News Article

This Pentagon Project Makes Cyberwar as Easy as Angry Birds
Date: May 28, 2013
Author: NOAH SHACHTMAN
Source: Wired

Featured firm in this article: Galois Inc of Portland, OR



The target computer is picked. The order to strike has been given. All it takes is a finger swipe and a few taps of the touchscreen, and the cyberattack is prepped to begin.

For the last year, the Pentagon’s top technologists have been working on a program that will make cyberwarfare relatively easy. It’s called Plan X. And if this demo looks like a videogame or sci-fi movie or a sleek Silicon Valley production, that’s no accident. It was built by the designers behind some of Apple’s most famous computers — with assistance from the illustrators who helped bring Transformers to the silver screen.

Today, destructive cyberattacks — ones that cause servers to fry, radars to go dark, or centrifuges to spin out of control — have been assembled by relatively small teams of hackers. They’re ordered at the highest levels of government. They take months to plan. Their effects can be uncertain, despite all the preparation. (Insiders believe, for example, that the biggest network intrusion in the Pentagon’s history may have been an accidental infection, not a deliberate hack.)

With Plan X, the Defense Advanced Research Projects Agency is looking to change all that. It wants munitions made of 1s and 0s to be as simple to launch as ones made of metal and explosives. It wants cyberattack stratagems to be as predictable as any war plan can be. It wants to move past the artisanal era of hacking, and turn cyberwarfare into an industrial effort. Across the U.S. government, there are all kinds of projects to develop America’s network offense. None are quite like this.

“Plan X is a program that is specifically working towards building the technology infrastructure that would allow cyber offense to move from the world we’re in today — where it’s a fine, handcrafted capability that requires exquisite authorities to do anything… to a future where cyber is a capability like other weapons,” Darpa director Arati Prabhakar told reporters last month. “A military operator can design and deploy a cyber effect, know what it’s going to accomplish… and take an appropriate level of action.”

But you can’t expect the average officer to be able to understand the logical topology of a global network-of-networks. You can’t expect him to know whether its better to hook a rootkit into a machine’s kernel or its firmware. If cyberwar is going to be routine, Darpa believes, the digital battlefield has to be as easy to navigate as an iPhone. The attacks have to be as easy to launch as an Angry Bird.

“Say you’re playing World of Warcraft, and you’ve got this type of sword, +5 or whatever. You don’t necessarily know what spells were used to create that sword, right? You just know it has these attributes and it helps you in this way. It’s the same type of concept. You don’t need the technical details,” says Dan Roelker, the cybersecurity specialist who helped develop some of the world’s most widely-used intrusion detection software, came up with the idea for Plan X, and joined Darpa to make it happen.

Dan Roelker hired some veterans of the gaming industry to start the process of imagining how that World of Cyber Warcraft might work. Together, the team started reaching out in the spring and summer of 2012 to some of Silicon Valley’s best-known design shops, game developers, and special effects houses and asking them if they wanted to take a stab at building a mock-up of a graphical user interface for network battle.

The companies came up with all sorts of ways to connect with the data. Some went with a Google Glass-style wearable computer. Others with a virtual reality headset. (Keyboards and mice were specifically not allowed.) One even tried to direct cyberattacks by waving your arms, and having an Xbox 360 Kinect interpret the motions. “It sounds cool. It actually sucked,” Roelker says. “Interesting idea, but it was very non-functional.”

Instead, the Darpa crew turned to the legendary Frog Design. In the 1980s, the firm helped come up with iconic products like the Sony Walkman and the Apple IIc. Today, Frog helps huge companies like General Electric visualize their titanic data sets. Nick de la Mare, Frog’s executive creative director, thought of Plan X as a similar project: take a tiny chunk of the Internet; plot out how packets move from one node to another; and then make that map so easy to navigate, even a white-haired general could do it. “We didn’t approach it as a cyberwarfare program at all,” del la Mare says. “We approached it as a mapping project.”

Six weeks later, Frog had something of a prototype for the interface. It relied on a Samsung SUR40 Touch Table -- a kind of 40-inch, multi-person iPad. Using tones of midnight and baby blue, it charted out network topologies like constellations of stars. Except these constellations you could examine from every direction, and zoom right up to the nearest sun.

Frog and Roelker showed it off on October 15th and 16th, 2012 at a two day seminar held at Darpa’s curved glass headquarters in suburban Virginia. The morning sessions were open, and the afternoons were classified. Industry, military, academic researchers interested in building out Plan X flocked to the session — and walked away impressed. Further demonstrations followed to Capitol Hill staffers and at the Pentagon. The non-technical audiences were even more enthusiastic. Suddenly, they could see how network battle might not just belong to the geeks. It was something they could one day pull off, too. And for a Washington crowd feeling somewhat helpless before what they saw as an online menace, that was a very soothing thought. As one person who took part in the demonstrations told me: “It’s like crack for generals.”

In a dimly-lit conference room at Darpa HQ, Roelker shows me what he showed to the brass. He’s dressed in worn jeans, frayed moccasins, and a black t-shirt with a pistol silkscreened in gray. Maybe he shaved a week ago. We joke about my decision to wear a suit jacket, and he warns me not to expect too much from the demo.

