Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Japan’s Plan for ‘Good Computer Virus’ Sparks Debate

JapanPlans for "Good" Computer Virus to Attack Attackers

Japan Developing “Good” Computer Virus That Will Attack The Attackers

JapanPlans for "Good" Computer Virus to Attack Attackers

Japan Developing “Good” Computer Virus That Will Attack The Attackers

The words “good” and “virus” may look funny stuck together in a headline, but the words have become a popular way to describe plans by the Japanese government to use a program designed to attack the attackers.

News of the initiative was reported earlier this week by Japanese newspaper Yomiuri Shimbun. According to the paper, the country’s defense ministry commissioned Fujitsu to develop the cyber-weapon back in 2008. Since then, the program has been tested in a closed network environment. The virus has the ability to trace the sources of an attack and springboard to computers used to transmit the malware, as well as disable the attacking program and collect relevant information.

The prospect of such a weapon however has given some security experts pause. Anup Ghosh, chief scientist at Invincea, is among them. Self-propagating code adds risk “any time you do it,” he told SecurityWeek. For example, the Morris worm was not written to cause damage, he noted. Yet it ended up causing a massive disruption of the Internet in 1988.

Attacking the Attackers

A slightly different but more recent example would be the Sony BMG rootkit scandal. In that case, Sony BMG (now defunct) was revealed in 2005 to be including rootkit functionality in digital rights management software on its music CDs that was automatically installed on Windows computers whenever the customer tried to play the CDs. The rootkit left consumers open to viruses written to abuse the technology, thereby creating a new security hole.

Other examples of attempts to create good viruses in the past include the Cruncher virus and malware designed to fight child abuse images and report its findings to authorities, noted Graham Cluley, senior technology consultant with Sophos.

“But the simple truth is that none of them have needed to be viral to deliver their positive benefit,” he blogged. “And, similarly, I suspect that the Japanese don’t need to develop viral code to fight a malware infection. Anything which can be done by viral code can be done – with less headaches – by non-replicating software. When you’re trying to gather digital forensic evidence as to what has broken into your network, and what data it may have stolen, it’s probably not wise to let loose a program that starts to trample over your hard drives, making changes.”

Then there are the murkier issues of ethics, such as the lack of permission to install a program on someone’s computer, Ghosh said. There is also the prospect of malware utilizing the virus in some way to compromise machines – something that happened in the case of the Sony BMG rootkit – as well as the possibility the good virus itself does damage to a user’s computer in some way, he added.

Advertisement. Scroll to continue reading.

Still, nations have “special considerations” and a different set of ethics to abide by than companies, argued Sean Sullivan, security advisor for F-Secure Labs.

“I think it is difficult to imagine anyone outside of governments creating ‘white worms’ and even then as an antivirus company, we wouldn’t do anything to prevent our technology from detecting or blocking such technology,” he said. “To us, a worm is a worm is a worm…It would be completely unethical to use in the private sector against cyber-criminals.”

“I totally think a white worm would…fly in the United States, for DHS (Department of Homeland Security) national security reasons,” he added. “If the government thinks they need to use it, they will. The Air Force has already hinted at developing counter-attack technologies, but they’ve been smart enough not to term it as a cyber-weapon virus.”

Regardless, the approach taken by the Japanese government will not cure the cyber-security problem, Yuval Ben-Itzhak, CTO of AVG Technologies, told SecurityWeek.

“Protecting against computer viruses requires a layered security solution rather just a single method,” he said. “This is how the security vendors are approaching the problem. Having today’s layered security products, for a worm to spread across computers without them explicitly allowing it, is a challenge the author of this tool will find almost impossible to solve.

“Microsoft, Google (and) Apple are delivering with their operating systems a feature that enables them to remove/isolate a known threat – even so, virus authors and security researchers manage to find ways to bypass it,” he added. “When you raise the bar on one side – either cybercriminals or security vendors – the other side reacts as well – this is how the security market has operated for many years.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...