Let the CyberWars begin.  Former hacker Peiter Zatko, also known as “Mudge,” announced a program that started this past Wednesday called Cyber Fast Track at the Black Hat Conference in Las Vegas this last week. Zatko, a program manager at Defense Advanced Research Projects Agency (DARPA) , shared details of the program which is aimed to fund research for “white hat” hackers to secure against and defeat cyber attacks.

Zatko is known as a former high profile hacker, famously having testified before the Senate with the claim of the ability to take down the internet in thirty minutes. The program is focused on the work of computer security experts and hackers that have traditionally been under the radar, not for profit work in white hat circles. Such work has provided value in the past and the program is a confirmation of that benefit.  A reported 20 to 100 such projects will be funded yearly.

DARPA, an agency of the Department of Defense which itself isstationed out of the Pentagon, is working towards better relationships with the hacker community through the cybersecurity research. Well known for having created the fundamentals of what would one day become the internet, the move from DARPA is a welcome development in cybersecurity initiatives. Traditional government cybersecurity approaches have focused on standardization and layering of complex technologies, quite often leading to the inadvertent exposure to more security deficiencies.

One case of many that comes to mind involved a security product that shall remain nameless for the purposes of the article. The product introduced a universal management construct that actually introduced a critical vulnerability to all systems it managed. Thus illustrating the notion that with further complication, the more opportunities for vulnerabilities can occur. Either way, the research that comes from the hacker community should serve to provide significant gains for an organization in need.

DARPA and the DOD may have to hurry up to lead in this space however, as news reports from Tel Aviv indicate that Israel is staging for a new cyber command force directed at waging a cyber war directed against Iran. The initiative is in response to a growing notion that Iran’s nuclear weapon initiatives may not be stoppable by conventional military means. The program is deemed so critical that Prime Minister Benjamin Netanyahu has placed it at the heart of the nation’s defense capabilities, and it reports directly to him.

As reported in the story, the efforts of this group has already launched a couple of efforts:

“The center, which has been set up under the auspices of military intelligence unit 8200 has already conducted a series of “soft” espionage missions, including hacking into Iran’s version of Facebook and other social networking sites.”

Israel has been indicated as a potential developer along with American sources in the development of the Stuxnet virus, which was discovered in 2009. The virus was directed at Iranian nuclear centrifuge computer systems. When infected, the specialized effects on the systems affected the normal operation of centrifuges required to enrich uranium. Largely regarded as the most significant cyberweapon to date, the underlying code and development has been analyzed to have an obvious structure that indicated that the development was put together by various teams. A further virus was discovered in April directed at the Iranian government:

“In April, Iranian government offices came under attack from a hitherto unknown malware virus to which Tehran officials gave the name Stars. They claimed the damage had been contained but admitted it was the second mysterious virus found since the Stuxnet attack.”

“Israel has two principal targets in Iran’s cyberspace,” said a defense source with close knowledge of the cyber war preparations. “The first is its military nuclear program and its military establishment. The second is Iran’s civil infrastructure. Attacking both, we hope, will cripple the entire country’s cyberspace.”

Enhanced security and protection of systems aside, it is not a very far leap of logic to surmise that at some point, better and more sophisticated cyberweapons will start to turn up in the near future.  In light of the numerous recent attacks of our national defense systems, and affiliated defense contractors and the apparently dismal security stance, it is pretty obvious that we are being targeted and attacked as well.  We are in the early days of global Cyber-warfare and what we are seeing just might be a prelude to that.