Feeds

Betting on Malware

Predicting viruses and worms

  • alert
  • submit to reddit

Website security in corporate America

DARPA's plan to create a futures market for terrorist activities is dead, but the concept is a natural for predicting viruses and worms, says SecurityFocus columnist George Smith.

The fun folks at DARPA were at it again last week, cooking up projects at the nexus of security and the war and terror that somehow manage to offend everyone. First there was the Total Information Awareness project. Next came the misnamed Combat-Zones-that-See, a scheme to use artificial intelligence and thousands of cameras hooked to PCs to track the comings and goings of your auto.

Last week's was called the Policy Analysis Market, a futures betting parlor that would magically reveal rugged intelligence on terrorism activities. It would do this by being a sophisto gambling joint for the insider minds on terror.

People who knew, or thought they knew, willing to plunk down their own money on probabilities and predictions would show trends and spikes in terrorism and geopolitical upheaval.

It was a rotten thing, said the Senate. We're not going to allow the anonymous to bet on death and destruction. They might incite it, and inside trading terrorist groups could prosper. Plus, it bore the mark of John Poindexter -- a man whose motto, at least in the national defense arena, could be, "I bring bad things to life."

The Policy Analysis Market website was flying high last Tuesday morning, but before noon PST, it was gone. I have banished everything to do with this, indicated Tony Tether, director of DARPA. We were so foolish.

Poindexter was also alleged to be polishing his resignation by week's end.

I can agree with all of that. But a dirty little secret of security affairs is that every discipline has its speculators.

In computer security, or virus prediction, you can pick up the trades and pluck their names from the weekly news.

Who is foretelling the melting of the Internet, the failure of the power grid due to remote attack, the zero-day worm?

Here, however, we are confined to virtual destruction and chaos. If a Policy Analysis Market existed for this, it could be defended on the basis that it's much less ambitious and only has to do with bloody computers.

It would be interesting to see it separate the shrewd soothsayers from those who perform just for the jazz, the outrageous claim in print or on TV.

The Richard Clarkes of the world would have to be cautious. Larding up their accounts with long and short range bets on electronic catastrophes would be catastrophic to their wallets.

Those who might do well would be the people willing to hedge their predictions, or who went for small bets on cybertrouble at the grass roots level -- like picking the top three computer viruses for the next quarter, or the growth percentage for spam in the next six months. You couldn't go wrong on the near term prospects for Klez, Bugbear and Sobig.

Another fruitful avenue to wealth would be in the highly technical prediction of the mechanics of worms and cyberattacks. Computer scientists have proven adept at recognizing emerging vulnerabilities and before-the-fact potentials for computer viruses.

Betting futures on such things would be easy. The hard part would lie in the realization that the possession of such intelligence does not automatically guarantee that the nation-at-large benefits from it.

Case in point -- the arrival of Word macro viruses many moons ago. Anti-virus developers, computer science analysts -- all had warned Microsoft that Word viruses were going to happen. Then they did, and they did, and they did. And more time went by before anyone at the software giant got worked up enough to do anything about the first wave of them.

There would also have to be some defenses erected against insider trading and gaming of the system -- big time sanctions for those caught betting on things like the prevalence of computer viruses armed with pre-press release data from, let's say, MessageLabs.

And it would be only proper to give some type of financial reward to those who predicted spam would crush everything else malicious in your mailbox, well before everyone else got worked up about it.

Now don't think I'm too smug about all this. It's easy to look back and make sport while choosing examples from history to prove a point. I know I'd lose my shirt in a futures market, but I might be tempted to sneak in a few bets on the prospects of Klez.

© SecurityFocus logo

George Smith is a Senior Fellow at GlobalSecurity.org, a defense affairs think tank and public information group. He also edits the Crypt Newsletter and has written extensively on viruses, the genesis of techno-legends and the impact of both on society.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.