Fujitsu develops virus to track and destroy cyberattacks
Late last year, the Japanese Parliament and multiple defense contractors in Japan experienced a series of cyberattacks that exposed holes in Japan’s ability to protect sensitive information on its computer networks. Much of the finger pointing pins the blame on China and North Korea, but there is little proof to validate those accusations. In an effort to step up its defensive against computer hackers and viruses, Japan’s Defense Ministry has given Fujitsu Ltd. the task of creating a “cyberweapon” to counterattack belligerents on the virtual battlefield.
Many cyber attacks center around industrial espionage and seek to obtain secret information about products and business operations. However, the breach into central government computers has highlighted the need for Japan to take aggressive steps in protecting its digital infrastructure. Senior officials of Japan’s Self-Defense Force (SDF) have acknowledged that their country’s awareness of cybersecurity is far below that of other nations.
The Defense Ministry’s Technical Research and Development Institute (TRDI) has been involved in the production of cyberweapons since 2008 and its tests on closed networks have yielded positive results. However, current legislation, which defines when the right to self-defense can be exercised, does not allow the use of cyberweapons against attacks that originate from other countries. Any use of a cyberweapon might be viewed as a violation of a clause banning virus production under Japan’s criminal code.
Without approval from the government, Japan is placing itself in a vulnerable position for another computer-based attack. As Japan sits idle, other nations are establishing their own cyberdefense divisions. The United States, Japan’s closest military ally, has created a Cyber Command under the US Defense Department and established a policy to use all means necessary to defend and fight back against computer-based assaults.
As policy makers attempt to augment the current laws governing what actions the military can take, the Defense Ministry already has a weapon in place for use. As part of the TRDI’s three-year $2.3 million cyberdefense project, Fujitsu has developed a “good virus” that is capable of monitoring and analyzing the origins of any incursion on protected networks.
Hunting down the origins of any cyberattack is especially difficult because the attack is regularly hidden behind a veil of proxies and passed through springboard computers. As the software works its way back to the source of the attack it will disable all computers it encounters. This will prevent those machines from conducting another attack in the future. Fujitsu’s virus will also trace connections back to the controlling host before disabling them. Tests of the tool have shown the greatest potential in finding the sources of DDoS attacks, but it still needs to prove itself with the difficult task of countering industrial espionage attacks.
As the US and China accuse one another of network intrusions other countries could be subjected to collateral damage from a virtual arms race. At this point, Defense Ministry officials are saying that the software is intended to protect against attacks to SDF networks and locations. Although the SDF seems to be playing coy about their intentions, they are well aware of the looming threat of future cyberattacks.