign-In
ID
Password

Member Center / Sign-Up
Go to Article
Advanced Search 
Link to DataBased Advisor 
Submit your How To tips and advice 

NEWS

Microsoft Hack a Lesson for Everyone

If a company like Microsoft, with its huge infrastructure and presumably deep pockets, can't keep from being hacked, what does that mean for you?

By Elizabeth Olsen, Managing Editor

It's happened again. A large, high-profile corporation was hacked. Although Microsoft officials admitted the system was hacked, they're being mum about the possibility that source code for the next versions of Windows and Office were tampered with (or worse). The implications here are huge...there's a vast amount of code involved, and the perpetrators could have inserted their own bits of code or practical jokes anywhere. Will Microsoft really be able to examine all of it, to see what damage may have been done? Can you trust the next releases of Microsoft products? It's too soon to tell, but this event will probably cause consumers to think twice before making their next Microsoft purchase.

The sad thing is, the hole exploited in this attack is a well-known one. It's been around for awhile, so why did Microsoft fall prey to it? This exploit should be a good warning to us all, about the basics of security. First, keep vigilant about protecting your systems. Always update the new releases of your anti-virus programs, and scan your systems. Train your employees to detach and scan all attachments that come via e-mail. Don't even investigate suspicious mail. If you weren't expecting it, and it looks like spam, you probably don't want it. And never, ever disable your system's protection, as some programmers tend to do to speed things up. Based on the potential for a business-crippling hack, it just isn't worth the couple of minutes saved here and there.

Granted, Microsoft is a huge corporation, and is probably a popular target for attacks. It must be some kind of badge of honor in the hacking community to be able to get into such a company's system. But just because you have a smaller company with a smaller network, don't think it's safe. Technical Editor Terry Crow recently implemented a personal firewall on his home system, and in less than three hours it logged five suspicious probes from the Internet. You can read the whole story here: http://www.advisor.com/Articles.nsf/aid/CROWT63.

What we know

Microsoft officials announced that their system had been hacked via a QAZ Trojan. This worm surfaced four months ago and is well-documented in the security arena. In other words, it isn't new. The QAZ software gets delivered via e-mail and opens a back door to hackers, giving them remote control over the infected computer. Experts believe that a Microsoft employee received e-mail carrying QAZ and installed it. QAZ was disguised as Notepad, then sent a remote signal to a computer in Asia with the Internet location of the computer. QAZ may have automatically downloaded and installed hacker tools from a Web site in the South Pacific, some experts believe. QAZ gave the intruder some control over the victim's computer, and it spread to the computers it found in that part of the Microsoft campus. The hackers used another program to collect employee passwords, which were sent to a Russian e-mail address. Posing as Microsoft employees working off-site, the hackers used the passwords to enter sensitive areas of the network and downloaded files.

The attacks were recognized several days ago, but may have been going on for several months. Although this was the time period when Windows ME was released, Microsoft officials say that the source code for ME was done well before they believe the attack started.

The FBI is working with Microsoft to investigate this attack. They haven't commented about possible motives, but it could be anything from corporate espionage to hackers just doing it for the challenge.


Microsoft Hack a Lesson for Everyone

No reader comments ... yet.

    What do YOU think about this topic? Share your advice and thoughts using this form.

    Your Name

    REQUIRED : PUBLIC

    Your E-Mail

    REQUIRED : PRIVATE

    Job, Company

    OPTIONAL : PUBLIC

    City, State, Country

    OPTIONAL : PUBLIC

    Your Web Site

    OPTIONAL : PUBLIC

    Your Comment

    Please help everyone by keeping your comments on-topic, using clean language, and not defaming or making personal attacks.


    Your e-mail address is required, but it will not be displayed to the public or given to anyone. See our Privacy Policy. Comments become visible after they pass our spam filter, and spammers and abusers are permanently blocked. Please report spam or abuse.

