Project Improv makes hacking IoT gear a patriotic duty
The US Military Defense Advanced Research Projects Agency (DARPA) is asking the American public to put on its collective black hat and find new ways to turn everyday technology into weapons of online destruction.
Uncle Sam’s hacker hut said that its new project, dubbed Improv, would seek to uncover new ways in which everyday technology could be compromised in order to present a security threat.
To do so, DARPA is asking researchers, hobbyists and industry vendors to hack away at embedded devices and consumer technology in hopes of finding possible avenues of attack. Potential targets include technology used in agriculture, transportation, and other “easily purchased, relatively benign technologies” that could be repurposed for malicious ends.
“DARPA’s mission is to create strategic surprise, and the agency primarily does so by pursuing radically innovative and even seemingly impossible technologies,” program manager John Main said in announcing the new program.
“Improv is being launched in recognition that strategic surprise can also come from more familiar technologies, adapted and applied in novel ways.”
In the first phase of Improv, DARPA will accept submissions from the public on possible ways that easily-available technologies could be turned into security threats.
If the project is accepted, DARPA says it will give “varying levels of support,” including funding, to the selected projects with the goal of developing a working prototype of the device within 90 days.
The agency is holding a special webinar for interested applicants on March 29 and 30.
The agency said that the program is born out of a changing landscape for security. Particularly, the shift in R&D away from government to the public sector has ended the monopoly the government has traditionally had over advanced technologies, and created a much larger pool of experts and researchers who are able to spot potential nefarious uses for technology.
“DARPA often looks at the world from the point of view of our potential adversaries to predict what they might do with available technology,” said Main.
“Historically we did this by pulling together a small group of technical experts, but the easy availability in today’s world of an enormous range of powerful technologies means that any group of experts only covers a small slice of the available possibilities.”
DARPA does have a history of employing private-sector hackers to work on its research projects. Most notably, the agency hired Peiter “Mudge” Zatko of L0pht and Cult of the Dead Cow fame to head up its cyber security research in 2010. ®
Sponsored: Speed up incident response with actionable forensic analytics