Showing posts sorted by date for query DARPA. Sort by relevance Show all posts
Showing posts sorted by date for query DARPA. Sort by relevance Show all posts

HACMS- High Assurance Cyber Military Systems By DARPA

Posted by Avik Sarkar On 2/28/2012 06:38:00 pm

HACMS- High Assurance Cyber Military Systems By DARPA
Computer scientists at the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, released a formal solicitation (DARPA-BAA-12-21) to industry for the agency's High-Assurance Cyber Military Systems (HACMS) program to safeguard civil and military embedded systems in vehicle electronics from hackers, computer viruses, and other cyber malware. Earlier in the week, DARPA conducted its first industry briefings on the HACMS military cyber security program, which aims to develop a set of publicly available tools to help build embedded computing for high-assurance military vehicles with onboard networked military embedded systems that are able to resist efforts by hackers to attack and damage vetronics computers remotely while hiding the effects from monitors. Although the HACMS program initially aims at embedded computing systems on military vehicles, DARPA officials say the tools and techniques the program develops may be applicable to other kinds of embedded systems, which in some circles are referred to as "cyber-physical" systems.
Networked, embedded systems are vulnerable to remote attack, DARPA officials point out. Exploits have resulted in the theft of water (Gignac Canal System in France), the release of raw sewage (Maroochy Shire Sewage plant in Australia), the delivery of incorrect dosages of insulin, printers catching on fire, interference with a Landsat-7 earth observation satellite, and computer viruses infecting the ground-control systems of the Predator and Reaper unmanned aerial vehicles (UAVs), DARPA officials say. The HACMS program aims to integrate publicly available tools into a high-assurance software workbench, which will be widely distributed to commercial and defense software developers. HACMS will use these tools to generate an open-source, high-assurance operating system and control system, and then use these components to build high-assurance military vehicles that are invulnerable to hacker attack.
Developing this kind of cyber security technology for military vehicles will require a fundamentally different approach from what the software community has done so far, DARPA officials explain. HACMS seeks to enable semi-automated code synthesis from executable, formal specifications, as well as produce machine-checkable proof that the code is secure. HACMS has five parts: synthesizer, formal specifications, verified libraries, proven code, and diagnostic information. Key HACMS technologies will include interactive software synthesis systems, verification tools such as theorem provers and model checkers, and specification languages. DARPA officials say they anticipate making several awards for the program.
 
-Source ( DARPA, Military Aerospace)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DARPA Implementing Biometrics With Passwords To Enhance Security For DOD

Posted by Avik Sarkar On 1/17/2012 12:50:00 am


Department of Defense (DOD) implementing more security. They are implementing a new technology which will blend biometric passwords without adding new hardware. DARPA on Friday issued a broad agency announcement (DARPA-BAA-12-06) for the initial phase of the Active Authentication program to develop software-based biometric approaches to verify the identities of authorized DOD computer users not only at login, but also throughout the courses of the users' computer sessions. 
Military information security experts at the U.S. Defense Advanced Research Projects Agency in Arlington,they are asking for industry's help in developing ways to blend biometrics into U.S. Department of Defense (DOD) military cyber security systems without installing new hardware. The intent is no only to save time and money, but also to help bolster existing DOD computer security that relies primarily on requiring uses to type in long and complex passwords. The Active Authentication program seeks to change the DOD's current cyber security focus from user passwords and common access cards when validating identity on DOD computer systems. Instead, the program seeks to focus on software-based user biometrics that does not require installation of new cyber-security software.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Exposed The Private Information of The Special Agent, Officers, Cyber Crime Investigators Of Department Of Justice

Posted by Avik Sarkar On 11/26/2011 04:08:00 pm


The hacktivists claim to have hacked into Baclagan's Gmail account and to have accessed his voicemails and SMS message logs using unspecified techniques as part of their ongoing campaign against law enforcement officials and their "allies" in the computer security industry.
The email dump, released as a torrent last Friday in part of what has become the group's regular FuckFBIFriday release, is also said to contain personal information including Baclagan's home address and phone number. The cache of emails – which according to AntiSec are from the account of Fred Baclagan, a retired special agent supervisor of the Californian Department of Justice – includes 38,000 emails detailing various computer forensic techniques and cybercrime investigation protocols. 
Baclagan told that he was nobody special in the Justice Department ... which is what he would say, of course. He said that he had specialised in identity theft before he retired last year. "I'm really just a nobody," he told the Post, "just a local investigator, not involved in anything dynamic or dramatic

In the Press Release Anon Said:-

################################################################################
#        ANTISEC LEAKS DOJ SPECIAL AGENT SUPERVISOR'S PRIVATE EMAILS,         #
#               IACIS CYBERCRIME INVESTIGATOR COMMUNICATIONS                              #
#         care of the #OCCUPYWALLST CRACKDOWN RETALIATION TASK FORCE         #       
################################################################################

Greetings Pirates, and welcome to another exciting #FuckFBIFriday release.

