DARPA is preparing for the threat
You might not know this, but the Internet wasn’t built for you and me. Back in the 1960’s, which somehow seems like an eternity ago, DARPA (Defense Advanced Research Projects Agency) envisioned a network of computers that could collaborate on scientific and technological research projects from coast to coast. The name given to this proto-Internet was ARPANET, and by 1969, it represented the framework and series of standards that would later become the Internet as we know it today.
These days, DARPA is still developing breakthrough technology to answer the increasingly complicated demands of global security and defense. One of those demands, inevitably, is the ever-greater risk of cyber-attacks — both from within the United States and from without. To speak plainly, the amount of stuff on the Internet makes it more and more difficult with each passing day to keep our personal information — to say nothing of state secrets — safe from prying eyes.
This tug-of-war has become something of a full-time job over at DARPA. Here’s how they’re preparing themselves — and the country at large — for the newest threats to cyber-sovereignty.
There’s no “unhackable” code
DARPA’s Arati Prabhakar and Steve Walker will be the first to tell you: “There’s no unhackable code.” That’s a bit of a mood-killer, really, but it’s also old news — the best the tech community can hope for is to make “less hackable” code, and to try to stay ahead of the cyber-criminal (“hacker,” if you prefer) community and their ever-larger bag of tricks.
In answer to rising concerns over data breaches and cyber-terrorism, DARPA has spun off a new project called High-Assurance Cyber Military Systems, or HACMS. DARPA’s formal description of HACMS and its mandate is full of not-so-helpful jargon, so let’s break it down what they’re trying to accomplish in terms that will be familiar to anybody who studied sixth-grade math.
One can think of the HACMS approach to cyber-security in terms of basic mathematics. Everybody knows the Pythagorean Theorem: a2 + b2 = c2. This theorem is accepted because it works every time it’s put to the test. This is an effective metaphor for the long-sought unicorn that is unhackable code. Think about it like this: A right triangle is “unhackable” because a2 + b2 will never equal anything other than c2. The code being developed by the HACMS works a little bit like this — not literally, mind you, but the metaphor is a good stand-in for the kind of mathematics-based algorithms they’re trying to develop.
It works because it simply cannot work any other way.
And so far, they seem to be meeting with preliminary success. When the HACMS team unearthed an effective piece of code that works along the lines described above, they gave it to a team of “professional hackers” to try out. The HACMS team stored the code on a real-life, unmanned attack helicopter to see if their team could retrieve it.
The results were extremely promising: Even after the hackers were handed access to the actual source code of the helicopter, they were unable to penetrate the main systems and retrieve the code.
The implications of these preliminary tests are enormous. Americans are a fearful lot (Why else do we have more guns than people in this country?), and right now, cyber-attacks are at the top of the list in a recent Survey of American Fears. It’s encouraging to know that the institution that brought us the Internet in the first place is making significant progress toward discovering ways to make it hack-proof. We’re not there yet, but HACMS has delivered a promising proof-of-concept.
DARPA has also recently chosen to enlist the help of the public with the Grand Cyber Challenge — a competition (with a $2 million grand prize) that encourages self-styled hackers to build software that can compromise encrypted data faster than the competition. Think of it as a digital capture the flag game: The team that manages to retrieve a particular piece of data from a closed system gets the prize money and significant bragging rights in the hacker community.
It might sound counter-intuitive, encouraging people to break encryption. But DARPA considers challenges like these to be invaluable recruiting tools. They’re always looking for the next generation of government technologists.
Security is EVERYBODY’s problem
Like much of what DARPA gets up to, HACMS feels a little bit abstract, and perhaps difficult to apply to our everyday lives. The truth, though, is a bit more complicated. With huge battles brewing between corporate America and the government, emerging forms of encryption and new approaches to cyber-security are more important for the “average consumer” than ever before. Battle lines are being drawn between companies like Apple, Google and Microsoft and the would-be surveillance state envisioned by some of the more fearful statesmen serving in Washington, D.C.
And they’re also becoming important for modern entrepreneurs.
We’ve seen egregious lapses in cyber-security before, write large across national headlines. Remember Target’s data breach? Or the Sony hack that compromised some 102 million company records in 2011? The list of “unprecedented” data breaches is a long one, and becomes more precedented with each passing day.
Two reasons a business owner should care about cyber security
First: Modern entrepreneurs have to fight an uphill battle against market fluctuations and competition alike. Knowing your proprietary company secrets are under lock and key is hugely important if you want to make it.
But there’s a second reason, and it sometimes gets overlooked. To speak plainly, your customers take it for granted that you’re looking out for them. Almost every business stores a great deal of personal information about the people they sell to: Names, credit card numbers, addresses, and on it goes. People want to be able to count on their favorite businesses to make sure criminals can’t get their compromising data without a fight.
So — yes. This is a struggle that affects all of us. The world has turned downright Orwellian while our backs were turned. There are now eyes and ears everywhere. H
ow we go about answering this challenge in the coming years will reveal quite a bit about who we are and what we really value.
