The Defense Advanced Research Projects Agency (DARPA) has announced that it’s to boost its investment in cyber research by 50 percent over the next five years, in response to the increasing threat of cyber warfare.
“DARPA’s role in the creation of the internet means we were party to the intense opportunities it created and share in the intense responsibility of protecting it. Our responsibility is to acknowledge and prepare to protect the nation in this new environment,” says DARPA director Regina Dugan.
“We need more and better options. We will not prevail by throwing bodies or buildings at the challenges of cyberspace. Our assessment argues that we are capability limited, both offensively and defensively. We need to fix that.”
Part of the problem is that malicious code is a lot quicker and easier to produce than an effective security package.
Over the past 20 years, says DARPA, the effort and cost of information security software has grown exponentially — from software packages with thousands of lines of code to ones with nearly 10 million.
However, over the same period, and across roughly 9,000 examples of viruses, worms, exploits and bots, its analysis revealed a nearly constant average of 125 lines of code for malware.
“This is not to suggest that we stop doing what we are doing in cyber security. On the contrary, our existing efforts are necessary,” says Dugan.
“These efforts represent the wisdom of the moment. But if we continue only down the current path, we will not converge with the threat.”
DARPA’s now recruited a cyber team composed of experts, including ‘white hat’ hackers.
“I should emphasize that national policymakers, not DARPA, will determine how cyber capabilities will be employed to protect and defend the national security interests of the United States,” says Dugan.
“But the agency has a special responsibility to explore the outer bounds of such capabilities so that our nation is well prepared for future challenges.”