Microsoft’s game of cat and mouse

Associated Press

SEATTLE — Microsoft security experts tried and failed to catch the hacker in a more than weeklong game of electronic cat and mouse through the computer software giant’s vast system, company officials disclosed Monday.

"We are continuing to work closely with law enforcement," said company spokesman Rick Miller. "Beyond that, we really can’t say much more."

Company officials believe the hacker had access for about 12 days, but only to the source code, or blueprint, for a single product that is still in the early stages of development. That contrasts to initial company statements that the hacker could have been rummaging through the Microsoft network for as long as five weeks.

Miller acknowledged the hacker could have been in the system longer but said the company is confident that high-level access occurred only between Oct. 14 and Oct. 25.

Even with low-level access, the hacker could have opened corporate e-mail and read other confidential information, Miller said.

Mark Rasch, a former Justice Department official and now vice president of the Reston, Va.-based computer security firm Global Integrity, said Microsoft’s failure to catch the hacker is not surprising.

"Only the dumb ones get caught," Rasch said. "Microsoft’s experience is not atypical, especially if the bad guy was smart."

After the network administrators reported suspicions that a hacker could be inside the system to Microsoft security on Oct. 14, sources said the company monitored the intruder’s progress through the system as he tried to upgrade his security clearances. The hacker did manage to access the source code, or blueprints, to one product, the company said.

The company then tried to track the intruder on its own, sources said, but had little luck determining where his commands were coming from. Hackers often use other computers across the Internet, often ones they have previously broken into, to "bounce" their data around to confuse trackers.

"There’s always a trade-off between shutting them down and continuing to let them go while you investigate," Rasch said.

After law enforcement joined the investigation on Oct. 26, sources said there was little improvement. Microsoft was forced to shut down all the questionable accounts and barred outside access to the network for a time to stop the hacker from accessing more confidential data.

The company believes that its systems are now secure again, but would not confirm how the breach took place.

Media reports have said the hacker used a "Trojan" — a tool masquerading as an innocent file or program, usually sent through e-mail — that requires the recipient to click on it.

Copyright ©2000 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Talk to us

More in Local News

FILE - A sign hangs at a Taco Bell on May 23, 2014, in Mount Lebanon, Pa. Declaring a mission to liberate "Taco Tuesday" for all, Taco Bell asked U.S. regulators Tuesday, May 16, 2023, to force Wyoming-based Taco John's to abandon its longstanding claim to the trademark. (AP Photo/Gene J. Puskar, File)
Hepatitis A confirmed in Taco Bell worker in Everett, Lake Stevens

The health department sent out a public alert for diners at two Taco Bells on May 22 or 23.

VOLLI’s Director of Food & Beverage Kevin Aiello outside of the business on Friday, May 19, 2023 in Marysville, Washington. (Olivia Vanni / The Herald)
Coming soon to Marysville: indoor pickleball, games, drinks

“We’re very confident this will be not just a hit, but a smash hit,” says co-owner Allan Jones, who is in the fun industry.

Detectives: Unresponsive baby was exposed to fentanyl at Everett hotel

An 11-month-old boy lost consciousness Tuesday afternoon. Later, the infant and a twin sibling both tested positive for fentanyl.

Cassie Franklin (left) and Nick Harper (right)
Report: No wrongdoing in Everett mayor’s romance with deputy mayor

An attorney hired by the city found no misuse of public funds. Texts between the two last year, however, were not saved on their personal phones.

Firearm discovered by TSA officers at Paine Field Thursday morning, May 11, 2023, during routine X-ray screening at the security checkpoint. (Transportation Security Administration)
3 guns caught by TSA at Paine Field this month — all loaded

Simple travel advice: Unpack before you pack to make sure there’s not a gun in your carry-on.

Heavy traffic northbound on 1-5 in Everett, Washington on August 31, 2022.  (Kevin Clark / The Herald)
To beat the rush this Memorial Day weekend, go early or late

AAA projects busy airports, ferries and roads over the holiday weekend this year, though still below pre-pandemic counts.

Logo for news use featuring the municipality of Snohomish in Snohomish County, Washington. 220118
Troopers: DUI crash leaves 1 in critical condition in Maltby

A drunken driver, 34, was arrested after her pickup rear-ended another truck late Tuesday, injuring a Snohomish man, 28.

Housing Hope CEO Donna Moulton raises her hand in celebration of the groundbreaking of the Housing Hope Madrona Highlands on Tuesday, May 23, 2023 in Edmonds, Washington. (Olivia Vanni / The Herald)
$30M affordable housing project to start construction soon in Edmonds

Once built, dozens of families who are either homeless or in poverty will move in and receive social and work services.

A south-facing view of the proposed site for a new mental health facility on Thursday, Oct. 13, 2022, near 300th Street NW and 80th Avenue NW north of Stanwood, Washington. (Olivia Vanni / The Herald)
County Council OK’s Stanwood behavioral health center

After an unsuccessful appeal to block it, the Tulalip Tribes are now on the cusp of building the 32-bed center in farmland.

Most Read