Japanese Government to Deploy Defensive Malware
The Japanese government has decided to create and maintain defensive malware in a bid to secure the country against cyberattacks.
Catalin Cimpanu, security reporter at ZDNet, writes, “The Japanese Defense Ministry will create and maintain cyber-weapons in the form of malware that it plans to use in a defensive capacity.”
The ZDNet report says that according to the Japanese media, these malware strains, which include viruses and backdoors, would be Japan’s first-ever cyber-weapon. The Japanese media have made this statement citing a government source.
Japan intends to finish the creation and deployment of the malware, which, as per reports, is to be created by contractors and not by government employees, by the end of the current fiscal year. There are of course no official details available about the capabilities of the malware that the Japanese government intends to create. No details have been divulged as to how these would be used, but it has been suggested that these would be used only when there are attacks targeting the country’s institutions.
The ZDNet report observes, “The news comes as the Japanese military has been expanding and modernizing to keep up with modern times and to counteract China’s growing military threat in the region…As part of this modernization effort, the Japanese government plans to expand its military’s reach into “cyber,” which NATO formally declared as an official battlefield in June 2016, next to air, ground, and sea.”
“Japan becomes just the latest country to formally recognize that it owns and develops cyber-weapons. The others include the US, the UK, and Germany. Israel, China, Russia, North Korea, and Iran are countries that own, develop, and aggressively use cyber-weapons, but they’ve never formally acknowledged it,” the report further notes.
Though this decision by Japan is being justified as sort of a deterrent move, Catalin Cimpanu feels that this is a rather foolish approach. He cites the case of the U.S, which is constantly being targeted by hackers from other countries (Russia, China, Iran, North Korea etc) despite having large and dangerous cyberweapons ready on its side.
We had reported earlier that Japan had passed legislation earlier this year allowing the NICT (National Institute of Information and Communications Technology) to hack into IoT devices of its citizens by using default or weak login credentials. This was planned as part of an intended survey of insecure devices, seeking to make a list of such insecure IoT devices and to make plans to alert users about the security issues. We had reported that this move was planned ahead of major events including the Tokyo Olympics slated for 2020.
Earlier in 2012, Japan had contracted Fujitsu to create “search and destroy” malware, but this move didn’t yield the expected kind of results.