18:27 GMT +323 October 2019
Listen Live
    In this June 19, 2018, file photo a router and internet switch are displayed in East Derry, N.H. Net neutrality traces back to an engineering maxim called the “end-to-end principle,” a self-regulating network that put control in the hands of end users rather than a central authority

    US Intelligence-Backed Project Claims It Can Predict Cyberattacks in Advance

    © AP Photo / Charles Krupa
    Tech
    Get short URL
    316
    Subscribe

    The developers say the system scans the entire Internet and produce a daily “weather report” on global network activity.

    A tech project called Omnisense is capable of predicting cyberattacks days before they actually take place, the developers claim.

    Developed by an international tech company Hyperion Gray in cooperation with University of California, Omnisense is the company's proposal to US Intelligence Advanced Research Projects Activity (IARPA) Cyberattack Automated Unconventional Sensor Environment (CAUSE) 2015 initiative.

    CAUSE aimed to create a cyberattack prediction product which could also provide the intelligence with details of the upcoming attack, Forbes report says.

    Based in one of Hyperion Gray scientist's home in Canada, Omnisense is said to be constantly monitoring the Internet via a number of "listening servers" dotted all across the planet. These servers seek to analyze the activity on the web and decipher a particular computer, which a suspicious activity — such as network scan or password guessing — is emanating from. Once the specific machine is located, Omnisense is said to carry out a "deep scan" looking for software being run on it, as well as looking up any domain names associated with its IP address, before giving it a security threat score.

    It is undisclosed how exactly the system gets its proverbial hands on the running software list, since this information is not openly available on the network. Normally, only the computer's owner or administrator knows what software the system runs.

    However, the developers appear confident in a comprehensive "internet weather repot" the system produces daily, saying this report would allow security experts to know "what way the wind is blowing."

    "It's a lot of data," says Jason Hopper, the company's software research scientist. "I've been active in security monitoring [for a long time], and I'm shocked by the sheer volume of scanning and brute forcing. It continues to surprise me how much there is."

    "Security teams can use this to block sources of attacks before they're actually seen on a network, or take some other preventative action as they see fit," Hopper added.

    Hyperion Gray says the system has already proven itself by allowing an unnamed company to identify an upcoming attack four days before it actually happened.

    According to IARPA spokesperson, both Hyperion Gray and its wonder machine existed before they became a part of CAUSE initiative, adding that it was not the initiative that got the company off the ground, Forbes report says.

    Hyperion Gray claims people concerned with protecting their privacy can contact the company and ask to blacklist them from Omnisense's scope. According to Hopper, a large number of people from around the world have already contacted him — "from farmers in the UK to the government of India."

    Still, the Omnisense is not omnipotent. There's one weakness the developers acknowledge: while the system is apparently capable of detecting large botnets (networks of computers armed with malware), it is unable to predict or detect a single "targeted" attack carried out by a single machine.

    "If someone sits down at a keyboard and decides to attack another person, that's extremely difficult to prevent," Hopper added.

    Related:

    NATO Baltic Cyber Centres Targeting Key Russian Infrastructure - Moscow
    US Cyber Command Chief: We’ll Strike Back More Aggressively to Deter Attacks
    US Arrests Daesh Cyber Terrorist From State of Georgia - Justice Department
    Maduro: Trump Responsible for Cyber Attack on Venezuela's Electricity System
    Maduro Says One Venezuelan Energy Facility Suffered Cyber Attack on Saturday
    ‘Bloated’ But Not Adequate: Pentagon’s Cyber-Defenders Unfit for Real Threats
    US Lawmakers Introduce Bill to Protect Oil, Gas Pipelines From Cyber Attacks
    Tags:
    detection, prevention, cyberattack, IARPA, Canada, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik