WASHINGTON (Reuters) - The Pentagon’s advanced research arm, the same group credited with developing the forerunner of the Internet in the 1960s, is working on many fronts to boost U.S. defenses against computer-generated attacks.
The Defense Advanced Research Projects Agency, is building a virtual firing range in cyberspace — a replica of the Internet on which scientists can test how successfully they can thwart feared foreign- or domestic-launched attempts to disrupt U.S. information networks
Called the National Cyber Range, it will also help the U.S. government train cyberwarriors and hone advanced technologies to guard information systems.
Reuters has learned that the National Cyber Range is expected to be fully up and running by mid-2012, four years after the Pentagon approached contractors to build it. It cost an estimated $130 million.
One of these companies is Lockheed Martin Corp, the Pentagon’s No. 1 supplier by sales and itself the target of what it called “a significant and tenacious” cyber attack last month.
Lockheed, the U.S. government’s top information technology provider, was awarded a $30.8 million contract in January 2010 to continue to develop a prototype. Johns Hopkins University’s Applied Physics Laboratory won a similar deal at that time.
This summer DARPA is to select one of them to operate a prototype test range during a yearlong test.
It will also apparently help train cyberwarriors such as those in the U.S. military’s Cyber Command, ordered up by Defense Secretary Robert Gates in June 2009 after he concluded the threat of digital warfare had outgrown existing U.S. defenses.
The cyber range actually will be a collection of “testbeds” that can carry out independent drills or be woven into one or more larger pieces, depending on the challenge.
The range is to test such things as new network protocols plus satellite and radio frequency communications.
A key goal is to run classified and unclassified experiments in quick succession, “in days rather than the weeks it currently takes,” said Eric Mazzacone, a DARPA spokesman.
That would require a system capable of being completely reset after an experiment — reconfiguring it and purging all data from related memory, hard drives and storage devices.
Such an ability to reboot and start over is central to the plan, keeping the facility available “at all times for both experimentation and training,” without fear of corruption or compromise, Mazzacone said by email.
DARPA is also working on other plans to advance cyber defense.
A program known as CRASH — for Clean-slate design of Resilient, Adaptive, Secure Hosts — seeks to design computer systems that evolve over time, making them harder for an attacker to target.
The Cyber Insider Threat program, or CINDER, would help monitor military networks for threats from within by improving detection of threatening behavior from people authorized to use them. The problem has loomed large since Army Private First Class Bradley Manning allegedly passed a trove of confidential State Department documents to WikiLeaks, the anti-secrecy
Then there is “Cyber Genome,” aimed at automating the discovery, identification and characterization of malicious code, which could help figure out who was behind a cyber strike.
President Barack Obama has asked Congress for more than $250 million to fund DARPA’s cyber initiatives in the coming year, double his fiscal 2011 request.
The U.S. Defense Department, meanwhile, is preparing an expanded pilot program to boost the sharing of cybersecurity information with the companies that provide arms, supplies and other services costing some $400 billion a year.
The new effort, like a predecessor that began in 2007, is voluntary and is aimed at protecting sensitive but unclassified information on or passing through computers owned by companies that make up what the Pentagon calls the defense industrial base, or DIB.
About 35 companies took part in the initial program, including Lockheed Martin, which said last month its computer networks had become “a frequent target of adversaries around the world.”
The expanded “DIB Opt-In” program will be open to many more companies. It is “vital to the nation’s military readiness and the government’s overall efforts to enhance cybersecurity,” Air Force Lieutenant Colonel April Cunningham, a Defense Department spokeswoman, said in a statement to Reuters.
Ultimately, the new program may be a step toward putting major Pentagon contractors behind military-grade network perimeter defenses, such as those that protect the Pentagon’s own classified networks.
Reporting by Jim Wolf; Editing by Jackie Frank