When I interviewed Lisa Porter about the kinds of projects the Intelligence Advanced Research Projects Activity (the web site isn't quite ready for prime time, but should be up within a week) would take on, she would not get specific, because most of those projects will be classified. But Carl Landwehr, a program leader at the National Security Agency, elaborated on what projects are now being considered at IARPA. These include revamping the infrastructure of the internet to counter threats like the Storm worm, and addressing fundamental software flaws that prevent true cybersecurity.
Cybersecurity is becoming a major concern, and doubly so for the intelligence community. For intelligence analysts, assurance that their information is solidly based and not sabotaged in any way is extremely important. Some IARPA projects will focus on techniques that will stop the multitudes of attacks on the flaws built into commercial software. It''s no secret that that commercial software often ends up in military (and other classified) environments. Security is not the primary consideration during the cycle of that software''s design: it certainly does not take precedence over time to market and features. ''The flaws in software implementations are often exploited by attackers,'' Landwehr says. That doesn''t mean exploitation is easy, but one of IARPA''s priorities, he says, will likely be to look into techniques to thwart these attacks.
Landwehr also points to Storm as a consequence of an existing infrastructure that provides weak accountability. "There's a lot of bleeding out there," he says. "Network attacks have become a commercially productive activity for a lot of people who are trying to make money. That's an urgent concern. With the current infrastructure, it''s very difficult to trace back attacks, or even to tell when you''re being attacked. Packet streams can come at you from anywhere.'' IARPA is interested in funding long-term research that would make it more difficult for a Storm type of threat to occur. "We could spend a lot of research money on trying deal with current attacks and never really solve the problem," he says. "But if we spend some effort looking further out, we might change the infrastructure so that these attacks just couldn''t happen."