WHY THIS MATTERS IN BRIEF
Cyber attacks are becoming the pandemic of the 21st Century, and as the number of AI fuelled cyber attacks increase matters will only get worse, but now DARPA hopes a new reconfiguring “Rubik’s Cube” computing system will stop hackers in their tracks.
This week the bleeding edge research arm of the US Military, the Defense Advanced Research Projects Agency (DARPA), who, over the past year alone, have invested money in turning plants into surveillance devices, autonomous mine hunters, flying aircraft carriers, Matrix style brain downloading, robo-hackers, telepathy and “Vampire” drones that vanish, announced it’s going to be investing a further $4 million to develop a revolutionary new type of computer made up of self-configuring, and more importantly, self-reconfiguring, more on that later, code and hardware that turns the computer into a massive, continuously changing, unsolvable, and ergo hopefully unhackable, puzzle.
Dubbed the MORPHEUS computer the new system is intended to be a secure alternative to today’s so called “Patch and Pray” systems where operators find a vulnerability in a computer system’s hardware or code, patch it and then hope hackers haven’t managed to find and exploit it. Or that they then find another vulnerability to attack.
Instead of creating software patches and hoping they fix the problem the MORPHEUS system is designed from the ground up so that code, information and even circuits can be quickly and randomly shuffled and moved around.
Todd Austin, a professor of computer science at the University of Michigan who are behind the idea compared trying to attack MORPHEUS to “solving a Rubik’s cube, and every time you blink, I rearrange it.”
According to DARPA, more than 40 percent of the “software doors” that hackers have available to them today would be closed if researchers could eliminate seven classes of hardware weaknesses which have been identified by a crowd sourced listing of security vulnerabilities called the Common Weakness Enumeration. The classes are permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection
Austin and his colleagues are optimistic that MORPHEUS will provide a solution to each of these issues thanks to its special hardware design. When an attacker gains access to a system, this often requires identifying and exploiting a bug in the software, and once this bug has been exploited the attacker simply needs to identify where the valuable data in the system is stored, steal it, and get out.
“Typically, the location of this data never changes, so once attackers solve the puzzle of where the bug is and where to find the data, it’s ‘game over,'” said Austin. The MORPHEUS system will manage to render these software exploits defunct by using computer circuits that randomly shuffle data around the system, and this way, even if an attacker finds a bug and tries to exploit it, the location of that software bug, as well as the location of any valuable data will constantly be changing.
Austin pointed to the Heartbleed Bug that was discovered in 2014, which allowed attackers to view passwords and other critical data on billions of machines around the world, as a case where the MORPHEUS system would have made the attack moot.
Under the new program DARPA’s first objective is to create a system that renders the majority of the world’s most common types of software vulnerabilities obsolete within 5 years, and to help further this along DARPA say they’ve earmarked a further $50 million for grants to research cybersecurity solutions that, one day, they hope will become a native part of a computer’s hardware, such as MORPHEUS. Some of these could include the development of unhackable code, something that DARPA debuted last year, or the inclusion of Artificial Intelligence (AI) fuelled Robo-Hackers within the MORPHEUS system that can identify and fix code vulnerabilities in seconds, and which are already being used by the Pentagon to help secure their most critical systems, as well as other exotic technologies such as liquid computers that can also dynamically reconfigure themselves and quantum networks.