The Pentagon’s advanced research arm, which played a key role in developing the Internet 40 years ago, said on Monday it will boost efforts to build offensive cyber arms for possible use against enemy targets by the U.S. military.
“Modern warfare will demand the effective use of cyber, kinetic and combined cyber and kinetic means,” Regina Dugan, director of the Defense Advanced Research Projects Agency (DARPA), told a symposium.
Kinetic is military parlance for such things as bombs, bullets and troops.
The United States needs “more and better options” to deal with what she described as the growing threat to industrial and other physical systems controlled by computers that may be penetrated by foes, Ms. Dugan told the session.
The cyber colloquium was the first of its kind hosted by DARPA to discuss securing U.S. infrastructure and assuring the military’s ability to use its networked systems in future conflicts.
DARPA opened the symposium to what it called “visionary hackers” as well as academics and professionals in an effort to “change the dynamic of cyber defense.”
A recent DARPA assessment found that U.S. capabilities to deal with fast-evolving threats from malicious software code are limited, “both offensively and defensively,” Ms. Dugan said. “We need to fix that.”
“We are shifting our investments to activities that promise more convergence with the threat and that recognize the needs of the Department of Defense,” Dugan told an audience of about 700 in a hotel ballroom outside Washington.
“Malicious cyber attacks are not merely an existential threat to our bits and bytes; they are a real threat to our physical systems, including our military systems,” she said.
As a result, DARPA in coming years “will focus an increasing portion of our cyber research on the investigation of offensive capabilities to address military-specific needs,” she said.
DARPA’s budget submission for fiscal 2012, which began Oct. 1, called for its cyber research funding to jump to $208-million from $120-million. Over the next five years, the agency said it plans to boost its investment in cyber research to 12 per cent from 8 per cent even as overall defense-related spending is set to decline.
Dugan said U.S. policymakers, not DARPA, will determine how cyber capabilities may be used to protect and defend U.S. security interests.
But DARPA “has a special responsibility to explore the outer bounds of such capabilities so that our nation is well prepared for future challenges,” she said, citing its role in creating Arpanet, forerunner of the Internet.
U.S. officials stepped up warnings about possible destructive cyber attacks after the computer virus Stuxnet emerged in 2010, changing the dangers from disruption of industrial capabilities to destruction. Stuxnet is believed to have crippled centrifuges that Iran uses to enrich uranium for what the United States and some European nations have charged is a covert nuclear weapons program.
The U.S. Defense Department has said more than 30 countries are creating military cyber units, just as the Pentagon did with the U.S. cyber command that began operating last year.
Cyber technologies now exist that are capable of destroying critical networks, causing physical damage by playing havoc with industrial control systems and altering key systems’ performance.
U.S. officials have declined to discuss publicly U.S. offensive capabilities in cyberspace. One key concern is whether the United States can defend against retaliatory cyber attacks that might target such things as transportation, banking systems and power grids.