Recently much attention is being given to the topic of cyber warfare and rightfully so. Our computers and networks are under continuous attack from all over the world. The level of sophistication of these attacks and the quality of the code written to perform these attacks both have raised significantly in the past year. Experts agree we have entered a new era of warfare and are transitioning from bombs and bullets to bits and bytes.
In January two classified presidential directives were signed related to defending the country against cyber attacks. At that time the price tag was estimated at $6 billion. In mid May the price tag was revised and believed to be $17 billion. Now, the price has risen again to be $30 billion. That is a big pot of money by anyone's standards. So the question is, where will this money be spent? Increasing cyber defense will require investment in Research and Development as well as in existing technology and services. The first and most critical activity will be to fortify current systems against known cyber threats.
Spending Allocation:
- Hardware 18% $5.4 Billion USD
- Software 25% $7.5 Billion USD
- Consulting 29% $8.7 Billion USD
- Services 24% $7.2 Billion USD
- R&D 4% $1.2 Billion USD
The R&D efforts will focus on near term delivery of advanced defensive capabilities (like behavioral modeling) of software processes and transaction to evaluate if they pose a threat to the system. Additionally, advanced modeling capabilities are required for evolving defenses and investigative activities. Advanced modeling will be used to certify and authenticate chips, hardware and software to be authentic and free of malicious code. One of the most promising capabilities centers on the development of a "Digital DNA" database repository. The ultimate goal of this work is the same as with current DNA forensics - to identify the perpetrators of the assault. Most cyber attacks leave behind forensic evidence that can be used to assess the capabilities of the attacker, understand the implications of the attack and to create defensive measure to guard against this type attack in the future. With all the attacks that have taken place, there is significant intelligence out there about techniques, cyber weapons, and strategies that have been used in these cyber assaults. Analysis of this evidence can create Digital DNA which could also help to identify the source of the malicious code and potentially lead to the attacker.
ASDF represents the four Digital DNA characteristic sets.
A = attributes, abilities, abstraction, architecture, assembly, adaptation
S = style, signatures, syntax, structure, source, specification, scope
D = demographics, delivery, development, discipline, data, design
F = functions, features, faults, formidability, fields, forms, factors
There are currently over a million pieces of malware. On average there are approximately 200 new computer viruses released monthly, so the raw cyber DNA materials are not in short supply. The potential use and value of the Digital DNA repository will increase with every single entry and the analysis of attacks. According to a source close to the Digital DNA project, the repository is currently in its infancy, it continues to grow and mature with the knowledge gained from each cyber attack. John Foley, CEO of Defcomm1 and former CEO of Vigilant Minds a leading managed security services provider said, "Much like the human genome project, Digital DNA will basically fingerprint the technical and human factors behind the malicious software and attacks." Security experts believe that Digital DNA type data is a critical component and required to fight cyber attacks and defend systems.
