Articles

DARPA Director Calls for Cybersecurity Change

Real-time cybersecurity is now a necessity, and has reached the point of requiring big changes in how we are going to fix cybersecurity today.

by / November 7, 2014
Dr. Arati Prabhakar, director of the Defense Advanced Research Projects Agency John F. Williams/Office of Naval Research

A recent C-SPAN interview with Dr. Arati Prabhakar, director of the Defense Advanced Research Projects Agency (DARPA), conducted by Mary Jordon from the Washington Post, gave credence to my three previous articles this year concerning how we defend ourselves against cyber attacks.

As Prabhakar stated: "The attacks are happening in microseconds, so today all we can do is patch and pray, and keep throwing human beings at the problem. We are looking for a fundamentally different way to get faster than the pace of the growth of the threat."  

Clearly the realization has hit that real-time cybersecurity is now a necessity, and it has reached the point of requiring big changes in how we are going to fix it. 

What we are doing wrong

The basis of today's information processing technologies historically aggregate information for distribution or processing such as initiating machine control system event actions across the predetermined information system processes. The very reason hackers can hack is because information processing transfer and aggregation data is historically transported and stored.  We encrypted at the end points and we store data at the historical data output level.  

This time window allows hackers the ability to manipulate these historical information processes and change the information process or machine action that may only take milliseconds to occur.

Today's cybersecurity technologies aren't even in the right place to detect these breaches. If we are to get faster than the pace of the growth, as stated by the director of DARPA, we need to be ahead of machine action microseconds rather than be caught in historical information processes we currently use today.

Why current cybersecurity technologies will continue to fail

Cybersecurity weakness are clearly being disclosed with attacks publicized by all major media outlets almost daily. These disclosed weakness are beginning to concern both customers and major cloud providers. There is mounting evidence that today's cybersecurity technological approaches that have served us well for years may no longer be valid for information processing today and for future technologies like the Internet of Things (IoT). The two areas of concern are how we attempt to secure and analyze information processes through the use of algorithms and analytics. Both of these technologies have the same vulnerability in how they work and how they are hacked. They both operate at the historical data output level. This offer hackers the opportunity to manipulate or breach algorithms and access stored data and, in real time, change the information process.

A hack is really the manipulation of software to exploit a desired action in the information process systems. The problem with all information processing today is that the systems they are all based on are historically sending and retrieving of information at the data output level. This leaves a window of opportunity for hackers. If we are to get faster than the growth of the cyber threat, we must deploy real-time data in motion technologies that are ahead of even millisecond machine actions or we continue to be behind and hackers will maintain their breach advantage. You will find clear explanation of how we could get ahead of the hackers and achieve this needed real time cybersecurity capability in the inserted presentation of the article Getting Cybersecurity to Actually Work.

Why we must change now

The largest explosion of millisecond machine actions will take place when billions of IoT devices are deployed.  Until we find a way to authenticate, view, audit, analyze and block IoT devices often connected to cloud computing, we frankly shouldn't be putting IoT out there. As the security industry saying goes, "money trumps security," and as increasingly more of these IoT product are released, cybersecurity will just be playing catch-up. With potentially billions of these devices being deployed all over the world, this could lead to a cyber attack free-for-all of catastrophic proportions. 

There is a big fundamental problem with securing IoT though. The systems are so small that even today's patch and pray cybersecurity fixes won't work. It is not like you're going to take a $10 IoT device in and ask to download a security upgrade patch. Even if you did, in many cases there wouldn't be enough room in the processor or memory to install the software patch. The need for a new security platform for IoT will be one of the main driving factors for major changes in cybersecurity. There also are reasons today to change cybersecurity, but the pain of unacceptable cybersecurity platforms is just now being recognized in big industry revenue losses by cloud providers.

Why will change will occur? Money!

When the largest stock holders of IBM (Warren Buffett being one of them) lose over a billion dollars in a few days, people will take notice. There were predictions early on about the Snowden effect that disclosed secret relationships with the NSA and top cloud providers. This left an uneasiness in cybersecurity certainly from U.S. adversarial countries like China, but is now is going much deeper to even with US friendly countries and the US itself. How badly these security concerns will affect some of the biggest names in information technology (Cisco, Microsoft, Apple, Oracle, IBM, Google) is just beginning to appear. One thing is for certain, though: These companies must prove that their security platforms actually work or their billions in revenue losses will continue. While existing revenues are lost this time around, even the future trillion dollar revenues in IoT could be lost proving that money will no longer trump security.

Why we must move forward now

As the saying goes, "necessity is the mother of invention." Some of the largest information technologies companies in the world are facing the need to accept a complete paradigm shift in the way they have been processing digital information. With staggering losses of revenues already occurring and more to come, customers are beginning to lose confidence in these Internet technology giants of the past. There must be a proven change in the security and information processing itself if these IT giants are to regain the trust and market share they have enjoyed for many years.

As bad as things are today, though, the biggest loss could be on the horizon: The potential loss of the multi-trillion dollar IoT market. Today's cybersecurity was never intended to secure cloud computing or the billions of future microchip intelligent sensors that could connect to them -- the Internet of Things. From physical microchip  limitations to the inability to decipher billions of machine actions occurring in microseconds, a fundamental change and even a paradigm shift must occur in cybersecurity if we are to allow billions of IoT devices to be deployed all over the world.   

Change is Inevitable

When money, power and intelligence all agree, change is inevitable.  We have reached that point in current cybersecurity limitations and now must focus on the deployment of new security technologies that can protect us now and in the future.  We must get beyond the point of analyzing technology in cybersecurity and must begin to deploy new known cybersecurity technological capabilities. The very future of information processing and the wonderful things it has brought us are dependent on this change.  

Larry Karisny is the director of ProjectSafety, a cybersecurity and digital forensics expert, advisor, writer and industry speaker focusing on information processing security and intelligence. 

Larry Karisny

Larry Karisny is the director of Project Safety.org, an advisor, consultant, speaker and writer supporting advanced cybersecurity technologies in both the public and private sectors.