Reports that the Japanese Government is developing its own computer virus has led analysts to speculate about a possible cyber "doomsday" scenario.
The Anti-Virus Virus
Reports that the Japanese Government had paid Fujitsu to develop a new computer virus designed to combat cyber-threats broke on Wednesday via Japanese newspaper The Yomiuri Shimbun.
In its report the paper suggested the government was funding the development of a virus capable of tracing the source of cyber-attacks and allowing authorities to detect, track and disable hostile viruses and computer networks.
Though the development of the cyber-defense measure was reported as starting all the way back in 2008, the paper went on to suggest that the virus was in part a response to the 2011 Trojan virus attack on Japanese defense contractor Mitsubishi Heavy Industries.
As well as the development of the new virus, numerous media outlets went on to report that the government was also formulating new legislation outlining its cyber-security policy and the terms under which the new cyber-weapon could be used.
Cyber-Woes on the Horizon
The news that Japan was potentially developing and willing to use its own computer virus immediately sent ripples across the security world, with numerous analysts concerned that the weapon's existence may prompt similar programmes by other nations, potentially leading to a new cyber Cold War - Britain and America already have such programs.
Chief among the concerned analysts was Sophos Naked Security's Graham Cluley. In his analysis Cluley expressed concerns that, even if the virus is purely defensive, it would be nigh-impossible to contain if used.
"An out-of-control 'good' virus could spread randomly or unexpectedly from machine to machine, meaning it may be hard to contain.
"Should anti-virus software be updated to protect against the 'good' viruses as well as the regular viruses, for those who want to decide what runs on their computers and what doesn't? A 'good' virus may trigger false positives from security software, costing time and money as IT departments respond to the alerts," wrote Cluley.
Continuing: "All programs, including viruses, contain bugs that can have unintended and damaging consequences. If your 'good virus' needs an urgent bugfix, would you release *another* virus to try and catch it up?"
Building on Cluley's comments, other analysts have also highlighted the potentially harmful political ramifications of Japan's reported virus, pointing out that, were it to cross national borders, Japan and the rest of the world's governments could find themselves in a very awkward situation
As pointed out by next to every security expert, the world's governments' current approach and laws regarding cyber-crime are at best misguided and at worst ineffective.
The U.S.'s May 2011 report that it may treat hostile attempts on its computer networks as deliberate acts of war caused particular concern.
News of the U.S. government's potential policy came in May 2011, after a leaked report from the Pentagon about its policy on cyber attacks was published in the Wall Street Journal.
The report suggested American officials had already confirmed that any deliberate infiltration of its secure networks would be considered an "act of war."
An unidentified Pentagon spokesman also reportedly revealed to the Wall Street Journal that the country would be willing to meet any cyber attack with full-on real-world military action, "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," it reported an unnamed Pentagon source as commenting.
While tempered, the harsh defense strategy looked more likely than ever to be implemented when the U.S. Department of Defense's Cyberspace division released its latest policy report, reiterating it would respond to cyber-attacks as it would any real world assault.
Specifically the report stated the U.S. Government would reserve "the right to defend these national security and vital national assets as necessary and appropriate." Clarifying; "When warranted, we will respond to hostile acts in cyberspace as we would to any other threat."
How this policy would apply to Japan's new anti-virus remains vague, though as pointed out by numerous security industry sources, it certainly wouldn't be a simple case of forgive and forget.