About 70 percent of all cyberattacks are due to hardware vulnerabilities. The US Defense Advanced Research Projects Agency (DARPA) has developed a new generation hardware technology and asked ethical hackers to look for hardware vulnerabilities. Hackers are offered cash prizes for any flaws they find.
The new technology is expected to make voting machines, medical databases and other critical digital systems not secure against hackers. This technology is based on re-engineering hardware, such as computer chips and circuits, so that the typical methods hackers use to undermine the software that runs on them become impossible. That’s far different from the standard approach to cybersecurity, in which tech companies release a never-ending stream of software patches every time hackers discover a new bug.
DARPA Microsystems Technology Office Program Manager, Keith Rebello, told washingtonpost.com that the biggest ticket item is a voter registration database. State and federal election officials have identified such systems as one of the greatest vulnerabilities if hackers from Russia or elsewhere try to undermine the 2020 election. If DARPA can prove its version of the database is far tougher to hack, that could be a game-changer, allowing officials to be confident about election security.
Another model for the bug bounty is a medical database containing research into the novel coronavirus. This is an information that FBI and Department of Homeland Security officials say is being targeted by Chinese hackers.
The program, which is officially called System Security Integration Through Hardware and Firmware, or SSITH, started in 2017 and will run for another year.
DARPA founded the secure hardware. Researchers and academics built it at places like Lockheed Martin, the University of Michigan and the Massachusetts Institute of Technology. Rebello is hopeful it will start being integrated into some commercially available computer chips in the next two to four years.