Enhanced Attribution: An Engine To Identify Hackers

Uploaded on 2016-07-04 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

Pentagon researchers expect to initiate a new program by early 2018 to better identify hackers and cybercriminals. The “Enhanced Attribution Program” will enable the government to not only characterize an attacker, but also share a cybercriminal’s modus operandi with prospective victims, and predict where they will strike next. 

"The idea is to not only look at the bullets but also the weapon," explained Angelos Keromytis, the program leads at the Defense Advanced Research Projects Agency (DARPA), referring to a hacker’s IT resources.

Defense officials plan to be able to tap into laptops as well as smartphones and other internet-enabled devices. By contrast, under current security protocols, hackers effectively mask or misdirect data to avoid detection from authorities.

The program seeks to mimic and recreate the criminal, to get ahead of their next move and potentially catch them at their next point of attack. Supposing that DARPA is capable of producing the tech capable of telegraphing attribution, the group faces another challenge, by apprehending a hacker or releasing warnings to the public, they may ultimately expose proprietary methods.

Keromytis has stated concern that sharing too much information about an adversary with the public may embolden others to find new ways to circumvent federal officials.

The US recently faced a similar challenge, by indicting Iranian Revolutionary Guard hackers, explained NSA security scientist Dave Aitel. "By indicting these individuals the US government showed the world – and showed Iran – what it knows about the Iranian effort and this announcement reveals more than just what the US is able to attribute, it also signals what it does not know and cannot detect."

In the short term, Keromytis hopes that the new tech he is proposing may have beneficial applications against financial criminals and other forms of hacking. "That is my hope and it’s not an idle hope," he said.

DARPA expects that by the end of 2020 the system could accumulate sufficient data to nab "A-Team hackers," cybercriminals, or privateers, sponsored by governments.

Ein News

« Technology Advances Too Fast For Government
Lessons Learned From Major Healthcare Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Nmap Project

Nmap Project

Nmap Project is a Free and open source tool for network discovery, administration, and security auditing.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

Finnish Information Security Cluster (FISC)

Finnish Information Security Cluster (FISC)

FISC is an organization established by major Finnish information security companies to promote their activities nationally and internationally.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

MerlinCryption

MerlinCryption

MerlinCryption develops infrastructure security software, delivering advanced encryption, authentication, and random data generators, for Cloud, VoIP, eCommerce, M2M, and USB hardware.

Finosec

Finosec

Finosec's mission is to change the way information security and cybersecurity are managed in banking.

Spin Technology

Spin Technology

SpinOne is a SaaS data protection platform designed to monitor, secure, and back up your G Suite and O365 data, improve compliance, and reduce IT costs.

HB-Technologies

HB-Technologies

HB-Technologies is pioneer in Africa, in digital security, embedded electronic and IT solutions based on highly secure smart cards that comply with international standards and norms.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Cyber Ranges

Cyber Ranges

Cyber Ranges is the next-generation cyber range for the development of cyber capabilities and the validation of cyber security skills and organizational cyber resilience.

BitLyft

BitLyft

BitLyft is a managed detection and response provider that is dedicated to delivering unparalleled protection from cyber attacks for organizations of all sizes.

Certera

Certera

Certera is a modern and affordable SSL Certificate, Code Signing Certificate, and Cyber Security Services provider.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.

Center for Cyber Security Studies & Research (CFCS2R)

Center for Cyber Security Studies & Research (CFCS2R)

CFCS2R's mission is to empower individuals, organizations, and governments with the knowledge and tools necessary to protect against cyber threats.