Govt. scrambles to keep up with cybersecurity challenges

LAS VEGAS'The Defense Department is issuing a challenge to coders in an effort to get some help in computer forensics and data analysis. Contestants will compete to uncover and recover digital data that has been hidden or damaged.

'They will be dealing with all of the things we encounter to obfuscate data,' said James Christy, director of the Cyber Crime Institute of the Defense Cyber Crime Center.

One of the center's primary jobs is to provide forensics services for criminal investigations.

'We're trying to stimulate some research into tools and processes' for data recovery, Christy said. 'We in law enforcement don't have much money for R&D.'

Christy announced the DC3 Challenge Thursday during a panel discussion at the Black Hat Briefings security conference. A panel of 10 current and former federal IT security officials discussed the challenge the government faces in securing its IT systems. So far, agencies are running as fast as they can just to keep up.

Robert Lentz, director of information assurance in the Office of the Secretary of Defense, described the DOD's departmentwide information assurance platform as the most sophisticated in the world, but not quite good enough.

'We're spending about $2.2 billion a year building this platform now, and that probably still isn't enough to keep up with the threat,' he said.

Being in a defensive posture means that it will always be difficult to catch up with the attackers, Christy said.

'We'll always be behind the power curve,' he said. 'The bad guys are coming at us at light speed. It could be a lethal engagement.'

The challenge being issued by DC3 will be to extract data that has been hidden or is on damaged media such as floppies, CDs and DVDs. The challenge will include steganography, password cracking and image analysis.

The contest is open to teams of up to four U.S. citizens living in the United States. They can register online at www.dc3.mil/challenge. Teams will have to submit a copy of each proprietary tool used to recover data, but will retain rights to those tools.

Registration began Aug. 1 and the challenges will be sent out to teams in the form of damaged media on Sept. 1. Results must be submitted by Dec. 1 and winners will be announced two weeks later.

Winners will receive an expense-paid trip to the 2007 Defense Cyber Crime Conference in St. Louis.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group