Paul Marks, senior technology correspondent
(Image: Visuals Unlimited, Inc./Victor Habbick/Getty Images)
Japanese defence engineers claim to have developed a computer virus that can be launched online to track down and disable the source of a cyber attack. If true - and many experts are deeply sceptical - it will mean that they have solved one of the major problems dogging the online security arena: the so-called "source attribution problem".
Attackers launching viruses or denial of service attacks can do so by using cascades of proxy servers (or a botnet) to spoof their source internet address. This means locating the origin of the attack is an utterly dastardly problem, with the source often obfuscated in a thicket of servers in countries beyond effective regulation. But in a three-year-project for Japan's Ministry of Defense?the tech contractor Fujitsu has reportedly not only worked out how to solve this attribution problem but also how to destroy the attacking code it meets en route.
The Yomiuri Shimbun says "the virtual cyberweapon" has passed closed network tests in which it jumped between attacking computers, reached the origin of the attack and sent back ID information to its controllers. And all the while cleaning the servers of the attacking code.
Rik Ferguson, director of security research at Trend Micro in Marlow, Buckinghamshire, is not so sure. He says: "It is not a simple matter to 'break into' a computer that is found to be part of a chain of attack. If for example the computer in question is behind a router, using non internet routable IP addresses, the task will be of staggering difficulty, necessitating the compromise of yet another device in order to gain access to the private network."
"If it were possible to backtrack through every stage of the attack chain and examine data then this task would be made significantly more simple, but that is and remains a major challenge ethically, legally and technologically."
Security firm Imperva warns that, like tricks some have tried before, Fujitsu's virus could be "a disaster in terms of going after the wrong people". Sophos, meanwhile, worries that an antivirus virus will greedily drain computer power to do its work - and may even run amok.
But there are measures that can be harnessed to help locate an attack source - and Fujitsu may just have perfected a method that happens to work. If so, Japan's allies will be beating a path to its door. For now, however, the cyber weapon remains wrapped in military secrecy.
Follow Paul on Twitter: @paulmarks12
ali fedotowsky krill oil krill oil black friday 2011 rhodium uppity uppity
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.