Modern field guide to security and privacy

DARPA’s plan for US military superiority in cyberspace

It may never be totally impenetrable online, but DARPA chief Arati Prabhakar says the US can gain a strong advantage over other countries.

Mel Evans/AP/File
US Military Academy cadet Kiefer Ragay stood in a projection of data results as he talked to fellow cadets at the Cyber Research Center at the US Military Academy in West Point, N.Y.

The US military will never be completely hack proof, admits the director of the Pentagon’s futuristic research arm.

“Invulnerability is not a future state,” says Arati Prabhakar, head of the Defense Advanced Research Projects Agency.

DARPA’s mission is to develop breakthrough technologies to help the US military. It’s the influential agency that fueled the creation of the Internet in the first place. Yet the asymmetrical nature of digital conflict means increasingly sophisticated hackers will always pose a threat, no matter how advanced the solutions become – even the ones DARPA is developing. That’s because “human beings are so creative,” Dr. Prabhakar said at a roundtable discussion on Wednesday.

This, however, is not stopping DARPA from trying to shift the balance. “We have to change the cybersecurity game we’re in right now,” Prabhakar said. “All the prowess of our conventional capabilities is meaningless in this environment.”

It’s a critical problem for the US military. Its superiority, military leaders lament, does not carry over from the traditional battlefield into cyberspace. Meanwhile, US intelligence officials say the cyberthreat posed by Russia is more severe than previously assessed; Iran is exponentially increasing its cybersecurity budget; and China publicly revealed its numerous military and intelligence cyberwar units.

Yet Prabhakar is optimistic that the US military can ultimately develop an edge over other countries, even if it will never be totally impenetrable. “A significant advantage [in cyberspace], yes, I think that is something we can achieve,” she said, “by using these tools and techniques but also having the people that know how to use them, use them to great effect.”

Several in-progress DARPA projects could ultimately give the US military the upper hand, Prabhakar said.

A program known as Plan X, for example, is designed to give the military’s cyberwarriors greater visibility into their networks. It would translate attacks into smart display graphics, so they’re harder to miss, and streamline the military’s ability to defend against them by building an “app store” where cyberoperations could stored, ready to deploy.

This kind of simplification of cybersecurity could be critical for the Pentagon, which announced last year it would triple the number of its cybersecurity professionals to 6,000 by 2016 – no easy feat in such a technical field where skilled workers are in high demand across the globe.

“The military takes young kids and gets them very confident in operating complex systems,” Prabhakar said. “Can we start building tools so that with a modest amount of training, a lot of people can understand and see what’s happening in cyber?”

(To learn more about Plan X, see Passcode’s exclusive first look at Plan X – complete with photos and concept art – and watch the video of our February event starring DARPA’s live demo of the program.)

Separately, DARPA is building another program to develop what Prabhakar calls “provably correct software, systems that can’t be hacked for specified security properties.” This is, she said, particularly important to guard against those seeking to break into the operating systems of small unmanned aerial vehicles, commonly known as drones.

The agency is also hosting a Cyber Grand Challenge to automate defensive operations. The competition – for millions of dollars in prizes – will have computers automatically defend against cyberattacks in “a much more scalable, machine-speed fashion than human beings typing as fast as they can,” Prabhakar said.

At next year’s DEF CON Hacking Conference, computers will face off against other computers, but Dan Kaufman, who directs DARPA’s Information Innovation Office, said recently at a Passcode event that he wants to eventually compete the agency’s computers against human hackers in the actual DEF CON conference sometime in the future. "If we finish not last, I'm going to do a victory lap," said Mr. Kaufman.

These three key programs, Prabhakar said, are already encouraging those at DARPA building new frontiers in cybersecurity. “When you start taking those pieces together, you start having some sense you’re driving your future a little bit.”

 

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.