Enhanced Attribution: An Engine To Identify Hackers

Pentagon researchers expect to initiate a new program by early 2018 to better identify hackers and cybercriminals. The “Enhanced Attribution Program” will enable the government to not only characterize an attacker, but also share a cybercriminal’s modus operandi with prospective victims, and predict where they will strike next. 

"The idea is to not only look at the bullets but also the weapon," explained Angelos Keromytis, the program leads at the Defense Advanced Research Projects Agency (DARPA), referring to a hacker’s IT resources.

Defense officials plan to be able to tap into laptops as well as smartphones and other internet-enabled devices. By contrast, under current security protocols, hackers effectively mask or misdirect data to avoid detection from authorities.

The program seeks to mimic and recreate the criminal, to get ahead of their next move and potentially catch them at their next point of attack. Supposing that DARPA is capable of producing the tech capable of telegraphing attribution, the group faces another challenge, by apprehending a hacker or releasing warnings to the public, they may ultimately expose proprietary methods.

Keromytis has stated concern that sharing too much information about an adversary with the public may embolden others to find new ways to circumvent federal officials.

The US recently faced a similar challenge, by indicting Iranian Revolutionary Guard hackers, explained NSA security scientist Dave Aitel. "By indicting these individuals the US government showed the world – and showed Iran – what it knows about the Iranian effort and this announcement reveals more than just what the US is able to attribute, it also signals what it does not know and cannot detect."

In the short term, Keromytis hopes that the new tech he is proposing may have beneficial applications against financial criminals and other forms of hacking. "That is my hope and it’s not an idle hope," he said.

DARPA expects that by the end of 2020 the system could accumulate sufficient data to nab "A-Team hackers," cybercriminals, or privateers, sponsored by governments.

Ein News

« Technology Advances Too Fast For Government
Lessons Learned From Major Healthcare Breaches »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Excellium Services

Excellium Services

Excellium’s Professional Services team combines expertise and experience that complements your in-house security resources.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Recovery Point Systems

Recovery Point Systems

Recovery Point is a leading national provider of IT secure and compliant infrastructure and business resilience services.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

Marcus Donald People

Marcus Donald People

Marcus Donald People is a UK IT recruitment specialist covering the following sectors: Infrastructure & Cloud, Information Security, Development, Business transformation.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

OrbiSky Systems

OrbiSky Systems

OrbiSky Systems is a British tech startup specializing in data management and cybersecurity solutions.

PriorityZero

PriorityZero

PriorityZero is a European company focused on remote security assessments and consulting services that operates on a global scale.