FYI, I have written extensively on both topics; and those articles can be accessed via the categories on the right below. RCP
DARPA: Nobody’s safe on the Internet
http://www.cbsnews.com/videos/ darpa-nobodys-safe-on-the- internet/
FEBRUARY 8, 2015, 7:04 PM|Meet the man the Department of Defense has put in charge of inventing technology to secure the Internet: Dan Kaufman, a former video game developer turned cyber warrior. Lesley Stahl reports.
DARPA: Nobody’s safe on the Internet
Meet the man the Department of Defense has put in charge of inventing technology to secure the Internet: Dan Kaufman, a former video game developer turned cyber warrior
The following script is from “DARPA Dan” which aired on 60 Minutes Feb. 8, 2015.
Lesley Stahl is the correspondent. Shachar Bar-On, producer.
The recent cyber invasions of Sony studios and military Twitter feeds highlight how hacking has morphed from a commercial nuisance to a matter of national security. The man the Department of Defense has put in charge of inventing technology to fight this new Internet war is Dan Kaufman. He heads the software innovation division of DARPA – the Defense Advanced Research Projects Agency, tasked with maintaining our military technological superiority.
Memex, a powerful new search tool that goes beyond the realm of Google, Yahoo, and Bing, is launched by DARPA.
It makes sense that DARPA is working on this: after all, it invented the Internet. But Kaufman is an unexpected choice: he’s not a general or a scientist or engineer. He’s a videogamer. Call him DARPA Dan. And he says it’s only right that the agency that brought us the Internet find a way to secure it.
Dan Kaufman and Lesley Stahl
Lesley Stahl: How common are attacks, cyberattacks, against the U.S. military?
Dan Kaufman: It’s common.
Lesley Stahl: It’s common. A lot?
Dan Kaufman: Oh, yeah.
Lesley Stahl: Every day?
Dan Kaufman: Every day.
Dan Kaufman has been monitoring the rising cyberthreat for six years as the head of DARPA’s Information Innovation Office in Arlington, Virginia.
Dan Kaufman: The number of attacks is dramatically increasing. The sophistication of the attacks is increasing. So I– my job is not to wait for something catastrophic to happen and then say, “Oh, goodness, we should do something.” My job is to say, “Hmm. I see this trend line going. I want to be way ahead of this line.”
Lesley Stahl: Do you consider dealing with cyberwar your main mission?
Dan Kaufman: No. It’s not my main mission, but it’s about half my office.
Lesley Stahl: Half your office is dealing with this?
Dan Kaufman: Absolutely. Both offense and defense.
One of their defensive inventions [PLAN-X] is this ambitious prototype that, when in operation, will be able to scan the military’s global computer network and zero in on any machine that may have been hacked.
Dan Kaufman: So yellow nodes are the ones running our software, and the blue are the ones it’s interrogating or asking.
Within seconds, the compromised computers pop up as red dots.
Lesley Stahl: And the idea is that these computers have been hacked?
Dan Kaufman: Yes.
Lesley Stahl: And someone has control of them and is taking secret information away from the military.
Dan Kaufman: Exactly right. And before, as you saw, it’d be completely invisible to us ’cause you’re hiding among tens of thousands of computers around the world. Now, you and I can see this very quickly and we know exactly what’s going on.
Lesley Stahl: Stunning, and in just a couple of minutes or less even.
Dan Kaufman: More than that, from here you could absolutely start, I could say, “Let’s shut that computer down. Let’s quarantine that computer off.”
If it looks like a videogame, that’s not entirely an accident. Before DARPA, Kaufman made a fortune running several cutting-edge videogame companies. His only military experience is make-belief. He helped invent the popular war-game series “Medal Of Honor.”
Dan Kaufman: And then 9/11 happened. And it shocked me to my soul. And I thought, “I’ve lived incredibly well off this country and I want to give something back.” But I have no idea how to work for the government. I mean, I had never thought about it. I’d never been to Washington, D.C. And I did what all nerds do. I went to Barnes and Noble. And I got a big book. It said “Government Jobs.” It was a big book. And I thumbed through it. And I said, “I will find something and I will donate some time.” And I decided I would hunt serial killers. So I cold-called the FBI. I’m sure I’m still on a list somewhere. And I said, “You don’t know me, but (laugh) I want to do this.” And they told me I was too old.
Thirty-eight at the time, he missed the cut-off age for agents by one year. But eventually his resume got noticed by the Department of Defense that saw an advantage to bringing in someone familiar with the language and the hardware of videogames – like the virtual reality Oculus Rift headgear he’s experimenting with.
