blog trackingRealtime Web Statistics Japan | Gregory D. Evans | Worlds No. 1 Security Consultant - Part 2

Posts Tagged ‘Japan’

Japan Reportedly Building Vigilante Virus Assassin Squad

Japan reportedly has paid Fujitsu $2.3 million to build a self-replicating assassin squad — a computer virus it can set loose in the network to track down and eliminate other viruses.

Japanese newspaper Yomiuri Shimbun reported that the Defense Ministry’s Technical Research and Development Institute began developing the anti-viral virus in 2008. The government agency in charge of weapons development paid the heavy industries firm $2.3 million (178.5 million Yen) to create a virus that can analyze cyberattacks and even identify their source.

PHOTOS: Top 10 Disruptive Technologies of the Last Century

It sounds like an answer to Stuxnet or Duqu — cyberweapons so potent that one security official called them “the hydrogen bomb of cyberwarfare.â€� And the cyberwar is clearly heating up, said Dave Aitel, president and CEO of security firm Immunity Inc.

“Stuxnet was just the beginning,� Aitel told “Self-replicating code is an important part of any national arsenal … the Japanese are just getting started.�

The cyberdefense tool would be able to trace an attack to its source, the paper reported, along the way disabling it and collecting key information. Such a tool is a clear escalation in online warfare, said Jeff Bardin, chief security strategist for Treadstone 71.


“The Japanese model represents a communicated and demonstrated increase in virtual arms escalation,â€� Bardin told “It ups the ante to a new level that may not be sustainable, especially when — not if — the code for the ‘good’ virus gets out.â€�

He argues that such a tool, while perhaps inevitable, may lead us into full cyberwarfare.

“The most virulent … virtual arms will not be used unless there is either an all out cyberwar raging — or someone wishes to start one.â€�

To that end, defense cybertools are a clear necessity for any nation. But are “good viruses� a good idea? A renegade virus running loose, like a ghost in the machine, may be anything from a far-fetched fantasy to a potentially very, very bad idea, others argue.

“An out-of-control ‘good’ virus could spread randomly or unexpectedly from machine to machine, meaning it may be hard to contain,â€� wrote Graham Cluey, senior technology consultant for security firm Sophos.

BLOG: Finally! Mysterious Cipher Code Cracked

“All programs, including viruses, contain bugs that can have unintended and damaging consequences,” he said.

Aitel disagrees, saying the concept of “anti-viral viruses” has already proved successful in early tests.

“Our firm did some early research on self-replicating attack code which we called ‘Nematodes.’ And we found out that it’s not that hard to do this type of program. It’s possible to develop a controllable and effective worm,” he said.

Indeed, tests of Fujitsu’s defensive cyberweapon run in closed networks in Japan confirmed its functionality, The Yomiuri Shimbun reported.

BLOG: Video Hits a Trillion Frames Per Second

Keio University professor Motohiro Tsuchiya, a member of a government panel on information security policy, told the paper that Japan should accelerate anti-cyberattack weapons development immediately, arguing that other countries have already launched similar projects.

Bardin agreed, arguing that all countries will find themselves forced to respond, either with defensive tools or more aggressive cyberweapons.

“Stuxnet took it to another level,� he told

More from FoxNews/SciTech Cyberbomb That Hit Iran Was 1 of 5 Weapons, Researchers Say Iran Admits Nuclear Sites Hit by ‘Duqu’ Cyberweapon Science Fiction-Style Sabotage a Fear in New Hacks

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Japan testing ‘virus’ cyberdefence weapon, reports say

The Japanese authorities have tested a ‘virus’ cyberweapon capable of tracing and disabling computers being used in cyberattacks against the country, a newspaper in the country has reported.

Quoting anonymous sources said to be connected to the project, The Yomiuri Shimbun said that Japan’s Defense Ministry’s Technical Research and Development Institute began developing the program three years ago in conjunction with Fujitsu, since when it had been tested on a closed network.

What they’ve ended up with sounds like the first of a type of multipurpose program many experts suspect other countries are also developing, namely one capable of quickly identifying the chain of servers and computers being used in different types of cyberattack scenario.

These would include DDoS attacks, those in which a large number of computers are used to attack a company’s or country’s computing infrastructure, but also subtler attacks designed to steal data.

In either case the program is described as being able to disable an attacking resource, which is probably where the trouble starts from a Japanese legal standpoint.

The country has strict laws on producing programs that could be construed as malware let alone wielding them in a cyberwar context that inevitably blurs the distinction between defence and attack.

It is generally assumed that all countries (especially the US and its allies that had previously taken a benign view of the Internet) are developing programs for cyber-defence and offence. These are almost never talked about beyond a few veiled references in speeches by senior politicians.

