Japanese government building defensive computer virus; Skynet incoming?

In a move that proves that God illa isn’t the only worldwide threat to emerge from Japan, the Japanese Defense Ministry has been working with Fujitsu since 2008 to develop a defensive, weaponi ed computer virus capable of tracing the path of a cyber attack to its source in order to shut it down, disabling every system it comes across along the way.

With the ability to disable the attacking program on its own and drill to the source of the attack, the implications for widespread damage across the internet are massive. In theory this virus could attack and disable servers and PCs connected to the internet across the globe if pointed at the right target and using an exploit that was considered “ ero day.” That’s the worst kind of doomsday scenario, and the likelihood of every other electronically savvy world power already working on similar virtual weapon platforms for “defense” is pretty high, but this is still alarming news.

The theory of the system is that security equipment detects an attack on a network that it is actively defending. The virus is launched as a defensive measure, and it immediately begins to unravel the attack, disabling middleman machines along the way as it works its way back to the source (pictured right).

The problem becomes obvious almost immediately. The “springboard” computers that are shut down by the virus on the way to the source are likely personal PCs or corporate machines that are being used without the knowledge of their owners. There’s also the issue of the affected machines being in another country, which could open the floodgates of international incidents or worse.

What if the code for this virus was open-sourced, say, for security review? Government entities that throw millions of dollars into electronic warfare applications can build some seriously sophisticated worms, as we’ve seen with high-profile breaches of US corporations by China and Iran’s uranium enrichment plants by (allegedly) the US and Israel. Even Google hasn’t been immune to the war being raged over the internet, with its own breach of hundreds of Gmail accounts back in June. While Google and others have been unable to prove without a doubt that a government is behind the attacks, it’s clear that immense resources are being channeled into the internet as a theater for attacks.

To speculate a possible, admittedly far-fetched scenario, let’s say the Japanese government open-sourced this virus or it was leaked to the internet. Months later a virus could be released that targeted machines using a particular internet protocol that it was told was an offending virus or attack; say, XMPP. XMPP (Extensible Messaging and Presence Protocol) isn’t actually a virus, it’s an open chat standard used by many clients (including Facebook chat) to connect people. But if this virus was told to seek and disable any machines utili ing XMPP… well, you get the idea. Facebook has millions of active users at any given time, and XMPP is a popular protocol for business communication, too (Skype uses it). If the virus was let loose with a ero day vulnerability payload it could wrack up a devastating path of destruction across the internet.

The threat of the latest and greatest virus being unleashed upon the internet is always a concern. The big question is whether governments should be spending their money and research on a virus, defensive or not. Let’s not forget that Skynet started as a defense program built by Cyberdyne Systems for the US. We all know how that “Global Digital Defense Network” ended up.

Japanese government building defensive computer virus; Skynet incoming?