Fighting Fire with Fire.

Japan has issued a contract to research the development of a virus which could counterattack malware sources.

http://nakedsecurity.sophos.com/2012/01/03/japan-cyber-weapon-bad/

This idea comes up from time to time, to use hackers’ own weapons and techniques against them instead of only playing defense.   There’s even a course dedicated to it now.

Some of these countermeasures are great ideas: Honeypots waste an attacker’s time and can collect data on them.  Tarpits can tie up the attacker’s network connection.

Sending out “good” viruses seems like a logical step, but it’s probably not a good idea.

Sending out self-replicating code can have ripple effects that are not always considered when the code is written.  For example, the Stuxnet virus which was seemingly created to only target Iranian nuclear facilities still ended up spreading into Eastern Europe and causing problems on some systems (which is how the virus was discovered).

Taking specific and limited action against a hostile IP address is a reasonable and sometimes necessary action.  Virus code is neither specific nor limited.  It cannot be controlled once released to the Internet.

It would be like trying to clean out dead underbrush by setting a fire.  You think it will just burn all the dead stuff and then peter out, but the possible repercussions make it highly irresponsible and dangerous to do.

So lets just keep this research as research and not go anywhere else with it.

OK, Japan?

 

Advertisements

2 responses

  1. Perhaps a national antivirus/antimalware system would be much more effective. Having it as an install on all computers in the nation, with all the computers reporting back to HQ with all the new strains of viruses.

    People might cry ‘Big Brother’ over this, but perhaps, having such a large database of exploits and viruses might be beneficial to all. Kaspersky and Symantec already do this, so couldn’t this be done on a national level?

    • I like the idea of a national virus/malware database. I’m certain the NSA or FBI has one already, but it should be usable by the public.

      However, mandatory software installs are problematic on many fronts. Apart from the ‘Big Brother’ factor mentioned, is the government going to maintain branches of this software for every OS out there? And what if you need every cycle of computing power available in your machine, or the government antivirus interferes with some other processes on your machine?

      Offering a national antivirus package is fine, but legally requiring it is a non-starter.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s