As part of our ongoing effort to expose and humiliate our white hat enemies, we
targeted a Special Agent Supervisor of the CA Department of Justice in charge of
computer crime investigations. We are leaking over 38,000 private emails which
contain detailed computer forensics techniques, investigation protocols as well
as highly embarrassing personal information. We are confident these gifts will 
bring smiles to the faces of our black hat brothers and sisters (especially 
those who have been targeted by these scurvy dogs) while also making a mockery 
of "security professionals" who whore their "skills" to law enforcement to 
protect tyrannical corporativism and the status quo we aim to destroy.

We hijacked two gmail accounts belonging to Fred Baclagan, who has been a cop
for 20 years, dumping his private email correspondence as well as several dozen 
voicemails and SMS text message logs. While just yesterday Fred was having a 
private BBQ with his CATCHTEAM high computer crime task force friends, we were 
reviewing their detailed internal operation plans and procedure documents. We 
also couldn't overlook the boatloads of embarrassing personal information about 
our cop friend Fred. We lulzed as we listened to angry voicemails from his 
estranged wives and ex-girlfriends while also reading his conversations with 
girls who responded to his "man seeking woman" craigslist ads. We turned on his 
google web history and watched him look up linux command line basics, golfing 
tutorials, and terrible youtube music videos. We also abused his google 
voice account, making sure Fred's friends and family knew how hard he was owned.

Possibly the most interesting content in his emails are the IACIS.com internal
email list archives (2005-2011) which detail the methods and tactics cybercrime 
units use to gather electronic evidence, conduct investigations and make 
arrests. The information in these emails will prove essential to those who want 
to protect themselves from the techniques and procedures cyber crime 
investigators use to build cases. If you have ever been busted for computer 
crimes, you should check to see if your case is being discussed here. There are 
discussions about using EnCase forensic software, attempts to crack TrueCrypt 
encrypted drives, sniffing wireless traffic in mobile surveillance vehicles, how 
to best prepare search warrants and subpoenas, and a whole lot of clueless 
people asking questions on how to use basic software like FTP. In the end, we
rickrolled the entire IACIS list, causing the administrators to panic and shut
their list and websites down.

These cybercrime investigators are supposed to be the cream of the crop, but we
reveal the totality of their ignorance of all matters related to computer
security. For months, we have owned several dozen white hat and law enforcement
targets-- getting in and out of whichever high profile government and corporate
system we please and despite all the active FBI investigations and several
billion dollars of funding, they have not been able to stop us or get anywhere
near us. Even worse, they bust a few dozen people who are allegedly part of an
"anonymous computer hacking conspiracy" but who have only used 
kindergarten-level DDOS tools-- this isn't even hacking, but a form of
electronic civil disobedience. 

We often hear these "professionals" preach about "full-disclosure," but we are
sure these people are angrily sending out DMCA takedown notices and serving
subpoenas as we speak. They call us criminals, script kiddies, and terrorists, 
but their entire livelihood depends on us, trying desperately to study our 
techniques and failing miserably at preventing future attacks. See we're cut 
from an entirely different kind of cloth. Corporate security professionals like
Thomas Ryan and Aaron Barr think they're doing something noble by "leaking" the
public email discussion lists of Occupy Wall Street and profiling the "leaders"
of Anonymous. Wannabe player haters drop shitty dox and leak partial chat logs
about other hackers, doing free work for law enforcement. Then you got people 
like Peiter "Mudge" Zatko who back in the day used to be old school l0pht/cDc 
only now to sell out to DARPA going around to hacker conventions encouraging 
others to work for the feds. Let this be a warning to aspiring white hat 
"hacker" sellouts and police collaborators: stay out the game or get owned and 
exposed. You want to keep mass arresting and brutalizing the 99%? We'll have to 
keep owning your boxes and torrenting your mail spools, plastering your personal 
information all over teh internets.

Hackers, join us and rise up against our common oppressors - the white hats, the 
1%'s 'private' police, the corrupt banks and corporations and make 2011 the year 
of leaks and revolutions! 

We are Anti-Security,
We are the 99%
We do not forgive.
We do not forget.
Expect Us!