“This isn’t, like, fully functioning,” he says. “This is just to get those big ideas we have in Plan X out for folks to think about and consider. ‘Cause it kind of changes a little bit how people reason about cyberspace, how you visualize it, how you interact and navigate with it.” (Darpa wouldn’t allow me to take pictures of the system during the demonstration, nor would the agency agree to provide screenshots.)

The top right corner of the Touch Table announces the mission: “botnet takedown.” A red star in the network constellation represents the botnet’s command-and-control server — and the target of this mock operation. “So here’s the node… What kind of weapon package, in a military sense, do I want to hit that node with?” he asks, and he taps on the red server. Four blue wedges, equally sized, pop up around it. Each wedge has an icon — lightning bolts, radiating disk — and a number.

In most video games, players amass bullets, gold or some other kind of resource that they then expend to help them advance through the adventure. The same principle applies to the numbers affixed to the weapons packages here. “Maybe some technologies were more expensive to develop. Maybe it’s more risky or controversial,” Roelker says. “Maybe we spent $5 million building X, and if we use it, there’s a 50% chance we might lose it.” The numbers are meaningless for now; they’re just meant to convey that there’s some cost attached to every cyberattack. Roelker picks a weapon package called Sonic Boom, which costs him 10 points.

Then he picks a series of “battle units.” Some be used to download a rootkit onto a target machine or launch denial of service attack. (Although Roelker’s careful not to use those terms with me. “In Plan-X, we’re not doing any research into exploits, keyloggers, or rootkits,” he says. “We’re not building any types of those technologies. In this program.”) Other units might measure how the takedown is going. With every battle unit he picks, optimal routes between the nodes pop up in the screen’s background. The links between the digital constellations’ stars grow more intricate. Roelker picks a node to hop on the network, and adds that to the plan.

He then moves over to the far fight of the screen, where there’s a list of odd names, like “Angry Squirrel” and “Blanket Swarm.” One of the first companies Roelker’s team contacted when they started looking for interface designers was Massive Black, the San Francisco illustration firm that worked on everything from Bioshock to Transformers to a new line of G.I. Joe toys. “One idea Massive Black had was this concept of a playbook,” Roelker explains.

In a network conflict, you might do the same type of things over and over again. To Massive Black, that sounded like something out a video game, “like Madden Football. You might have a running play a passing play, a fake… If we do the same type of activities, is there some way to build a template and then just allow a planner to look through all the different plays they have,” Roelker continues. “In this case, we’ll take Angry Squirrel.” A new set of nodes light up on the screen.

Again, the plays themselves are meaningless — just words, not representing any actual offensive tactics. But the idea of pre-made cyberattack that can be launched with a screen tap? That is anything but meaningless. If Roelker’s idea works out, every time a war plan is made in an interface like this, it’ll compile a custom-made software program. Then it will be error checked, and pronounced ready to deploy. Push-button cyberstrikes. “Looks like my total progress is 100%,” Roelker says. The attack is planned, and ready to commence.

Darpa has already spent more than $5 million (.pdf) on preliminary studies into Plan X. Akamai Technologies, the Internet content delivery network, received $2 million to look at new ways to understand network topologies. Portland, Oregon-based Galois, Inc. did some research into a unique programming language for online warfare — what HTML is to the web, this language might be to cyberattack.

But that’s all a warm-up. The first full phase in this $110 million, four-year program is about to begin. By August, contracts will be awarded for Plan X’s system architecture, battlespace analytics, mission planning, and more. (Frog Design decided not to go on with Plan X, but Massive Black is hoping to be one of the firms designing the interface.)

Starting in September, Developers will code together in six week “sprints” at a common workspace not far from Darpa HQ. At the end of the first year, Roelker is planning a Plan X “product launch.” At the event, he’d like to introduce a Plan X software developers kit — a set of tools, like the kind Apple or Google uses to encourage apps to be built for their smartphones. Except this one will be for hackers. If everything unfolds according to Roelker’s intentions, a whole ecosystem of cyberwar programs will grow around Plan X.

Roelker says he’s doing all this to protect Americans’ access to the Internet. The U.S. is never going to train enough hackers to stop its online adversaries, he explains. The only way to get ahead is to out-innovate them. “Cyberwar isn’t a war of people, it’s a war of technology,” Roelker says. “Trying to hire lots of people in a space that’s run by machines working at the speed of light just doesn’t make a lot of sense.”

Perhaps. But I wonder aloud whether developing a cyberattack infrastructure enhances security — or undermines it. Whether he’s building a market for network mayhem. The U.S. government, according to several published reports, is already the biggest buyer of malware that takes advantage of previously unknown computer vulnerabilities. That’s driving up the price of these “zero days,” and making their discovery an even more lucrative enterprise. Couldn’t the same thing happen with Plan X?

Roelker fumbles a bit, then settles on an answer: “It’s definitely not the intent of Plan X to create markets, and I don’t think it’s going to.”

Darpa was established by President Dwight Eisenhower more than a half-century ago to prevent another incident of strategic technological surprise, like the Soviet launch of the Sputnik spacecraft. It’s long been the mantra at Darpa that the best way for America to prevent such surprises is to create the leap-ahead technology ourselves. But even inventors can be caught off-guard by what they make. As the Plan X demo ends, I can’t help but wonder who will be the most shocked, eventually, by what we’ve seen on that cyberwar screen.