It’s long been known that to win in a cyber war, DoD has to have a way to get an asymmetric advantage in time, cost and contribution – something that is mostly alien to the Defense Acquisition process. A few years ago DARPA started something called the Cyber Fast Track (CFT) program. This awesome, by all accounts successful proposal is being rewarded with project cancelation (it will stop accepting proposals on 1 April 2013). But still there is good from the program we can learn from. The idea behind this program was to create a vehicle where they could bring in those nonstandard, cutting edge organizations and individuals not always found hanging out with the standard defense contractors – like hackers. From our observation this did result in some great new capabilities that can make a difference.
The hope was that through the CFT Program, DARPA could pull together multiple small cyber projects that are being developed on the fringe. It was advertised via Announcements that were periodically updated (the current one has a response date of 1 April 2013 as Amendment 4, and it will be the last one). [Find it as Solicitation Number DARPA-RA-11-52, located here ]
There are currently almost 100 programs funded under this program. I recently got to see one of the CFT funded efforts in use. DARPA provided funding last November to Secure Ideas, LCC to put together a distribution platform for cyber defense tools. It’s called the Active Defense Harbinger Distribution – ADHD. Basically, this is a live environment for active cyber defenses. The intended audience here is the defenders in the cyber battle. Having the ability to rapidly gather the tools that are being developed daily is essential, because DoD will never be able to develop tools like this as they need them.
Through the ADHD program many of the current active defensive projects are tied together under one common platform. It’s free and anyone can download it. Using a live environment, cyber warriors can practice their trade by booting the ADHD on any Intel-based system from a DVD or USB flash drive, or run the test environment from a virtual machine.
The tools are pretty cool: things like decloaking tools (to find the physical location of the attacker), NOVA (to detect network based reconnaissance efforts by spawning many virtual decoy machines), pushpin (to identify every tweet, YouTube video, flicker picture, etc. within a geographical location), spider trap (to trap web crawlers), web bug server (to embed a bug into a web document), or web labyrinth (to make a maze of web pages to confuse the web scanners). With all these fun tools to keep our DoD cyber warriors busy, it’s no wonder so many folks are migrating to that field!
An additional Cyber opportunity through DARPA is a new program called “Cyber Targeted-Attack Analyzer” to use big data to defend against targeted attacks. The BAA is late coming out – like most solicitations these days! Assuming it does happen, this will open up some exciting new work and I’m looking forward to seeing this project thrive. Companies proficient in big data should watch FEDBIZOPs for the imminent release of the BAA.