Virus Could Disable Cyberattack Source
January 5, 2012 by UPI - United Press International, Inc.
TOKYO, Jan. 4 (UPI) — Japanese computer scientists say they’ve developed a computer virus that can be launched online to track down and disable the source of a cyberattack.
While many computer experts say they remain skeptical, such a development would solve one of the major problems encountered by the online security community — the so-called source attribution problem.
Attackers can launch malicious viruses or denial of service attacks by using layers of proxy servers or a botnet to disguise their source Internet address, masking the true origination of the attack. The Japanese company Fujitsu, working on a three-year project for the Japanese Ministry of Defense, said it’s not only worked out how to solve this attribution problem but also how to destroy any attacking code it meets en route, NewScientist.com reported Wednesday.
“The “virtual cyberweapon” has passed tests in closed networks in which it jumped between attacking computers, reached the origin of the attack and sent back ID information to its controllers, the Yomiuri Shimbun reported.
Rik Ferguson, director of security research at British company Trend Micro, says he’s not so confident in the results.
“It is not a simple matter to ‘break into’ a computer that is found to be part of a chain of attack,” he said. “If it were possible to backtrack through every stage of the attack chain and examine data then this task would be made significantly more simple, but that is and remains a major challenge ethically, legally and technologically.”
Security firm Imperva warns a defensive virus such as Fujitsu’s could be “a disaster in terms of going after the wrong people.”