The legal code, law enforcement, and anti-malware software will always be at least one step behind cybercriminals.

IP 1: Legal Code and Malware

As malware markets are making it easy to obtain malware and engage in sophisticated attacks, lesser skilled hackers are able to execute attacks with greater reach, damage, and payoffs. Nations have not criminalized the creation of malicious software generally. Should the legal code be amended to reflect this activity? Why and how?

IP 2: The Antivirus Software Industry

The antivirus software industry has grown since the 1990s, but malware continues to evolve and expand. Many popular antivirus software companies are not located in the U.S., but in other countries. Given that antivirus software is capable of reducing infections, not stopping infections entirely, could non-U.S. based companies have agendas that operate against the interests of the U.S.? If so, what steps could the U.S. take to guard against this? If covert agendas are detected, how could the U.S. legally respond to these foreign-based companies?

3 paragraphs for each IP

This is due no later than 11:59 PM ET on Thursday.