The development of the internet as a space for hackers to perpetrate attacks and crimes reveals how a tool developed to enhance physical areas of military operations can be transformed into its own operational space, according to Dr. Brian Pierce, director of the information innovation office in the Defense Advances Research Projects Activity, who spoke at CyberCon 2017.
“Though the exponential expansion of the internet and, of course, cyberspace in general has boosted our productivity to incredible heights, it has also opened up avenues for bad behavior by a spectrum of threats ranging from individuals to nation states,” said Pierce.
“Cyber is not a natural domain like air or sea, but a human creation originally developed to facilitate operations in the other domains. The complexity, though, of cyber has grown to where it has become an operational domain unto itself.”
According to Pierce, DARPA invested in the ability for computers to talk to each other as part of a network back in the late 1960s (the origins of today’s internet). Without that investment, Pierce said, the world would be very different today.
“The empowerment of U.S. cyber deterrence has the potential to enhance U.S. deterrence in all domains,” said Pierce, explaining that his office has been working on a variety of projects to set both the military and private sector ahead in cybersecurity and deterrence.
“We had to create surprise in order to prevent it,” said Pierce. DARPA has had a hand in creating well-known modern technologies such as the GPS, the computer mouse and learning personal assistants on smartphones and other devices.
“It’s evident that DARPA’s technological surprises have certainly disrupted commercial markets as well as military technologies,” Pierce said.
In cyberspace, DARPA is working on projects to strengthen the security of software used by the military, to introduce automation to lower response and patch times, and to analyze big data in search of malicious activity.
“Our high-assurance cyber military systems program, or HACMS program, is working to harden the embedded software in commercial and military systems,” said Pierce, explaining that the program works to ensure that the software is built as specified and to deny adversaries the opening to get onto that software.
“We’re working now with the services to transition the HACMS tool to build software with much greater cyber resilience,” said Pierce. “I think we really should begin now to develop explicit cyber resiliency requirements for the software in, say, programs of record.”
DARPA has also hosted events like the Cyber Grand Challenge, which pitted computer against computer in a capture-the-flag style tournament at the 2016 DEF CON in Las Vegas.
“The automation developed under the Cyber Grand Challenge includes the discovery and patching of software vulnerabilities,” said Pierce, explaining that automated patching can resolve flaws in minutes that could potentially take years to discover manually. “I can’t emphasize how much this automation is a game changer in strengthening cyber resilience.”
According to Pierce, his department is also working on pinpointing singular IP addresses behaving suspiciously within datasets containing millions of network log-ins.
“The analysis of vast amounts of data can provide very useful insights, even minimal data such as net flow containing only the IP addresses of senders and receivers,” said Pierce.
Just as the invention of the internet opened a new avenue for malicious actors to attack through, Pierce said DARPA is operating with consideration of how each new technology could be used against them or even to invade the privacy and security of everyday Americans.