For More information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

"Operation Schmooze Hackers" DARPA, NSA, DoD Asking For Hackers Help

Posted by Avik Sarkar On 11/09/2011 10:28:00 pm


The Pentagon can't defend its own defense networks, what with them being "as porous as a colander," according to Richard Clarke. Clarke is the former White House counterterrorism chief who's turned into what Wired calls a cybersecurity Cassandra. Wired quoted Clarke as he addressed a packed ballroom at the first-ever DARPA Cyber Colloquium on Monday. At the conference, officials of the Defense Advanced Research Projects Agency pleaded with hackers to help them out and said that the agency plans to boost spending as it battles unnamed adversaries in cyberspace.
Regina Dugan, DARPA director, addressed an audience that comprised what the agency called "visionary hackers," academics and othersIn its unending effort to find more technologically innovative ways to accomplish things most of the government agencies that are its clients can't do at all, DARPA called a conference this week to ask for help security military and government networks against hackers. To solve a cyber-security problem the General Accountability Office reported had been so low on the Dept. of Defense's agenda during the past 21 years that the DoD had no coherent central policy, procedures or even identified leaders in the process of stopping the leak of information from its servers and those of its defense contractors. Did DARPA get the fresh ideas and offers of help it was hoping for when it put the colloquium together? Will the $208 million it is asking that Congress give it for cybersecurity research next year do any good?
Probably. You can't wave that much cheese around – while promising it will continue to grow – without getting a few rodents sniffing after it.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DARPA Is Planning Future Cyber Security Strategies

Posted by Avik Sarkar On 8/20/2011 04:19:00 pm


The U.S. Defense Advanced Research Projects Agency (DARPA) Information Innovation Office (I2O) in Arlington, Va., is asking companies and colleges for ideas on technologies to safeguard U.s. Department of Defense (DOD) computer systems in the event of a cyber attack.
DARPA issued a request for information (DARPA-SN-11-55) this week entitled Future Directions in Cyber Security that poses three fundamental questions related to national information security:

1. At present, attackers in cyberspace seem to have the initiative and hence the advantage. What specific technologies should DARPA develop to address the imbalance?

2. Attacks on embedded computing systems have received much attention. What specific technologies should DARPA develop to secure embedded computing systems?

3. If DARPA could only invest in one cyber-security research area, what should that be and why?
 
DARPA is inviting the nation's cyber security experts to offer answers to these questions, and based on their answers, DARPA experts may invite them to a meeting on 7 Nov. 2011 called the DARPA Colloquium on Future Directions in Cyber Security, at which the DARPA director will give a keynote address, and leaders from government and industry, as well as DARPA program managers, will discuss current and future cyber research directions.

Attendance at the DARPA Colloquium is by invitation only and space is limited, officials say.

To respond to DARPA questions and become candidates for the DARPA Colloquium, e-mail answers as an attachment in a commonly used format to cybercolloquium@darpa.mil no later than Friday, 9 Sept. 2011. Representatives of DARPA and DARPA support contractors will review answers they receive.
 
For More information Click Here

-News Source (Military Aerospace)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DARPA Launched Cyber Fast Track (Fund To Innovate Military)

Posted by Avik Sarkar On 8/05/2011 06:27:00 pm



The Defense Advanced Research Projects Agency on Thursday launched Cyber Fast Track, an effort to fund innovative cybersecurity efforts by groups and people who don't usually do work for the government, including hobbyists, boutique security labs, and other small groups of hackers, DARPA project manager Peiter "Mudge" Zatko announced at Black Hat, a UBM TechWeb event, in Las Vegas.
The Cyber Fast Track program, first announced at the annual ShmooCon cybersecurity conference in January, will fund between 20 and 100 projects a year, Zatko said. The short, fixed-price contracts will be awarded with little turnaround time--about 10 days from the receipt of proposals--based on a simple proposal template so as to lower the barrier to entry. Projects will be carried out over no more than a few months. 
Cyber Fast Track will fund experimental projects, including commodity high-end computing, open software tools, and others, that might help the military. For example, Zatko raised possibilities like cheap unmanned aerial vehicles and an automated war-dialer that could repeatedly ring phones in a given area to discourage bomb-makers from building improvised explosive devices. Cyber Fast Track may also fund community efforts, possibly including a bug hunting exercise.
In addition to funding fast, cheap innovation that can later be leveraged by the Department of Defense, Zatko sees Cyber Fast Track as a way to link hackers up with government. "The way government is set up, it's almost impossible for the small businesses, the researchers, the hackers, to get money for research without giving up intellectual property or being purchased and having their company gutted," Zatko said. "I want to make it easier."
While some hackers may be reticent of the federal government, Zatko comes with impeccable hacker credentials. He was a member of the L0pht hacker group, created a famous password-cracking tool, and in 1998 testified before Congress that hackers could shut down the Internet in a half hour.
Zatko said that it is difficult for organizations like the L0pht to parse the legalese and government-talk in government contracts, and challenging for them to put together proposals. It takes too long and too much money for venture-backed companies, meanwhile, to justify crafting proposals.
When research is complete, researchers will be able to keep commercial rights to whatever they create, but the government will get government purpose rights that allow it to use, modify, repurpose, or release technical data on the projects in question. They may also be asked to present their efforts to a forum of undergraduate students at a U.S. military service academy, and will be encouraged to continue to update DARPA on the status of their projects once the contract has ended.
In his time at DARPA, Zatko has also been responsible for CINDER, a project that was initially reported by the government to be about insider threats, but which Zatko says is more about combating attacks like Stuxnet and next-generation advanced persistent threats. 

-News Source (Information Week)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search