Microsoft is concentrating on large counterfeiters. Donal Keating, its forensics expert,displayed images of forged certificates of authencity.

By ASHLEE VANCE

LA FAMILIA MICHOACANA, the brutal Mexican crime cartel, has expanded into software. Mexican police on a house raid last year found rooms crammed with about 50 machines used to copy CDs and make counterfeit versions of software like Microsoft Office and Xbox video games. Some disks were even stamped with the initials FMM, which stands for Familia Morelia Michoacana.

In its complex battle against the increasing size and sophistication of software counterfeiting operations across the world, Microsoft
checks for fake holograms and replicated disks, top left and right. It also compares certificates of authenticity, left, and stores its evidence.

The cartel evidently sees software piracy as a low-risk, high-profit complement to drugs, bribery and kidnapping. And it is not alone in this among the world’s crime syndicates, escalating worries at companies like Microsoft, Symantec and Adobe.

Groups in China, South America and Eastern Europe appear to have supply chains and sales networks rivaling those of legitimate businesses, says David Finn, Microsoft’s anti-piracy chief. Microsoft has adopted a hard-line stance against counterfeiting.

It has set up a sophisticated anti-piracy operation that dwarfs those of other software makers; the staff includes dozens of former government intelligence agents from the United States, Europe and Asia, who use a host of forensic technology tools for finding and convicting criminals.

But the hunt for pirates carries with it a cost to Microsoft’s reputation. The company’s profit from Windows and Office remains the envy of the technology industry, and critics contend that Microsoft simply charges too much for them.

In countries like India, where Microsoft encourages local police officers to conduct raids, the company can come off as a bully willing to go after its own business partners if they occasionally peddle counterfeit software to people who struggle to afford the real thing.

But Mr. Finn plays down the accusation that Microsoft would face less of a piracy threat if it just lowered prices. “We have seen no connection between piracy rates and price,” he says. “I think it’s a canard.” He argues that Microsoft has no choice but to be aggressive in its fight, saying its immense network of resellers and partners can’t make a living in areas flush with counterfeit software.

He says consumers and businesses are being coaxed into buying counterfeit products that either don’t work or do serious harm by clearing the way for various types of electronic fraud. And, crucially, the counterfeit software cuts into Microsoft’s profit.

A software industry trade group estimated the value of unlicensed software for all companies at $51.4 billion last year. Microsoft has demonstrated a rare ability to elicit the cooperation of law enforcement officials ? not only in India and Mexico, but also in China, Brazil, Colombia, Belize, Malaysia, Chile, Peru and Russia. But Microsoft’s pursuit of software counterfeiters begins in Dublin, at one of the company’s 10 crime labs.

Donal Keating, a physicist who leads Microsoft’s forensics work, has turned the lab into an anti-piracy playpen full of microscopes and other equipment used to analyze software disks.

The undercover operative of this group is Peter Anaman, a lawyer who was born in Ghana ; he taught hand-to-hand combat to soldiers in the French army and then taught himself how to write software. Through three online personas, Mr. Anaman befriends hackers who use stolen credit card numbers to set up Web sites for pirated products.

“It is part of gathering human intelligence and tracking relationships,” Mr. Anaman says. Using an artificial intelligence system, Microsoft scans the Web for suspicious, popular links and then sends takedown requests to Web service providers .

“The Web sites look professional,” he says. “And some of them even offer customer support through call centers in India.” He describes the groups behind these sites as “part of the dark Web,” saying they have links to huge spam, virus and fraud networks. About 75 other people, including former agents of the F.B.I., Secret Service and Interpol, work under Mr. Finn.

A former assistant United States attorney in New York, Mr. Finn directs this squad from a Paris office. He says Microsoft spends “north of $10 million” a year on its intelligence-gathering operations and about $200 million on developing anti-piracy technology. The software thieves monitored by Microsoft come in various shapes and sizes.

They include college students and grandmothers. But investigators spend much of their time on large-scale counterfeiters, examining how they produce and distribute their wares . The biggest counterfeit software bust in history occurred in July 2007 in southern China. Authorities found a warehouse where workers assembled disks, authentication materials and manuals and prepared them for shipping.

All told, investigators found $2 billion worth of counterfeit Microsoft software. Software produced by this syndicate turned up in 36 countries. Microsoft has found that operations of this scale tend to include all the trappings of legitimate businesses.

Workers spend years building up contacts at software resellers around the globe, offering them discounted versions of software. Many Microsoft products make users enter an activation code to register the software and have it work properly. The syndicates trade in stolen versions of these codes as well, and sometimes set up their own online authentication systems to give people the feeling they have a legitimate product.

About a decade ago, only a few companies had the expertise or the $10 million needed to buy machines that could press CDs and DVDs. Today, someone can spend about $100,000 to buy second-hand pressing gear. Crucially for Mr. Keating, each press leaves distinct identifying markers on the disks.

He spends much of his time running CDs through a glowing, briefcase-size machine ? and needs about six minutes to scan a disk and find patterns. To the untrained eye, the counterfeit software in Microsoft’s labs appears to be exact replicas, right down to the boxes.

Chinese counterfeiters mimic the built-in hologram simply by placing a holographic sticker across the entire surface of a CD; then they use other machines to erase some of the unique identifiers found at microscopic levels.

Such tactics have pushed Microsoft to create a new type of digital fingerprinting technology that scans a disk’s software code for special defects. The same techniques allow Microsoft to find malicious code that may have been injected in its products. But Microsoft’s anti-piracy efforts can have a public relations fallout.

The company recently altered its policies in Russia after a spate of incidents in which local security services seized computers of advocacy groups and opposition newspapers, using the pursuit of stolen software as a justification. Mr. Finn argues that Microsoft’s anti-piracy efforts and training of law enforcement are a benefit to countries that want to build out their tech sectors and show they value intellectual property. “Intellectual property is a critical engine of economic growth,” Mr. Finn says.

“That’s not just for large companies, but also for small businesses and entire countries. We work with governments that are realizing this is in their best interests."