---

Microsoft secrets ‘safe’ after hack attack

By Ian Lynch, VNU Net

Microsoft’s corporate network has been broken into by hackers,
but the Redmond giant said source code for its most popular
software was not compromised.

A Microsoft spokeswoman said of the hackers, who could have had
undetected access since July: “This has been a deplorable act of
industrial espionage and we are working with law enforcement
agencies to protect our intellectual properties.”

She added: “We are confident that the integrity of our source
code remains intact.”

According to the Wall Street Journal, access to the network was
gained by emailing a back door into Microsoft’s network, known as
the QAZ Trojan.

Microsoft said: “We are implementing an aggressive plan to
protect our corporate network from unauthorised attempts to gain
access, and are working on both immediate and long-term
solutions.”

Paul Rogers, network security analyst at MIS Corporate Defence
Solutions, said the QAZ Trojan theory is “certainly one of the
three most likely scenarios in this case and seems perfectly
plausible”. Another involves scanning the network for weaknesses,
while a third cause could be a disgruntled employee.

Graham Cluley, senior technology consultant at antivirus
software vendor Sophos, said: “The QAZ surfaced in July but we
didn’t start receiving reports of it in the wild in the West until
early September.

“But really, a decent firewall or antivirus software should have
stopped this happening.”

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis