Thinking Tech

Darpa's top hacker works to protect Pentagon from WikiLeaks and others

Darpa's top hacker works to protect Pentagon from WikiLeaks and others

Posting in Design

That whole WikiLeaks expose was embarrassing for the Pentagon. So they turned to Darpa, who turned to an in-house hacker to prevent future leaks.

After WikiLeaks passed some 77,000 mostly-classified Defense Department documents to three major international publications, the mood at the Pentagon changed. There had until that point been a push from Defense Secretary Gates to make more documents available to enlisted men and women at all levels, under the theory that the more information one has, the better one can do a job.

But the WikiLeaks debacle alerted the Pentagon that perhaps this strategy was not the smartest. A solution was needed--a way to allow the military to have as much information as possible without allowing it to be swiped by someone wanting a story.

So the Pentagon did what any top governmental organization would do: They asked Darpa.

Interestingly, Darpa's solution (as difficult as it sounds) is headed by none other than Peiter "Mudge" Zatko, a famous former hacker who, as Wired notes, once claimed he and his crew could "shut down the Internet in 30 minutes." (This, we should note, was well before Zatko was on the government's payroll.)

The solution, proposed by Zatko and his team, is a sophisticated monitoring system called CINDER (which, somehow, stands for Cyber Insider Threat). Though it has yet to be built, the plan is that CINDER will be equipped with complex algorithms to detect unusual behavior from those on the network.

Of course, that kind of system necessarily lands on tons of false positives, which is why the software is designed to look not for perpetrators, but plans. Perpetrators can be caught later; the more pressing problem is halting whatever plan has been hatched. To that end, CINDER researchers will "make use of logs and accounting information that tracks allowed activities rather than depending entirely on alerts from monitoring systems focused on anomalous or disallowed activities."

CINDER is years off, but Secretary Gates seems bullish on the project, mentioning the project implicitly in a speech in July.

Share this

Dan Nosowitz

Contributing Editor

Contributing Editor Dan Nosowitz has written for Popular Science, Fast Company and Gizmodo. He holds a degree from McGill University in Canada. He is based in New York. Follow him on Twitter. Disclosure