Enhanced Attribution: An Engine To Identify Hackers

Uploaded on 2016-07-04 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

Pentagon researchers expect to initiate a new program by early 2018 to better identify hackers and cybercriminals. The “Enhanced Attribution Program” will enable the government to not only characterize an attacker, but also share a cybercriminal’s modus operandi with prospective victims, and predict where they will strike next. 

"The idea is to not only look at the bullets but also the weapon," explained Angelos Keromytis, the program leads at the Defense Advanced Research Projects Agency (DARPA), referring to a hacker’s IT resources.

Defense officials plan to be able to tap into laptops as well as smartphones and other internet-enabled devices. By contrast, under current security protocols, hackers effectively mask or misdirect data to avoid detection from authorities.

The program seeks to mimic and recreate the criminal, to get ahead of their next move and potentially catch them at their next point of attack. Supposing that DARPA is capable of producing the tech capable of telegraphing attribution, the group faces another challenge, by apprehending a hacker or releasing warnings to the public, they may ultimately expose proprietary methods.

Keromytis has stated concern that sharing too much information about an adversary with the public may embolden others to find new ways to circumvent federal officials.

The US recently faced a similar challenge, by indicting Iranian Revolutionary Guard hackers, explained NSA security scientist Dave Aitel. "By indicting these individuals the US government showed the world – and showed Iran – what it knows about the Iranian effort and this announcement reveals more than just what the US is able to attribute, it also signals what it does not know and cannot detect."

In the short term, Keromytis hopes that the new tech he is proposing may have beneficial applications against financial criminals and other forms of hacking. "That is my hope and it’s not an idle hope," he said.

DARPA expects that by the end of 2020 the system could accumulate sufficient data to nab "A-Team hackers," cybercriminals, or privateers, sponsored by governments.

Ein News

« Technology Advances Too Fast For Government
Lessons Learned From Major Healthcare Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

SureCloud

SureCloud

SureCloud is a Governance, Risk and Compliance (GRC) and Cybersecurity Solutions provider.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

SECURITYMADEIN.LU

SECURITYMADEIN.LU

SECURITYMADEIN.LU is the main online source for cyber security in Luxembourg providing news, information and a toolbox of cyber security solutions.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

KLC Consulting

KLC Consulting

KLC Consulting offers information assurance / Security, IT Audit, and Information Technology products and services to government and Fortune 1000 companies.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

National Initiative for Cybersecurity Education (NICE)

National Initiative for Cybersecurity Education (NICE)

NICE is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.

RFA

RFA

RFA is a unique IT, financial cloud and managed cyber-security provider to the financial services and alternative investment sectors.

CyberSecJobs.com

CyberSecJobs.com

CyberSecJobs.com is a career site and job fair company providing services and resources to the cyber security community.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.