Leader: Microsoft gets among the hackers and fights dirty

Go on, rat out your mates for $250,000... it's a tempting offer... they'd do the same to you...
Written by silicon.com staff, Contributor

Go on, rat out your mates for $250,000... it's a tempting offer... they'd do the same to you...

Microsoft today announced it is offering bounties to anybody who can provide information which leads to the capture of the virus writers behind SoBig and Blaster.

While the competition is open to all the campaign is actually far more cleverly targeted.

Effectively the tempting purse of $500,000 is being offered to anybody within hacker circles who is willing to rat out one of their close-knit community.

Anti-virus companies have long understood the importance of intelligence gleamed from the virus-writing community and it appears law enforcement - albeit with Microsoft cash - is now also cottoning on. But rather than silently sitting among them this initiative walks into their territory, boldly announces itself and throws a big bag of cash onto the table for the first person to turn informer to walk away with.

The move fundamentally undermines the safety in numbers mentality of the virus-writer and hacker community. If they can no longer trust one another than they lose a lot of their effectiveness and a lot of their shared resource.

By planting doubt, Microsoft may have just made its cleverest move to date in the security sector... albeit against limited competition from its previous efforts.

In the same way football hooligans may be loathe to meet in big groups for fear of one of their number being an undercover BBC reporter, so hackers and virus writers will have to be more careful about the company they keep.

Cynics opposed to that summation may argue that in fact the result could be more damaging. At least if hackers and virus writers are ring-fenced, in large communities, the security companies can infiltrate and understand trends and go unnoticed in their surveillance guise. The argument would be that creating greater paranoia will remove that avenue of investigation.

But let's face it, we've tried it that way for long enough and Blaster and SoBig still happened. Why not try a new approach? It's time to play a bit of hardball with these communities.

Editorial standards