Microsoft's bounty on virus writers is meeting with significant support from law enforcement, but will this new addition to the Trustworthy Computing initiative influence whether a script kiddie releases the next MSBlast worm?
"Virus writers now know that they not only have to worry about the FBI tracking them down, they now must watch their backs for pals looking to turn over some information for easy cash," said Chris Belthoff, senior security analyst at Sophos. "There are some who choose to abide by the code of virus writer silence, but in this case I bet there are many who would quickly press Ctrl+Alt+Delete on their viruses writing buddies."
Microsoft corporate attorney Hemanshu Nigam said the bounty is just part of Microsoft's multi-pronged Trustworthy Computing initiative. "We hope it makes people think twice before releasing a virus," he said.
MSBlast infected an estimated 1 million computers by exploiting a serious vulnerability in Windows systems for which Microsoft had released a patch a month earlier.
"Virus writers have damaged Microsoft's reputation by concentrating on writing viruses which spread on Microsoft operating systems," Graham Cluley, Sophos's senior technology consultant, said in a statement. "It's no surprise to hear that they are fed up with this situation and prepared to offer a reward for the capture of these virus writers."
Only time will tell if Microsoft's incentive plan will be effective.
"Hopefully it will put criminals behind bars, but as a deterrent, we'll have to wait and see," said Patrick Gray, director of Internet Security System's X-Force unit. "Bank robbers still rob banks even though rewards are offered and security guards, cameras and other security measures are taken."