DARPA to develop offensive cyberspace capabilities

The growing number of cyberspace threats to U.S. government computer networks has caused the Defense Department to begin developing new defensive and offensive cyberspace capabilities. Key to researching and creating these new technologies is DOD’s research and development arm, the Defense Advanced Research Projects Agency (DARPA).

More than 30 nations are creating cyber units in their military organizations, DARPA Director Regina Dugan said at her agency’s Cyber Colloquium in Arlington, Va., on Nov. 7. She noted that former Deputy Secretary of Defense William Lynn had said that it is unrealistic that these nations will limit themselves only to defense.

Recent major attacks on nations such as Estonia and Georgia demonstrated the growing threat of cyberattacks, she said. “A connected, motivated group can now accomplish tasks that once were thought impossible,” she said.

To counter these threats, DOD is adding $500 million to DARPA’s budget over the next five years. This will allow the agency to spend from 8 to 12 percent of its budget on military specific cyberspace research, Dugan said. In turn, DARPA‘s activities are part of a larger effort between DOD, academia and the private sector to better defend national networks. “We must both protect its peaceful, shared use, as well as prepare for hostile cyber acts that threaten our military capabilities,” she said.

To help plan its research, DARPA developed a cyber analytical framework designed to ask “why” about cybersecurity efforts. DARPA’s analysis concluded that despite the efforts of thousands of people and millions of dollars, the government continues to lose ground against cyber space threats, Dugan said.

DARPA’s analysis revealed that U.S. strategy is dominated by a strategy of layering security atop an existing architecture. This architecture, despite air gaps and other security measures, cannot react to agile threats in cyber space, she said.

For example, the fight between malware and security systems is uneven. Dugan said that although the cost and size of security software has grown exponentially, bots, viruses and other malware remain small and very targeted. A DARPA study of some 9,000 examples of malware found that they average 125 lines of code versus the millions of lines of code used in defensive systems. This gives lots of advantage to the attackers, she said.

DARPA’s objective is to open a frank dialogue between government, academia and industry because throwing “bodies and buildings” at the effort won’t solve the problem, Dugan said.

The first goal of DOD’s cyber efforts is to prevent war, but the military must also be prepared to respond to cyberspace threats, Dugan said. But while these new capabilities are being developed, the government must also defend freedoms and the ability to freely use common spaces in cyberspace. But she maintained that it is up to national policy makers, not DARPA, to determine how cyber capabilities and policies are run.

Defense in cyberspace is not enough; the military will also require offensive capabilities. “Modern warfare will demand the effective use of cyber, kinetic and combined cyber and kinetic means,” she said.

To develop these next generation cyber capabilities, DARPA has launched several initiatives that focus focusing on detecting a variety of threats on both sides of the firewall. “We need more options, we need more speed and more scale,” she said.