Lesley Stahl using Oculus Rift headgear
Lesley Stahl: So you’re just using joy sticks. You’re just doing what any kid playing a videogame would be doing.
Dan Kaufman: That’s exactly right, except moving of actual science and cyberdefense.
Now DARPA Dan has top secret clearance, though his department looks like an arcade. He has a team of 25 brainiacs and a budget of half a billion dollars a year.
Lesley Stahl: Is everybody given a lot of freedom to pursue what they’re interested in?
Dan Kaufman: Yes. You’re given tremendous freedom. The only constraints on you are 1) It has to do something to help national security. So make the world a better, safer more secure place.
Lesley Stahl: So you’re working for the military?
Dan Kaufman: Absolutely. Part of the Department of Defense. And 2) We don’t do incremental improvement. So the idea is it has to be something really revolutionary.
This man is working on artificial intelligence software that would detect a hacker attack in real-time and plug it in milliseconds with no humans involved. If such technology had been available to Sony, that breach from North Korea could have been plugged right as it happened. When DARPA first invented the Internet 50 years ago, they just didn’t imagine hacking would become such a problem.
Lesley Stahl: Can the Internet be fixed? Or do we just have to throw this one out and build a whole new Internet from scratch, with security built in?
Dan Kaufman: I don’t think the Internet is broken. I think the things we put on the Internet are broken. What we’re doing is we’re putting a lotta devices on it that are unsecure. And so–
Lesley Stahl: Like what? Gimme an example.
Dan Kaufman: Pretty much everything.
Our devices are increasingly connected online in what’s called the IOT, the “Internet of things.”
Dan Kaufman: Today, all the devices that are on the Internet the “Internet of Things” are fundamentally insecure. There is no real security going on.
So connected homes could be hacked and taken over.
There are already horror stories of this happening to baby monitors and smart kitchen appliances.
Lesley Stahl: So if somebody got into my refrigerator
Dan Kaufman: Yes.
Lesley Stahl: –through the internet, then they would be able to get into everything, right?
Dan Kaufman: Yeah, that’s the fear. So the fear is as everything becomes networked, right– so first, maybe they can mess with the refrigerator. You think, “Well, that’s bad. It’s not that horrible. Your milk’ll go bad or–“It’s sort of prankish,” right–
Lesley Stahl: Yeah, prankish.
Dan Kaufman: But that refrigerator, of course, as everything becomes networked, well maybe that also happens to talk to your garage door.
Or even to your car itself.
Lesley Stahl: How many computers do you think is in a car like this?
Kathleen Fisher: Somewhere between 30 and 50.
“DARPA’s Cyber Grand ChallengeMike Walker and Dan Kaufman from DARPA on future machches.
Kathleen Fisher, a DARPA veteran, says a modern car is really a computer on wheels. You’ve seen the ads of your GPS or smartphone linked to the dashboard. But this way your car could be hacked and taken over remotely.
Lesley Stahl: Here we go!
They showed us.
Kathleen Fisher: You might look at the dashboard there –
Lesley Stahl: What am I looking at? Oh! [Dashboard: “Ready Lesley?”] Alright!
This is a regular new car. The masking tape is only there because we agreed to obscure its make and model.
Dan Kaufman: We’ll give them the illusion they control the car, for now.
Kaufman has been working on this for five years with multiple research teams.
Dan Kaufman: We want to hit the fluids?
Lesley Stahl: Oh, my gosh.
Dan Kaufman: There we go.
Lesley Stahl: What’s that? What’s that? What’s that?
Kathleen Fisher: That’s the windshield wiper fluid.
Lesley Stahl: No, wait. Is– is– so this is something that a hacker h–
Kathleen Fisher: That’s right. A hacker– they– obviously, you didn’t turn on the windshield wipers–
Lesley Stahl: I did nothing.
Using a laptop, the hacker dialed the car’s emergency communication system and transmitted a series of tones that flooded it with data. As the car’s computer tried sorting it out, the hacker inserted an attack that reprogrammed the software, gaining total remote control.
Lesley Stahl: (car horn) Oh my God.
Kathleen Fisher: –the horn
Lesley Stahl: They’re doing that?
Kathleen Fisher: They’re doing the horn.
Lesley Stahl: They could control the gas, the acceleration? They could–
Kathleen Fisher: That’s right.
Lesley Stahl: –control the breaking?
Kathleen Fisher: That’s right.
And they could do this from anywhere in the world.
Dan Kaufman: When they come out, and they are facing straight there, like away from us – just sayin’
Dan Kaufman: We’ll just slam on the brakes.
Carl: Yeah, sure.
Lesley Stahl [force breaks] Oh. Oh. Oh. Oh.