    Printer-friendly
    page layout

    Keyword Tags: Microsoft, Security, Trojan Horse

    ADVISORAMA
    Every man is valued in this world as he shows by his conduct that he wishes to be valued.
    -- Jean De La Bruyere
    Refresh (F5) for more   Contribute

    Advisor Solutions

    ARTICLE INFO

    DataBased Advisor

    Web Edition: 2000.10.27, Doc #07336

    FREE ACCESS FREE ACCESS
    SUBSCRIPTION STATUS
    You are not signed-in. If you are a subscriber to this publication, sign-in above to access locked articles. To subscribe or renew go to www.AdvisorStore.com.

    MORE ADVISOR

    Advisor on Microsoft

    Advisor on Security

    Advisor on Trojan Horse

    ARTICLE ACCESS
    = free access
    = subscriber-only
    = not online (on CD or in print)
    = has download

    DataBased Advisor How-To Library by Topic Keywords

    Subscribe to DataBased Advisor Magazine

    Get subscriber online access to articles

    DataBased Advisor Forum

    Free enewsletters on business, technology & lifestyle

    Special Offers

    Subscribe to DATABASED.ADVISOR.com

    Get it all -- every current and past ADVISOR tech/business publication, now all-in-one subscription, with new articles and a huge reference library packed with expert advice, how-to and downloads. Subscribe now to get it all.

    DataBased.Advisor.com

    Subscribe to FileMaker Advisor Magazine

    Read the advanced guide to creating custom business database solutions with FileMaker software. Subscribe now to gain access to all the archives and downloads.

    FileMaker.Advisor.com

    Subscribe to Advisor Basics of FileMaker Pro

    Learn the fundamentals of using FileMaker Pro software. Every issue gives you step-by-step instructions on creating the databases you need. Subscribe now!

    FileMaker.AdvisorBasics.com

    Showcase Your Smarts

    Submit your tips, techniques and advice and let Advisor promote your business and build your career. Show the world what you know!

    AdvisorTips.com
    Site Map Advisor Store Privacy Terms of Use Trademarks Advertising About Advisor Media Advisor's San Diego
    ADVISOR NETWORK
    Advisor Basics of FileMaker Pro | Boomer Advisor | Business Advisor | Business Collaboration Advisor | Business Security Advisor | Caregiver Advisor | Community Advisor | Compliance Solutions Advisor | Computer Advisor | DataBased Advisor | DataBased Advisor | Dogs Advisor | E-Discovery Advisor | Entertainment Advisor | Family Advisor | FileMaker Advisor | Food Advisor | Fun Advisor | Generations Advisor | Health Advisor | HomeLiving Advisor | IBM Lotus Advisor | IBM WebSphere Advisor | Law Tech Advisor | Lifestyle Advisor | Microsoft Access Advisor | Microsoft Office Advisor | Microsoft Pro Development Advisor | Microsoft SharePoint Advisor | Microsoft Visual Basic .NET Advisor | Microsoft Visual FoxPro Advisor | Microsoft Visual Studio Advisor | Mobile Business Advisor | Money Advisor | Novell GroupWise Advisor | Pets Advisor | Recreation Advisor | Retirement Advisor | RV Advisor | Senior Solutions Advisor | Travel Advisor | Work Advisor
    Use of this or any other site, content, product or service of Advisor Media constitutes acceptance of Terms of Use.
    Portions copyright ©1983-2008 Advisor Media, Inc. All Rights Reserved.
    Reuse or reproduction of any portion or quantity of Advisor Media's copyrighted content, in any form, for any purpose, requires written permission.
    ADVISOR®, the ADVISOR logo, and other names and logos that incorporate ADVISOR are registered trademarks, trademarks or service marks of Advisor Media, Inc. in the United States and/or other countries.
    Other trademarks are used for identification, editorial or descriptive purposes and are the property of their owners.
    Hosted by Prominic.NET Website powered by
    LOTUS SOFTWARE
    OLSEE167 posted 10/27/2000 modified 01/07/2009 03:35:49 AM ztdbms/ztdbms
    domino-144.advisor.com my.advisor.com 01/07/2009 10:51:02 AM