March 13, 2012
Protecting Cyberspace and the Nation requires significantly enhanced defensive and offensive cybercapabilities
To date, there has been much focus on increasing DoD cyber defensive capabilities. To be sure, the list of needed capabilities is long. DoD networks may be safer than they were, but systems are often easily penetrated, accounts are routinely hacked, intellectual property and sensitive information are compromised, and the supply chain is not verifiably secure.
The Agency’s recent testimony before congress reinforced that malicious cyber attacks are not merely an existential threat to DoD bits and bytes; they are a real threat to physical systems—including military systems—as well as to U.S. warfighters.
The U.S. will not prevail against these threats simply by scaling current approaches.
“With respect to cyber offense, it is our firm belief that the Department, indeed the Nation, is at an inflection point,” said DARPA Director, Regina E. Dugan. “It is increasingly clear that the operational needs of the Department of Defense (DoD) cannot be achieved by scaling traditional methods for cyber. To be relevant, the DoD needs cyber tools that are matched in diversity of effect and scale, address different timescales and entirely new targets. It will require the integration of cyber and electronic warfare at unprecedented levels.”
Armed with original research spearheaded by Dugan and the Agency’s Deputy Director, Kaigham J. Gabriel, the Agency created a cyber analytical framework as a means of identifying specific opportunities and gaps in capabilities. “The DARPA Cyber Analytic Framework, completed over a period of months through original research and detailed investigation, concluded that the U.S. approach to cyber security is dominated by a strategy that layers security on to a uniform architecture,” said Dugan. “We do this to create tactical breathing space, but this approach is not convergent with an evolving threat.”
During testimony before the House Armed Services Committee Subcommittee on Emerging Threats and Capabilities, February 29, 2012, Gabriel reinforced that “Modern warfare demands the effective use of cyber, kinetic, and combined cyber and kinetic means. That will happen only if cyber capabilities are at scale and speeds matched to our kinetic options.”
DARPA will testify on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program on March 20, 2012 before the Senate Armed Services Committee, Subcommittee on Emerging Threats and Capabilities. The Agency’s bottom line perspective, according to Dugan, “is that we are capability limited; both defensively and offensively. We need to fix that.”
DARPA leadership is routinely asked to predict the future. Of late, this question seems to be asked pertaining to cyber more than most areas of warfare. But according to Gabriel, “At DARPA, we believe it’s not about predicting the future… it’s about building it.”