Carl: And they’re stuck.
Dan Kaufman: She is– she is stuck dead.
Lesley Stahl: Oh my God. That was terrifying, actually.
Kathleen Fisher: So, now, let’s make another loop around.
Lesley Stahl: Okay.
Kathleen Fisher: So just stop at the cones here.
Dan Kaufman: She thinks she’s going be able to stop right at those cones. Let’s make sure that she can’t, and she’s going drive right through ’em.
Carl: All right.
Dan Kaufman: We’ll have complete control of that braking.
Carl: Here we go.
Lesley Stahl: [disabling the breaks] Oh, no. No. No. No. No. No. No. No.
Kathleen Fischer: Brakes didn’t work, right?
Lesley Stahl: –I cannot– oh, my God. I can’t operate the brakes at all. Oh, my word. That is frightening.
While there’s no known case of a car hacked this way, security cameras have shown cars burglarized by hackers unlocking doors. You can find software to do that online for $25. All this has alarmed Sen. Ed Markey. Tomorrow he is releasing a scathing report revealing that nearly all new cars can be hacked, but that only two out of 16 carmakers can “diagnose or respond to an infiltration in real time.”
DARPA researcher: And so what the theft program does is unlock the car’s doors.
DARPA researchers got involved in hacking cars and the Internet of things in an effort to invent unhackable code for military drones.
DARPA Project Manager Kathleen Fisher on creating HACMS: unhackable software for military drones, with Dylan McNamee and Pat Hickey from Galois.
Lesley Stahl: And is your goal to do it for drones and then have it apply to cars and my refrigerator and things like that.
Dan Kaufman: Exactly right. I think that when DARPA’s at its very best. We’re solving a specific problem for the military, I want to make sure their systems are safe; but I would like everything to be safe.
And now DARPA Dan is trying to reinvent search engines. Traffickers who sell weapons or young girls online remain largely hidden from authorities. Kaufman and his team set out to remedy that. First they studied the time-consuming way law enforcement agents bust sex trafficking networks by clicking on one sex ad or link at a time on commercial search engines.
Dan Kaufman: And we watched, and they did what you’d think. You know, they put an address of a massage parlor or something, and then they’d write it down on a yellow stickie, and then they’d try to build in each to each to each. And we looked at that, and we said, “There has to be a better way.”
Especially considering that Google and Bing don’t penetrate the dark web, where most illegal goods are advertised and sold. So DARPA invented Memex, with which you can click just one button and all the hidden information scattered deep in the web about an illicit activity is pulled together and revealed.
Lesley Stahl: So the–you’re building the network.
Chris White: Building the network. That’s right.
Chris White, who invented Memex, showed us how, in the case of sex trafficking, it can comb through all the sex ads online – over 60 million – and identify 100s of names and numbers that link together and make up an entire trafficking ring.
Lesley Stahl: How long did it take Memex to figure this out?
Chris White: Instantaneously.
DARPA’s inventions can take over a decade before they are transplanted from the military into the broader market. But not in this case –
Cyrus Vance, Jr.: We started using Memex about a year ago, in January of 2014.
Manhattan District Attorney Cyrus Vance, Jr., says New York is one of several cities already deploying Memex to find sex traffickers.
Cyrus Vance, Jr.: We have 20 open investigations in which we are using the Memex tools in eight open indictments.
Memex is so effective the White House has asked to see if it could be used to monitor ISIS. A downside is that Memex could also invade our privacy.
Lesley Stahl: So, what do you do? You throw this out there, and it can do many good things, but there’s the dark side.
Dan Kaufman: There’s always a dark side and it’s something we wrestle with tremendously. Our job is A) to sort of say, “This is what it is. Let’s decide how do we want to use it.” And then: 2) With some of the new programs we’re working on just beginning now, are there ways that I can get in here and still protect your privacy?
Lesley Stahl: How much of your time is spent inventing things for the NSA?
Dan Kaufman: Almost none, actually.
Lesley Stahl: Because a lot of this stuff could be used by them.
Dan Kaufman: Yes.
He can’t control how his inventions will be used…these aren’t videogames, after all. But when it comes to beating the hackers out there, Dan Kaufman has total confidence.
Lesley Stahl: Are you worried at all that by showing us all the new wowie-doo things you’re working on that you’re going to give car thieves an idea or you’re going to give someone who wants to break into my refrigerator an idea or a terrorist an idea?
Dan Kaufman: I think they have lots of ideas on their own. And what I want ’em to know is that there’s somebody smart on the other side who’s going to make that way harder. I want them to think twice.
© 2015 CBS Interactive Inc. All Rights Reserved.