Hackers expose flaws at Microsoft and get a look at top-secret codes

By GENE JOHNSON

Associated Press

SEATTLE — The FBI has opened an investigation into a break-in by hackers who penetrated Microsoft’s computer system and got a look at a closely guarded and ultravaluable software blueprint.

Microsoft called it an "act of industrial espionage," but said Friday that the hackers gained access to only one source code for software under development, not for its most popular products, such as Windows ME, Windows 2000 and Office.

"That is very good news," spokesman Mark Murray said.

Source codes are blueprints for computer programs, and Microsoft’s codes are the most coveted in the multibillion-dollar industry.

With access to the codes, competitors could write programs that challenge Microsoft’s products. Hackers also could use the codes to identify software flaws, making break-ins and virus-writing easier.

Microsoft said it contacted the FBI late Thursday. Spokesman Steve Berry confirmed the bureau is investigating but refused to discuss details.

No motive for the break-in has been disclosed, but hackers in the past have tried to extort money from companies after stealing information from their computers and threatening to publish it on the Internet. Other hackers have cracked complex computer systems just for the notoriety or the thrill.

Investors did not seem too concerned. Microsoft stock rose $3.25, or 5 percent, to $67.69 on the Nasdaq Stock Market.

The break-in adds to the woes of a company now appealing a federal judge’s ruling ordering that it be broken up for engaging in predatory business practices.

The hackers, whose intrusion was discovered by Microsoft security personnel Wednesday, got a look at a code for a product being designed for release years from now and did not modify it, company spokesman Rick Miller said. He declined to identify the product.

Experts said consumers and businesses should be relieved. Hackers will not be able to analyze and break into Microsoft programs currently on their computer systems, said Simon Perry, vice president of security solutions at Computer Associates in Islandia, N.Y.

But he said the news is still a blow.

"For Microsoft, that’s a significant loss of intellectual property and a significant loss of a competitive edge," Perry said. "What we would expect is that code now either will appear on the Internet or it will be sold off to the highest bidder, probably overseas."

The company’s top executive stressed the seriousness of the break-in.

"They did in fact access the source codes," chief executive Steve Ballmer said during a meeting in Stockholm, Sweden. "You bet this is an issue of great importance."

Earlier, before Microsoft confirmed that its top programs were safe, Miller said the hacking was "a deplorable act of industrial espionage."

The Wall Street Journal, which first reported the story, said Microsoft found that passwords used to transfer source codes were being sent from the company’s computer network in Redmond to an e-mail account in St. Petersburg, Russia. A source familiar with the case told The Associated Press that the hackers had access to the codes for up to five weeks.

The hackers appeared to have accessed Microsoft’s system by e-mailing software, called QAZ Trojan, to the company’s network and then opening a so-called back door through the infected computer, the Journal reported.

A "trojan" is a hacker’s term for a device similar to the Trojan horse of Greek mythology. It looks like a normal attachment in an e-mail, such as a Word document or picture, but contains a hidden code that can take control of the recipient’s computer.

Bruce Schneier, chief technical officer of Counterpane Internet Security Inc. of San Jose, Calif., said the break-in highlights companies’ general lack of network traffic monitoring.

"If you’re not watching your logs 24 hours a day, seven days a week this is the kind of thing that happens," he said. "Microsoft got whacked and it made the news. But this could have happened to anyone."