Feeds

Betting on Malware

Predicting viruses and worms

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

DARPA's plan to create a futures market for terrorist activities is dead, but the concept is a natural for predicting viruses and worms, says SecurityFocus columnist George Smith.

The fun folks at DARPA were at it again last week, cooking up projects at the nexus of security and the war and terror that somehow manage to offend everyone. First there was the Total Information Awareness project. Next came the misnamed Combat-Zones-that-See, a scheme to use artificial intelligence and thousands of cameras hooked to PCs to track the comings and goings of your auto.

Last week's was called the Policy Analysis Market, a futures betting parlor that would magically reveal rugged intelligence on terrorism activities. It would do this by being a sophisto gambling joint for the insider minds on terror.

People who knew, or thought they knew, willing to plunk down their own money on probabilities and predictions would show trends and spikes in terrorism and geopolitical upheaval.

It was a rotten thing, said the Senate. We're not going to allow the anonymous to bet on death and destruction. They might incite it, and inside trading terrorist groups could prosper. Plus, it bore the mark of John Poindexter -- a man whose motto, at least in the national defense arena, could be, "I bring bad things to life."

The Policy Analysis Market website was flying high last Tuesday morning, but before noon PST, it was gone. I have banished everything to do with this, indicated Tony Tether, director of DARPA. We were so foolish.

Poindexter was also alleged to be polishing his resignation by week's end.

I can agree with all of that. But a dirty little secret of security affairs is that every discipline has its speculators.

In computer security, or virus prediction, you can pick up the trades and pluck their names from the weekly news.

Who is foretelling the melting of the Internet, the failure of the power grid due to remote attack, the zero-day worm?

Here, however, we are confined to virtual destruction and chaos. If a Policy Analysis Market existed for this, it could be defended on the basis that it's much less ambitious and only has to do with bloody computers.

It would be interesting to see it separate the shrewd soothsayers from those who perform just for the jazz, the outrageous claim in print or on TV.

The Richard Clarkes of the world would have to be cautious. Larding up their accounts with long and short range bets on electronic catastrophes would be catastrophic to their wallets.

Those who might do well would be the people willing to hedge their predictions, or who went for small bets on cybertrouble at the grass roots level -- like picking the top three computer viruses for the next quarter, or the growth percentage for spam in the next six months. You couldn't go wrong on the near term prospects for Klez, Bugbear and Sobig.

Another fruitful avenue to wealth would be in the highly technical prediction of the mechanics of worms and cyberattacks. Computer scientists have proven adept at recognizing emerging vulnerabilities and before-the-fact potentials for computer viruses.

Betting futures on such things would be easy. The hard part would lie in the realization that the possession of such intelligence does not automatically guarantee that the nation-at-large benefits from it.

Case in point -- the arrival of Word macro viruses many moons ago. Anti-virus developers, computer science analysts -- all had warned Microsoft that Word viruses were going to happen. Then they did, and they did, and they did. And more time went by before anyone at the software giant got worked up enough to do anything about the first wave of them.

There would also have to be some defenses erected against insider trading and gaming of the system -- big time sanctions for those caught betting on things like the prevalence of computer viruses armed with pre-press release data from, let's say, MessageLabs.

And it would be only proper to give some type of financial reward to those who predicted spam would crush everything else malicious in your mailbox, well before everyone else got worked up about it.

Now don't think I'm too smug about all this. It's easy to look back and make sport while choosing examples from history to prove a point. I know I'd lose my shirt in a futures market, but I might be tempted to sneak in a few bets on the prospects of Klez.

© SecurityFocus logo

George Smith is a Senior Fellow at GlobalSecurity.org, a defense affairs think tank and public information group. He also edits the Crypt Newsletter and has written extensively on viruses, the genesis of techno-legends and the impact of both on society.

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.