Experts believe the military is going to start pumping money into the creation of malware as warfare heads into cyberspace.
Patrick Gray – Host of RiskyBusiness Security News Podcast, speaks about the new “arms race” – malware.
Gray says that the significance of Stuxnet is greatly underestimated. It is estimated that Stuxnet delayed Iran’s nuclear program by two years.
Stuxnet was too sophisticated, too technical to be created for the mainstream. It is military software. Estimations say that it took 5 – 10 developers six months and under $10 million to develop. Cheap for government.
The greatest defence is offense, and billions of dollars are being pumped into the military for digital security and as the saying goes, the best defence is a good offense.
Gray believes that defence contractors are going to realise that malware is an area they need to move into with military grade offensive tools.
Just as banning Napster did not solve the piracy problem because it was just a symptom of access to networks where people can replicate media, Wikileaks is just a symptoms of difficulty in securing data.
Gray believes that Wikileaks is just the beginning. Stolen data may be leaked next, or information might be leaked by external hackers.
Problem is that military is outsourcing the development of their digital tools to private contractors. So many people have access to sensitive information.
The Internet group calling itself Anonymous hacked into a security company recently and stole email. They put it online in searchable form. As it turned out the company was well connected with US Military – were working on developing the Magenta Rootkit, a tool for offense not defense. Proving that research is being outsourced by government, not to benefit wider society, but to be used offensively.
“The finest minds are being paid top dollar to create malicious code – we’ve got problems,” says Gray.
Having the world’s computers infected with malware and viruses can in fact be helpful to government.
Gray says that while during the Cold War proliferation of nukes led to mutually insured destruction, now proliferation of digital tools is leading towards the same point. Governments are in a virtual arms race, building up their offensive tools.