Tag Archives: cyberdrill

Automated Cyber-Security Systems: DARPA

data

From the DARPA website:

DARPA’s Cyber Grand Challenge takes aim at an increasingly serious problem: the inadequacy of current network security systems, which require expert programmers to identify and repair system weaknesses—typically after attackers have taken advantage of those weaknesses to steal data or disrupt processes. Such disruptions pose greater risks than ever as more and more devices, including vehicles and homes, get networked in what has become known as “the Internet of things.

“Today’s security methods involve experts working with computerized systems to identify attacks, craft corrective patches and signatures and distribute those correctives to users everywhere—a process that can take months from the time an attack is first launched,” said Mike Walker, DARPA program manager. “The only effective approach to defending against today’s ever-increasing volume and diversity of attacks is to shift to fully automated systems capable of discovering and neutralizing attacks instantly.”

To help accelerate this transition, DARPA launched the Cyber Grand Challenge, the first computer security tournament designed to test the wits of machines, not experts. The Challenge plans to follow a “capture the flag” competition format that experts have used for more than 20 years to test their cyber defense skills. That approach requires that competitors reverse engineer software created by challenge organizers and locate and heal its hidden weaknesses in a live network competition. The longest-running annual capture-the-flag challenge for experts is held at an annual conference known as DEF CON, and under the terms of a new agreement the Cyber Grand Challenge final competition is scheduled to co-locate with the DEF CON Conference in Las Vegas in 2016…

At the event, computers that have made it through a series of qualifying events over the next two years would compete head-to-head in a final tournament. Custom data visualization technology is under development to make it easy for spectators—both a live audience at the conference and anyone watching the event’s video stream worldwide—to follow the action.   Details about the Cyber Grand Challenge and some of the other registered teams can be found at www.cybergrandchallenge.com.

Preparing for Cyberattacks: Cross-Border Cyberdrills

Mass web destruction, spam and malware infection were among the scenarios involved during the first cross-border cyber drill organized by the United Nations and an international partnership against online threats in South-east Asia that aims to build cooperation and improve response measures to cyber attacks.  The drill, launched by the UN International Telecommunication Union (ITU) and the International Multilateral Partnership Against Cyber Threats (IMPACT), was a coordinated exercise to assess the security and emergency readiness of Cambodia, Laos, Myanmar and Viet Nam, also known as the CLMV countries.

Each country had a team participating in three simulated cyber security emergency incidents. Teams were required to identify the origin of the attacks, identify possible solutions and mitigation steps, and rectify the damage.The one-day exercise then simulated a cyber attack response linking the response systems of the fours countries known as Computer Emergency Response Team/Computer Incident Response Teams (CERT/CIRT), as well as experts from ITU and IMPACT.

“Cyber attacks are borderless, so it is vital for every CERT/CIRT to share information and experience on cross-border incident handling, in order to refine and test points of contact and procedures, to enhance the effectiveness of their response to active cyber threats,” said ITU Secretary-General Hamadoun Touré.  According to a news release issued by ITU, the exercise was intended to help build greater cooperation and improve communication among the countries, and it took into account real-life constraints such as the disparity in the countries’ capabilities and developments.

The drill, which was held yesterday, did not aim to criticize capabilities or a particular network, system or infrastructure, but instead sought to emphasize the need for continuous communication channels between neighbouring countries, as well as enhance each country’s incident response capabilities.  “The ITU-IMPACT ALERT (Applied Learning for Emergency Response Team) achieved several positive outcomes, including identification of readiness of each country’s CERTs/CIRTs team, establishing the need for proper contingency plans, improving the familiarity with tools and other related software and communicating the importance of maintaining logs and having adequately trained personnel in place to handle cyber threats,” said Datuk Mohd Noor Amin, Chairman of IMPACT.  “This was a great opportunity for countries to put their contingency strategies to the test. This cyber drill serves as the prototype for upcoming larger global exercises being designed for 2012.”

First UN-backed simulation of cyber attack takes place in South-east Asia, UN Press Release, Dec. 2, 2011