The AI that protects DoD networks from zero-day exploits

By: Justin Lynch 

Source Link

The National Security Agency is set to transfer a program that guards against malware to the Defense Information Systems Agency, according to a spokeswoman for the agency. The Sharkseer program protects the Department of Defense’s networks by using artificial intelligence to scan incoming traffic for vulnerabilities, according to program slides. Because the Sharkseer program’s primary purpose is to protect the Department of Defense’s networks, it “better aligns” with the DISA mission, Natalie Pittore, a spokeswoman for the NSA told Fifth Domain. The transition from NSA to DISA was laid out in the 2018 National Defense Authorization Act that lawmakers in Congress negotiated July 23, although the hand-off appears to have been long planned. Top NSA officials have identified the program as “among the highest priority cybersecurity initiatives” for several years, according to congressional records.

At a basic level, the program inspects incoming Defense Department traffic for zero-day exploits and advanced persistent threats, according to program slides. Sharkseer monitors emails, documents and incoming traffic that could infect the Defense Department’s networks.

Lawmakers have tasked the program with instantly and automatically determining the identity and location of computer hosts that have sent or received malware. The program was also charged with being a “sandbox,” which Pittore described as an application for U.S. government officials to test for suspicious files using automated behavior analysis.

Congress has criticized the Defense Department’s cybersecurity for being deployed in a “piecemeal fashion,” but have praised the Sharkseer program’s apparent success.

Sharkseer has been responsible for detecting over 2 billion cyber events across the Defense Department’s classified and unclassified networks, according to a May statement from Rep. Barbara Comstock, R-Va.

The program appears to have gone from concept to reality sometime around 2014, when it received $30 million in congressional funding. Congress has sought to give the program additional funds in ensuring fiscal years, although it is unclear how much was eventually proportioned.

Pittore declined to provide the program’s budget.

The NDAA still needs to be approved by both houses of Congress and signed by President Donald Trump, although the Sharkseer provision is not considered controversial.