This has begun to change very slowly in the aftermath of 2010’s Stuxnet affair, a program believed on the basis of circumstantial evidence to have been created with the sole purpose of attacking Iran’s nuclear program.

Japan’s willingness to drop hints about its plans might have something to do with a recent spate of attacks on the country’s Government infrastructure. These include attacks on the country’s defence contractors, its politicians, and leading industrial sectors.

Article source:

View full post on National Cyber Security » Computer Hacking

Japan tasks Fujitsu with creating search-and-destroy cyber-weapon

Zombie boss hunter developed in lab Fujitsu has been commissioned to develop ‘seek and destroy’ malware, reportedly designed to track and disable the sources of cyber-attacks.…

View full post on hacking tools – Yahoo! News Search Results

View full post on National Cyber Security

Japan working on defensive cyberweapon

Japan’s defence ministry is in the process of developing a computer virus capable of tracking, identifying and disabling sources of cyber-attacks, The Yomiuri Shimbun has learned.

The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment.

Cyberweapons are said to already be in use in countries such as the United States and China. However, in Japan there is no provision on the use of cyberweapons against external parties in existing legislation on foreign attacks. With this in mind, the defence and foreign ministries have begun legislative consideration regarding the matter, according to sources.

The three-year project was launched in fiscal 2008 to research and test network security analysis equipment production. The defence ministry’s Technical Research and Development Institute, which is in charge of weapons development, outsourced the project’s development to a private company. Fujitsu Ltd won the contract to develop the virus, as well as a system to monitor and analyse cyber-attacks for 178.5 million yen (US$2.32 million).

The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all “springboard” computers used to transmit the virus.

The virus also has the ability to disable the attacking programme and collect relevant information.

Test runs in closed networks have helped the ministry to confirm the cyberweapon’s functionality and compile data on cyber-attack patterns.

According to the sources, the programme can identify the source of a cyber-attack to a high degree of accuracy for distributed denial of service (DDoS) attacks, as well as some attacks aimed at stealing information stored in target computers. In DDoS attacks, hackers send target websites enormous volumes of data, eventually forcing them to shut down.

Cyber-attacks, however, were not included in a 2005 cabinet decision outlining the type of attacks against which the right to self-defence can be exercised.

Under the current situation, there is a high possibility that cyberweapons cannot be used against external parties.

The use of the weapon could be considered a violation of the clause banning virus production under the Criminal Code.

Keio University professor Motohiro Tsuchiya, a member of a government panel on information security policy, said Japan should accelerate anti-cyber-attack weapons development by immediately reconsidering the weapon’s legal definition, as other countries have already launched similar projects.

Tsuchiya said the panel also will discuss the issue.

However, a defence ministry official said the ministry is not considering outside applications for the programme as it was developed for more defensive uses, such as identifying which terminal within the Self-Defense Forces was initially targeted in a cyber-attack.

Fujitsu declined to comment about the programme, citing client confidentiality.

Article source:

View full post on National Cyber Security

Japan developing cyber weapon: report

Japan has been developing a virus that could track down the source of a cyber attack and neutralise its programme, the daily Yomiuri Shimbun reported Sunday.

View full post on cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Japan plans smart grids that could treat energy ‘like network data’

Using concepts from IT and networking, a Japanese consortium plans to develop large-scale energy grids that will handle power the way the Internet handles data, using “routers” and “service providers” to efficiently manage and direct the flow of electricity.

The Digital Grid Consortium, which was officially founded in September and includes NEC among its members, said it will build experimental systems next year, and aims to launch large grid services to try out the concept after three years.

The group’s fundamental aim is the development of technology to track units of energy across an entire grid, tagging them with their source and destination similar to the way data packets are handled on the Web. This will require grid addresses for everything from power plants to individual homes, along with routers that can convert and shuffle the energy units to where they are needed.

Pressing need in Japan

“This is a mechanism that will allow electricity to be sent out, or transferred back in any direction as required. This is something that doesn’t exist in current smart grids, which are only really used to monitor electricity,” said Rikiya Abe, a Tokyo University professor who serves as representative director of the consortium.

Creating power networks that are more intelligent is seen as a pressing need in Japan, which suffered sporadic blackouts after a powerful earthquake and resulting tsunami caused meltdowns at a key nuclear power plant. The central region of the country, which includes Tokyo, is still facing tight supply without the plant.

IT can get into energy

As with the traditional smart grids, the consortium plans for inputs to include existing power plants as well as solar facilities and other alternative sources. Local power storage such as large-capacity batteries in homes will be another key element, said Abe, as currently the entire grid must be built to handle peak loads.

