Staying ahead of cyberthreats in a time of constricting budgets is a major challenge for the Defense Information Systems Agency (DISA) today.
To confront this quagmire, the agency’s officials are open to the private sector’s newest ideas and innovative technologies—even those that aren’t fully developed.
Everything from software-based systems that create virtual hardware across networks to exotic communications links that provide large increases in bandwidth throughout the battlespace are potential prospects
In the lead article of this month’s SIGNAL Magazine, Lt. Gen. Alan R. Lynn, USA, says any solutions that industry can come up with to help stay ahead of cyber adversaries “would really be of interest” to both DISA and Joint Force Headquarters, Department of Defense Information Network (JFHQ-DODIN). Gen. Lynn leads both organizations.
“The cyber battlefield is growing, it’s unending and it’s 24/7, and we have to keep a constant eye on it, and any tools that industry can bring, we’re interested in,” the general says.
“If there is some technology that would allow us to provide more bandwidth, more capability, we’re interested in that as well.”
(Learn More. Today’s world is a network of interconnected, embedded computer systems with components ranging in size and complexity from large supervisory control and data acquisition systems that manage physical infrastructure such as electrical grids and dams, to smaller but still critical systems inside airplanes, satellites, medical devices, computer printers and routers, and handheld devices such as cell phones and radios.
Researchers and hackers have shown that these kinds of networked embedded systems are vulnerable to remote attack, and such attacks can cause not just data loss or but significant physical, economic, and strategic damage.
DARPA’s High-Assurance Cyber Military Systems (HACMS) program is creating technology for the construction of safe and secure cyber-physical systems. Taking a fundamentally different approach from the inadequate methods used today by the software community, the program has adopted a clean-slate, formal methods-based approach to enable semi-automated code synthesis from executable specifications. HACMS has already transitioned some of its technology to both the defense and commercial communities.
In this video, HACMS software is used to protect the unmanned MH-6 Little Bird helicopter from malware-based hack attempts. Courtesy of DARPA and YouTube)
The biggest change afoot is the development of a multiprotocol label switching system to upgrade bandwidth capacity, he offers.
On the security front, the agency is developing a multifactor authentication that would succeed the current common access card, or CAC, which uses two-factor authentication.
The new system will employ behavioral analysis and biometrics to ensure that the identity of the person using the network is verified. This probably would feature “patterns of life,” in which a person’s actions are compared to their established habits, Gen. Lynn relates.
Although DISA builds the networks, JFHQ-DODIN defends them and Gen. Lynn leads both, the general maintains a degree of separation between the two functions to avoid one activity inhibiting the other.
(Hear from LTG Alan R. Lynn, USA, Commander, Joint Force Headquarters, Department of Defense Information Networks Director, Defense Information Systems Agency. Courtesy of AFCEA International and YouTube)
“The tendency in the cyber world is to try to lock down the network as much as possible,” he observes. “The build side of the house is to provide as much throughput, traffic and information as we can possibly make flow correctly. That’s an interesting balance.”
Gen. Lynn does not want the users to be concerned about outages or intrusions. “I don’t want them to have to worry about a fiber cut in Djibouti—the guys building the network need to worry about that,” he states.
“I want the cyber guys fully focused on the enemy, and the enemy is ubiquitous. They are all over the place trying to get in, and we are doing a tremendous job of blocking them every step of the way.”
DISA leaders are preparing to share an extensive view of the challenges the agency faces and how industry can solve them at AFCEA International’s Defensive Cyber Operations Symposium, which takes place June 13-15 at the Baltimore Convention Center.
AFCEA International, established in 1946, is a non-profit membership association serving the military, government, industry and academia.