A virus for cyberdefense? Japan has something cooking
Fujitsu is said to be working on an active-defense virus amid growing cyberattacks against Japan--which also has a law forbidding the creation of computer viruses.
For several years, Japan has been developing a computer virus that can track, identify, and disable cyberthreats, according to a story in the Yomiuri Shimbun newspaper.
Fujitsu reportedly is working on the cyberweapon for Japan's Defense Ministry under a 178.5 million yen ($2.32 million) project initiated in fiscal 2008 by the ministry's Technical Research and Development Institute.
The system "can identify not only the immediate source of attack, but also all 'springboard' computers used to transmit the virus," the Yomiuri reported, citing anonymous sources.
"Test runs in closed networks have helped the ministry to confirm the cyberweapon's functionality and compile data on cyber-attack patterns."
But whether Fujitsu's "active defense" virus would work in the real world is a big question. Security experts have said it would rarely be effective due to the layered nature of server deployment. Furthermore, innocent third parties could be mistaken for the attackers.
Japan suffered a series of cyberattacks last fall, with targets including major defense contractor Mitsubishi Heavy Industries, the Japanese parliament, and diplomatic missions overseas.
Even Fujitsu was attacked, with denial-of-service hits knocking out some of its cloud-computing services for local governments.
Japanese media have blamed Chinese hackers in some cases, and called for stronger government protection.
The criminal code in Japan prohibits the creation of computer viruses, but a government panel on information security policy is set to discuss cyberweapons in context of their legality as a defense.
Fujitsu, for its part, hasn't said anything about the virus project.