Flipping Malware: A Profit Opportunity for Corporate IT Departments
The good news, or at least potential good news since no one is doing this yet, is that the undiscovered malware lurking on corporate networks potentially represent tens or hundreds of thousands of dollars in income for the corporation. And since it resides on the corporate network, it becomes the property of that corporation. All of a sudden, something that you've viewed only as a threat and an expense has become a valuable commodity thanks to the trend in selling offensive malware to government agencies.
The U.S. government is a customer for offensive exploits and so are a number of allied governments. In fact, if they aren't already doing this, defense contractors like Lockheed Martin, Raytheon, Northrup Grumman, and many others should already be mining their own networks for undiscovered malware, reverse-engineer what they find, and use it to fill orders by DoD since they've already got the contract vehicles in place.
Some of the more forward-looking DOD contractors who have robust internal Computer Emergency Response Teams (CERT) staffed with engineers who can do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit. The best part is that everybody comes out a winner except for the malware writers who may have spent a lot of time and money developing 0-days for targeted attacks (i.e., the creators of Stuxnet, DuQu, Gauss, and Flame). In my scenario, they've merely provided a sellable commodity for free to the targets that they were hoping to exploit.
If you're a C-level executive and you'd like to discuss this idea privately with me, feel free.