DARPA looking to develop new technology to ID cybercriminals
The Defense Advanced Research Projects Agency (DARPA) is looking for research proposals to develop a system that would enable the government and law enforcement to identify the actual individual behind a cyber attack.
The Enhanced Attribution Program proposal is looking to create the technology that would allow not only the collection of data that could pinpoint the perpetrator, but do so in a way that would not put at risk the sources and methods used to find the person or group. From DARPA's perspective the need for this is quite straightforward.
“Malicious actors in cyberspace currently operate with little fear of being caught due to the fact that it is extremely difficult, in some cases perhaps even impossible, to reliably and confidently attribute actions in cyberspace to individuals,” DARPA wrote in the 43-page proposal.
What DARPA hopes is that a researcher will develop a method to cut or see through the multiple layers of indirection available to cybercriminals.
“The Enhanced Attribution program aims to make currently opaque malicious cyber adversary actions and individual cyber operator attribution transparent by providing high-fidelity visibility into all aspects of malicious cyber operator actions and to increase the Government's ability to publicly reveal the actions of individual malicious cyber operators without damaging sources and methods,” the proposal states.
Jean-Philippe Taggart, Malwarebytes' senior security researcher told SCMagazine.com in an email that such technologies are already being deployed in the private sector, but they are no panacea.
"The scenarios in which they are deployed decide their effectiveness. Skillful attackers will employ techniques to defeat them, and/or mitigate the information that they gather. The amount of information they collect also raises serious privacy concerns. This requirement list reads strangely like the feature sets of existing cyber intelligence outfits," Taggart said.
Submissions are due to DARPA by June 7 with a proposed date of implementation of 2018, according to Nextgov.com.