Japan’s cyber defense weapon: a virus

The Japanese Defense Ministry is reported to be in the process of developing a computer virus capable of tracking, identifying and disabling sources of cyber-attacks.

Being developed by Fujitsu Ltd, the virus is supposedly able to trace and disable “not only the immediate source of attack, but also all ‘springboard’ computers used to transmit the virus.” It is the culmination of a three-year 178.5 million yen defensive cyber weapon project.

The news, however, has been met with a combination of dismay and surprise by many of the world’s leading anti-virus companies; all of whom confirm that they would remove any such virus they discover. “A virus is computer code that infects other files by inserting its code into them,” explains Luis Corrons, the technical director at PandaLabs, “so it is impossible to control. As soon as an antivirus company gets access to it, that virus would be detected and disinfected.”

“Developing viruses is never right,” confirms Kaspersky’s Ram Herkanaidu, “and we will treat all of them, regardless of who creates them, as malicious and provide detection for our customers.

The general consensus is that something has been lost in translation. “I'm not sure that what they are developing is really a virus,” explains Stephen Cobb, a security evangelist at ESET. “They may be looking at some form of ‘strike back’ or ‘take down’ capability, but doing that via software in an automated manner would be very risky in terms of collateral damage, unexpected consequences, and legal repercussions.”

For now, such a virus would probably be illegal even in Japan, where the Defense and Foreign Ministries are apparently discussing the legislative issues. However, it is unlikely that such a ‘weapon’ would be acceptable to other countries. In the UK, infection of a computer by any third party would almost certainly be contrary to the Computer Misuse Act.

And it probably wouldn’t work. “The idea of launching a software attack against a cyber attacker strikes me as extremely risky and unlikely to succeed in the long run as attackers will inevitably develop counter-measures. Far better to devote those resources to international cooperation between law enforcement agencies and arrest the perpetrators. We need better deployment of defensive technology and more cyber criminals behind bars, not an escalation of cyber-conflict,” says Cobb.

Subscribe to our Newsletter

Search ALL Articles

Managed V. Non-Managed

 
NON-MANAGED=REACTIVE
MANAGED=PROACTIVE
 
 

ourprivacy.org

US-CERT Latest Warnings

Latest US-CERT Released Warnings