19 June 2017

3 ways DARPA will attack the cyber problem

By: Mark Pomerleau

During a keynote presentation June 14 at the Defensive Cyber Operations Symposium in Baltimore, Steven Walker, acting director of the Defense Advanced Research Projects Agency, outlined three research areas his organization is focusing on in cyber.

1. Hardening systems against attacks. 

Walker referenced the Cyber Grand Challenge that was held last August as an example that could represent a paradigm shift in the way cyber is currently thought of. The challenge, he said, sought to defend a network and counterattack an adversarial network in a matter of minutes without human intervention — essentially machines versus machines in virtual capture the flag.

This changes the idea of zero-day exploits and causes one to think in zero-second or zero-minute exploits, he said, given that the current timeline to close vulnerabilities in systems can run as high as 300 days, a timeline Walker called unacceptable. Systems that participated in the challenge automatically identified and addressed software flaws, maintained operations, and scanned the Cyber Grand Challenge network to identify exploits and vulnerabilities in the other systems.

The next step is to evolve the experiment into an operational capability.

2. Operating through cyberattacks.

DARPA is developing technologies to rapidly detect and isolate attacks on the electric power grid. This is occurring under a program called Rapid Attack Detection, Isolation and Characterization Systems, or RADICS, to develop technology that can quickly restore power to the grid following a fatal cyberattack.

3. Winning in the cyber domain. 

One such solution in this vein is the Plan X tool, which is a first-generation cyber mission framework tool to enable mission commanders, planners and operators to collaborate, understand, plan and manage cyber operations in real time against large-scale and dynamic network environments at both tactical and strategic levels.

For commanders who might not be tech-savvy, being able to understand and even visualize what cyber effects can bring to their campaign plan is critical. Plan X gets at this. Walker told C4ISRNET following his presentation that DARPA is looking to transition Plan X to Army Cyber Command but was not sure on the exact timeline, only offering a memorandum of agreement is being developed.

During a briefing with reporters in February, Maj. Gen. Patricia Frost, who heads the Army’s cyber directorate within the G-3/5/7 that tucks cyber, electronic warfare and information operations into one office, explained that they were still working closely with Plan X, describing it as a critical partner for looking at visuals.

Walker also outlined two additional programs his office is working on to help win in the cyber domain. The Enhanced Attribution program seeks to make adversary and individual cyber operator actions transparent by providing visibility into all aspects of malicious cyber actions. The Net Defense program has developed algorithms and data analysis tools that allow cyber situational awareness for identifying illicit behavior in networks and this is the program that, he said, they see now transitioning to Cyber Command.

No comments: