The IoT paradigm is enlarging as never before our surface of attack, it is obvious that cyber criminals and nation-state hackers are looking at it with an increasing interest.
The US Military Defense Advanced Research Projects Agency (DARPA) is asking American geeks to develop new techniques to turn everyday IoT objects into cyber weapons.
The DARPA is launching a new project dubbed Improv that aims to develop new techniques to hack into everyday technology.
The DARPA’s intent it to involve researchers, industry vendors, and hobbyists in finding new attack vectors for embedded devices and consumer technology.
IoT technology is being wide adopted in various industries, including transportation, healthcare and home automation. DARPA is particularly interested in off-the-shelf technology that could be abused by malicious attackers to cause damage on a large scale.
The Improv project aims to discover new attack vector targeting “easily purchased, relatively benign technologies.”
“The Defense Advanced Research Projects Agency (DARPA) Improv program is soliciting innovative research proposals for prototype products and systems that have the potential to threaten current military operations, equipment, or personnel and are assembled primarily from commercially available technology.” reads the Synopsis of the Improv program.
“Improv will explore ways to combine or convert commercially available products such as off-the-shelf electronics, components created through rapid prototyping, and open-source code to cost-effectively create sophisticated military technologies and capabilities.” explained the program manager John Main.
“To bring a broad range of perspectives to bear, DARPA is inviting engineers, biologists, information technologists and others from the full spectrum of technical disciplines—including credentialed professionals and skilled hobbyists—to show how easily-accessed hardware, software, processes, and methods might be used to create products or systems that could pose a future threat. “
“Improv is being launched in recognition that strategic surprise can also come from more familiar technologies, adapted and applied in novel ways.”
In the first phase of the Improv program, DARPA will accept submissions from the public on possible attack techniques relying on easily-available technologies.
The DARPA will select most interesting projects that will be supported by the agency in various ways, including economic funding.
“DARPA will assess candidate ideas and offer varying levels of support to develop and test selected proposals. The emphasis will be on speed and economy, with the goal of propelling winning submissions from concept to simple working prototypes within about 90 days.” states the DARPA
The Improv will help the US Military to identify possible attack vectors of potential cyber threats, but many experts believe that the US Government is also thinking about new attack vectors to maintain it supremacy in the cyberspace.
“DARPA often looks at the world from the point of view of our potential adversaries to predict what they might do with available technology,” said Main.
“Historically we did this by pulling together a small group of technical experts, but the easy availability in today’s world of an enormous range of powerful technologies means that any group of experts only covers a small slice of the available possibilities.”
If you are interested in the project follow the special webinar issued by the DARPA on March 29 and 30.
(Security Affairs – Improv program, DARPA)