Cyberweapon: Virus can trace, disable sources of cyber-attacks


The Defense Ministry is in the process of developing a computer virus capable of tracking, identifying and disabling sources of cyber-attacks, The Yomiuri Shimbun has learned.

The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment.

Cyberweapons are said to already be in use in countries such as the United States and China. However, in Japan there is no provision on the use of cyberweapons against external parties in existing legislation on foreign attacks. With this in mind, the Defense Ministry and Foreign Ministry have begun legislative consideration regarding the matter, according to sources.

The three-year project was launched in fiscal 2008 to research and test network security analysis equipment production. The Defense Ministry's Technical Research and Development Institute, which is in charge of weapons development, outsourced the project's development to a private company. Fujitsu Ltd. won the contract to develop the virus, as well as a system to monitor and analyze cyber-attacks for 178.5 million yen.

The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus.

The virus also has the ability to disable the attacking program and collect relevant information.

Test runs in closed networks have helped the ministry to confirm the cyberweapon's functionality and compile data on cyber-attack patterns.

According to the sources, the program can identify the source of a cyber-attack to a high degree of accuracy for distributed denial of service (DDoS) attacks, as well as some attacks aimed at stealing information stored in target computers. In DDoS attacks, hackers send target websites enormous volumes of data, eventually forcing them to shut down.

Cyber-attacks, however, were not included in a 2005 cabinet decision outlining the type of attacks against which the right to self-defense can be exercised.

Under the current situation, there is a high possibility that cyberweapons cannot be used against external parties.

The use of the weapon could be considered a violation of the clause banning virus production under the Criminal Code.

Keio University Prof. Motohiro Tsuchiya, a member of a government panel on information security policy, said Japan should accelerate anti-cyber-attack weapons development by immediately reconsidering the weapon's legal definition, as other countries have already launched similar projects.

Tsuchiya said the panel also will discuss the issue.

However, a Defense Ministry official said the ministry is not considering outside applications for the program as it was developed for more defensive uses, such as identifying which terminal within the Self-Defense Forces was initially targeted in a cyber-attack.

Fujitsu declined to comment about the program, citing client confidentiality.

Source & Author: