The Syrian Electronic Army, a hacker group closely associated with Syria’s president, this week shared documents it allegedly stole that show what Microsoft charges the FBI monthly for information on the software maker’s customers.
Some online publications, including the dailydot.com, have viewed these documents, which are reported to show that the FBI often pays Microsoft hundreds of thousands of dollars per month.
+Also on Network World: FBI expects to roll out malware-analysis system to business to help identify attacks | iPads, smartphones on the front lines in Syria | Syria hit by widespread Internet outage +
Microsoft says it “won’t comment on the validity of any stolen emails or documents. Regarding law enforcement requests, there’s nothing unusual here.” The company goes on to say, “Under U.S. law, companies can seek reimbursement for costs associated with complying with valid legal orders for customer data. As we state clearly in our Law Enforcement Requests Report, we attempt to recover some of the costs associated with any such orders.”
Microsoft did, however, point in the direction of a public disclosure it made in late January that its network had been compromised when some employees were targeted by a phishing attack. At the time, Microsoft said it suspected documents associated with law enforcement requests were stolen.
The documents allegedly stolen by the Syrian Electronic Army and shared with the media this week show a series of e-mails and invoices in which Microsoft’s Global Criminal Compliance team bills the FBI’s Digital Intercept Technology Unit regularly for providing information on Microsoft customers that’s requested by the FBI, according to the Daily Dot article. According to the sampling in the article, one monthly billing appeared to be $352,000, at $200 per request.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org