- Black server says manager refused to discipline coworkers who sent racist receipt 5 Years Ago
- Who is Jonah Hauer-King, Disney’s new Prince Eric? 5 Years Ago
- Cut Katherine Langford ‘Avengers: Endgame’ scene lands on Disney+ 5 Years Ago
- Planned Parenthood app to show abortion-seeking users their nearest options 5 Years Ago
- ‘The Imagineering Story’ offers touching insight into Walt Disney’s vision 5 Years Ago
- YouTube mom who was charged with child abuse dead at 48 Today 11:39 AM
- Every Marvel Cinematic Universe movie and show missing from Disney+ (and when they’ll show up) Today 11:35 AM
- HBO Max is planning a ‘Friends’ reunion special Today 11:10 AM
- 18 games you’ll want to have for all your holiday parties Today 11:09 AM
- Why the internet is obsessed with the Home Depot song Today 11:04 AM
- What are the ‘nude pictures’ of Trump Devin Nunes keeps bringing up? Today 10:40 AM
- How to watch tonight’s fire Clippers vs. Rockets matchup online Today 9:27 AM
- Ilhan Omar says Stephen Miller emails prove he’s a ‘white nationalist Today 9:00 AM
- YouTubers Trisha Paytas and Gabbie Hanna are feuding—and it’s gotten nasty Today 8:40 AM
- Can buttoned-up Elizabeth Warren memes bring order to a chaotic 2020 election? Today 8:17 AM
DARPA will give you $2 million to create a fully automated cybersecurity system
This technology can’t arrive soon enough.
When it comes to cybersecurity, often the weakest link in the chain isn’t antivirus programs or firewalls. It’s the humans involved in the process.
Such was the case in the Target hack last December in which some 40 million credit card numbers and other valuable pieces of personal information were stolen. A subsequent investigation into the incident revealed that Target’s recently installed, state-of-the-art cybersecurity system accurately identified the security breach before the thieves absconded with the information. However, a delayed reaction from the humans overseeing the security system allowed the attackers enough time to successfully make their getaway.
With Web systems becoming increasingly integrated into everyday life, the U.S. military is keenly aware of the havoc cyberattackers can potentially wreak.
That’s why the Defense Advanced Research Projects Agency (DARPA) has just launched a two-year scientific development competition, encouraging top security researchers to come up with a new, fully automated defense system that can immediately identify and neutralize threats without human intervention.
“Today’s security methods involve experts working with computerized systems to identify attacks, craft corrective patches and signatures and distribute those correctives to users everywhere—a process that can take months from the time an attack is first launched,” said Mike Walker, DARPA program manager, in a written statement. “The only effective approach to defending against today’s ever-increasing volume and diversity of attacks is to shift to fully automated systems capable of discovering and neutralizing attacks instantly.”
DARPA wants to jumpstart scientific development in this area by offering a $2 million grand prize to the team that can come up with the most effective automated defense system. So far, more than 30 teams have signed up to participate in the so-called Cyber Grand Challenge. Most of the teams are comprised of university or private researchers. The competition will take place over the next two years, with the finals being held as a capture-the-flag style tournament at the Def Con hacker conference in Las Vegas in 2016.
Similar past competitions have been used to spur scientific development in other areas. In the late 1990s and early 2000s, for example, the Ansari X-Prize helped fuel the development of private spacecrafts.
In addition to the $2 million grand prize, DARPA will also be giving out $1 million and $750,000 awards for second and third place finishing teams, respectively.
It’s understandable why DARPA and other agencies would want a speedier response to cyber attacks. However, there are skeptics who question the wisdom of removing humans from the cyber defense equation altogether.
Back in March, Edward Kiledjian, the chief information security officer for Bombardier Aerospace, another firm that uses FireEye, told Bloomberg Businessweek that it was not uncommon for security teams to turn off such automatic response features in order to maintain total control. However, that comes with the added pressure of making sure human responses are quick and diligent.
“Typically, as a security team, you want to have that last decision point of ‘what do I do,'” Kiledjian said.
Still, having a human manning the controls is not a fool-proof plan. In the Target case, security team members could have automatically neutralized the attack, had they not turned off an automatic response feature in the company’s recently-installed, $1.6 million FireEye security program.
Tim Sampson is a reporter who focused on the technology, business, and politics beats. He's also an established comedy writer, with work on Comedy Central and in The Onion and ClickHole.