Hackers will be enlisted for US security project

HACKER TURNED DARPA programme manager Peiter Zatko is reaching out to the Black Hat community with a government programme targeting small security firms.

According to The INQUIRER's sister IT news web site V3.co.uk, Zatko, better known by his alias 'Mudge', said that the Darpa RA 11-52 Cyber Fast Track project provides funding for hackers and specialised 'boutique' security firms to work on government defence projects.

Zatko told Black Hat attendees that Fast Track brings the innovation and rapid development cycles of the hacker world into a government environment in which new programmes often take year.

Under Fast Track, groups will be able to pitch Darpa with ideas and have a project approved and underway within 14 days. Developers will retain intellectual property rights on their projects, and Darpa will operate under government use rights.

"I want you to have the opportunity and the flexibility to do it. We need new ideas and we need new performers," said Zatko, adding that Fast Track will aim to fund anywhere from 20 to 100 projects annually.

The initiative will aim to bridge what Zatko sees as a gap between hacker groups and a government desperately in need of a new security approach. Cyber threats are piling up, and Zatko believes that spending more money on programmes with larger security contractors will only make things worse.

He also suggested that the vulnerabilities in security applications make a monolithic unified threat management suite an additional liability for some systems.

"Think of the US and the Cold War in terms of spending. Right now we are looking more like Russia," he said. µ