Enhanced Attribution: An Engine To Identify Hackers

Uploaded on 2016-07-04 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

Pentagon researchers expect to initiate a new program by early 2018 to better identify hackers and cybercriminals. The “Enhanced Attribution Program” will enable the government to not only characterize an attacker, but also share a cybercriminal’s modus operandi with prospective victims, and predict where they will strike next. 

"The idea is to not only look at the bullets but also the weapon," explained Angelos Keromytis, the program leads at the Defense Advanced Research Projects Agency (DARPA), referring to a hacker’s IT resources.

Defense officials plan to be able to tap into laptops as well as smartphones and other internet-enabled devices. By contrast, under current security protocols, hackers effectively mask or misdirect data to avoid detection from authorities.

The program seeks to mimic and recreate the criminal, to get ahead of their next move and potentially catch them at their next point of attack. Supposing that DARPA is capable of producing the tech capable of telegraphing attribution, the group faces another challenge, by apprehending a hacker or releasing warnings to the public, they may ultimately expose proprietary methods.

Keromytis has stated concern that sharing too much information about an adversary with the public may embolden others to find new ways to circumvent federal officials.

The US recently faced a similar challenge, by indicting Iranian Revolutionary Guard hackers, explained NSA security scientist Dave Aitel. "By indicting these individuals the US government showed the world – and showed Iran – what it knows about the Iranian effort and this announcement reveals more than just what the US is able to attribute, it also signals what it does not know and cannot detect."

In the short term, Keromytis hopes that the new tech he is proposing may have beneficial applications against financial criminals and other forms of hacking. "That is my hope and it’s not an idle hope," he said.

DARPA expects that by the end of 2020 the system could accumulate sufficient data to nab "A-Team hackers," cybercriminals, or privateers, sponsored by governments.

Ein News

« Technology Advances Too Fast For Government
Lessons Learned From Major Healthcare Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

PCI Compliance Guide

PCI Compliance Guide

The PCI Compliance Guide is one of the leading educational websites available focused exclusively on PCI compliance.

Pentagon Group

Pentagon Group

Pentagon Group is a provider of security services in high-risk environments, remote areas and emerging markets in support of land-based, aviation, maritime and cyber operations.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

iFluids Engineering

iFluids Engineering

iFluids Engineering is a leading engineering consulting and risk management firm providing a full range of services including Cyber Security for Industrial Control Systems.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

IntelliGenesis

IntelliGenesis

IntelliGenesis provide comprehensive cyber, data science, analysis, and software development services that provide tailored, secure solutions for your critical data and intelligence needs.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

Blok Cyber Security

Blok Cyber Security

Blok provide small businesses and sole traders, with affordable, managed Cyber Security Packages that offer immediate protection and peace of mind.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security provides Professional Training Courses and Programmes in Cyber Security.

Suresecure

Suresecure

Suresecure are a specialised consulting company providing Strategic IT security consulting, Managed Security Services, and Incident Response Management.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Incognia

Incognia

Incognia have created a ubiquitous private identity based on location behavior, that enables a personalized frictionless experience with mobile apps and connected devices.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.