Energy and financial exchanges on a grid would be managed by “service providers” which would be able to track and charge by distinct units of energy. Much of the day-to-day transactions could be virtual, similar to the way currency exchange markets work today, he said.

“This creates discussions about how an IT and networking company like NEC, which also has a battery business, can enter the energy industry,” said Takemitsu Kunio, a senior vice president at the company.

Article source:

View full post on National Cyber Security

‘Hacker’ Group Safecast Crowdsources Radiation Data in Japan

By: Jenny Marder

We officially launch a new feature today we’re calling “Science Thursday.” Each week, we’ll feature an online-exclusive multimedia piece on a topic in the world of science and technology.

Here’s what’s up first. On Thursday’s NewsHour, science correspondent Miles O’Brien reports on a grassroots group called Safecast that is measuring and mapping data on radiation contamination from locations around Japan after this year’s devastating earthquake.

While in Tokyo, Miles spoke to Hari Sreenivasan about his trip with Safecast workers into the voluntary exclusion zone around the Fukushima Daiichi nuclear plant, where they detected levels reaching the equivalent of six X-rays per day.

He also filled us in on his conversations with Japanese officials working in evacuated areas and Japanese residents eager for more information about the consequences of the nuclear accident.

Find more coverage on our science page.

Article source:

View full post on National Cyber Security » Computer Hacking

New cyber attack on Japan parliament

Japan’s parliament has come under cyber attack again, apparently from the same emails linked to a China-based server that have already hit several lawmakers’ computers, an official said Wednesday.

View full post on cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Japan to prep for cyber-attack by sending ‘infected’ e-mail to staff

The e-mails with an attachment containing the fake virus will be sent to the employees. -Yomiuri Shimbun/ANN

View full post on cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Gergory Evans

U.S. government concerned at hacking of Japan arms firms

TOKYO (Reuters) – The United States on Wednesday expressed concern about recent cyber attacks on defense contractors in Japan, which build U.S.-designed missiles, warships and military aircraft, calling for the attacks to be taken seriously.

Experts speculated that the cyber assaults announced this week, the first on Japan’s defense industry, may have included the Stuxnet computer virus which has been described as a guided cyber missile which targets industrial control systems.

“Cyber security must be a public-sector priority,” U.S. embassy spokeswoman Karen Kelley said.

One industry source said Washington has been pressuring Japan to step up security against cyber assaults.

The attacks on Japan’s top defense contractor Mitsubishi Heavy Industries, which builds F-15 fighter jets, Patriot missiles and nuclear reactor parts, and on other contractors, may have come from a nation state, some experts said.

Mitsubishi Heavy is also involved in the development of a ship-launched surface-to-air missile designed for the U.S. ballistic missile shield and is therefore privy to highly-sensitive weapons technology.

Similar attacks earlier this year, which included one on the U.S. defense industry, were said to have originated in China. Chinese authorities denied having anything to do with those or the latest ones reported in Japan.

Japan’s defense industry, supplied by a slew of small and medium-size firms with key technologies, is seen as particularly vulnerable to cyber attacks.

“Many of these small firms could have been hacked in the past, without anyone noticing,” Kobe University Professor Masakatsu Morii said.

Computers at Mitsubishi Heavy, Japan’s biggest weapons maker, were subject to an online assault in August. The company,

which supplies over 20 percent of Japan’s defense equipment, said that some network information, such as IP addresses, may have leaked.

An outside contractor is now checking to see if any sensitive data had been breached.

“I believe this is probably the first example of a Stuxnet attack in Japan,” said Yoshiyasu Takefuji, a cyber-security expert at Keio University.

Mitsubishi Heavy said that it has so far found eight viruses, none of which were Stuxnet.

The Stuxnet computer worm, which some suspect was created by the United States and Israel, targets industrial control systems sold by Siemens and used widely in infrastructure including nuclear power generators, chemical factories, water distribution systems and pharmaceutical plants.

Mitsubishi Heavy delayed reporting the breach to the defense ministry, which may have been a violation of its military supply contracts.

A second Japanese military contractor, IHI Corp, which builds engine parts for fighter planes, said its employees had been subject to a growing number of suspicious e-mails which it had informed the police about.

Kawasaki Heavy Industries, a maker of airplanes, helicopters and rocket systems, has also been receiving virus-tainted e-mails, the company confirmed on Tuesday.

(Reporting by Tim Kelly, James Topham, Isabelle Reynolds and Mayumi Negishi; Editing by Michael Watson and Jonathan Thatcher)

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Page 2 of 2«12

My Twitter

Gregory D. Evans On Facebook