On November 7th, 2011, Spencer Ackerman wrote for Wired on how DARPA is looking to make drones, subs, and trucks hacker-proof. Again citing events from DARPA's Cyber Colloquium, the article mentioned how software that controls your car's brakes could be just as buggy as Windows. In light of the virus that infected the US Reaper fleet, DARPA was eager to create "high assurance" systems that would somehow stop the drones or their software from getting infected. The problem is, no one knows how exactly to stop those drones, or subs, or trucks, or much of anything from getting infected.
An MQ-9 Reaper
Noting that it's easier to play offense than defense, both DARPA officials and Gen. Keith Alexander (NSA/CyberComm head) quietly expressed interest in cyber "offensive capabilities to address military-specific needs.” However, although cyberweapons are needed, the lack of effective network defenses stills leave a whole lot of vulnerable military and civilian equipment. To this end, Howard Shrobe, an MIT scientist who works with DARPA, suggested network defenses that mimic the human immune system. The human immune system has three tiers of defense: it makes difficult for germs to enter, but when those natural firewalls fail, it studies the infection, then attacks the infection, then remembers the infection if there is ever a Round Two. Shrobe's program, called CRASH, would allow for networked systems to "check on each other" to share information about observed cyberattacks. Of course, no one knows how to implement such a system, but man it sounds cool.
Finally, DARPA suggested that it could "geekify" cybersecurity by crowdsourcing the detection and debugging of malicious code, essentially making it a game. Thus, people who like brainteasers could become deputized guardians of military networks. The article concludes that while the US does need to play more offense online, there has to be vast improvement in network security as well.
The source article can be found here.
Image source: USAF
Leave a Reply