A project aimed at developing defences against malware that attacks unpatched vulnerabilities involved tests on samples developed by the NSA.

The ultra-secretive US spy agency supplied network testing firm Iometrix with eight worms as part of its plans to develop what it describes as the industry's first Zero-day Attack Test Platform.

"We hired someone to create worms from scratch. A freelancer, who did the same sort of work for NASA, and was imprisoned for seven years for hacking offences," Dagnell said.

Iometrix's Zero-day Attack Test Platform detected both of the samples of malicious code developed by the hacker, but only three of the eight malware samples supplied by the NSA. Dagnell said the six month project was offered to the firm out of the blue and came to an end in March. Although not wholly successful the detection of half the attacks thrown against Iometrix's platform showed its work was progressing along the right lines, Dagnell added.

Other security experts were more skeptical about whether it was taking the right approach.

"You don't need to write viruses to test security technologies. There's no shortage of new malware. Also you examine existing stuff and study techniques," said Graham Cluley, senior technology consultant at Sophos. ®

Related stories

• NSA spied on US aid workers, officers, and journalists in Baghdad (9 October 2008)
• DNS gaffe leaves spy agency totally under cover (16 May 2008)
• FBI preps $1bn biometric database (24 December 2007)
• Security flaw marketplace lays out its wares (6 July 2007)
• Interview The rise of zero-day patches (2 March 2007)
• Trojan alert over unpatched Windows flaw (29 December 2005)
• Trojan exploits unpatched IE flaw (1 December 2005)
• Exploit for unpatched IE vuln fuels hacker fears (19 August 2005)
• NSA proposes backdoor detection centre (11 August 2003)