Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The research arm of the US Department of Defense, DARPA, has embarked on a project to weed out insider cyber threats.The Cyber Insider Threat or CINDER program aimed to compare enemy "mission contexts" with Defenses' routine internal activities to illuminate activity that might reveal an insider is working for enemies of the United States.DARPA (Defense Advanced Research Projects Agency) has revealed it seeks a system that assumes its networks and systems are already infiltrated, acknowledging that enemies on the inside would pass normal security checks.
But enemies would also display patterns of behaviour that show their real colour, DARPA said in tender documents released last week.
"What sets the insider threat apart from other adversaries is the use of normal tactics to accomplish abnormal and malicious missions," DARPA explained.
Basic activities DARPA already expects of an insider include exploring local file systems, passive network monitoring, identifying network shortcuts, referencing data stores within local documents and local network scanning.DARPA said high rates of false positives would be acceptable and could be mitigated. For example, if a system's alerts rely on a sequence of events to indicate an insider threat, DARPA would allow users of that system to adjust the relative importance of each trigger.
The project comes as the US steps up efforts to counter cyber attacks against its military infrastructure. US Deputy Defense Secretary William J Lynn III last week revealed that a 2008 USB-initiated attack successfully penetrated its classified networks, revealing its Middle East military plans.
The US also continues to face embarrassment over its security systems after whistle-blowing site Wikileaks was sent classified material by US military personnel.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.