Sasser creator arrested

By Shawna McAlearney, News Writer 10 May 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Sven J. may be a name soon to resound with virus writing infamy. The 18-year-old high school student was arrested in Rotenburg, Germany, in connection with writing and distributing the Sasser worm, which antivirus experts estimate has attacked tens of millions of PCs across the world.

"The Sasser worm has been bombarding vulnerable computer systems with the most significant virus attack of 2004 since it first emerged a week ago," Graham Cluley, senior technology consultant for U.K.-based Sophos, said in a statement. "Seizing this man's computers could provide the vital clues which may break open the underground worm-writing network which has been responsible for not only Sasser, but the Netsky worms too."

"If you scrutinize the most recent Netsky worm, you can see that the author embedded a taunt to antivirus companies, bragging that he also wrote the Sasser worm," added Cluley. "If this is the case, this could be one of the most significant cybercrime arrests of all time."

Apparently, Microsoft's much publicized bounty on the heads of virus writers paid off. Reuters reports that a "group of individuals from Lower Saxony approached Microsoft on Wednesday inquiring about reward money should they turn in the man."

Microsoft has said it will pay the informants if the man is convicted and added that it believes he worked alone in creating the Sasser and Netsky worms, contrary to what some antivirus experts believe.

The monetary impact of Sasser is difficult to quantify, but took a heavy toll, including Germany's Deutsche Post, Britain's coastguard stations and investment bank Goldman Sachs, according to a Reuters report.

"This arrest will provide us with insight into the motivation in which the Netsky/Sasser author operated under," said Geoff Shively, chief technology officer of PivX Solutions Inc. in Newport Beach, Calif. "Is the motivation financial, fame, respect or all of the above?

"In a time where worms are coming out daily, an arrest of this caliber should make people feel a bit more confident in anticybercrime efforts," added Shively. "While we are very far away from a secure Internet, I am quite pleased."

Sophos information about the Sasser worm.

Tags: Information Security Laws, Investigations and Ethics,  Security Awareness Training and Internal Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Information Security Laws, Investigations and Ethics Melissa Hathaway urges more cooperation, government attention to cybersecurity Cybersecurity czar candidate questions clout of new position DHS fills National Cybersecurity Center post FTC shutters rogue ISP for hosting malicious content, botnets Experts optimistic of Obama cybersecurity plan WH cybersecurity plan needs private sector guidance Obama announces creation of cybersecurity coordinator position Cybersecurity Act of 2009: Power grab, or necessary step? Face-off: Who should be in charge of cybersecurity? Feds should get private sector advice on cybersecurity Security Awareness Training and Internal Threats Creating a HIPAA employee training program Successful rogue antivirus hinges on social engineering External attacks start with unintentional mistakes, survey finds Security technologies fail to address insider threat management Data breach avoidance begins with security basics, panel says Monitoring program data and internal controls for risk management Software security threats and employee awareness training Twitter risks, Facebook threats trouble security pros Social engineering training could disrupt botnet growth How to write a risk methodology that blends business, security needs

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary CALEA  (SearchSecurity.com) cyberstalking  (SearchSecurity.com) FERPA  (SearchSecurity.com) HSPD-7  (SearchSecurity.com) I-SPY Act  (SearchSecurity.com) Information Awareness Office  (SearchSecurity.com) intelligence community  (SearchSecurity.com) lawful interception  (SearchSecurity.com) lifestyle polygraph  (SearchSecurity.com) vulnerability disclosure  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary