As the Trump administration prepares to launch a “moonshot” proposal to boost cybersecurity in the United States, a leading industry group is urging the government to invest in four technologies that it can create a “safe and secure internet.”
While automated intelligence, quantum computing, behavioral biometrics and 5G communications can be a tool of hackers, it can also lead to improved cybersecurity, a draft report from the National Security Telecommunications Advisory Committee read.
“Foundational technological underpinnings exist or are in development—but they will require a concerted national research and product development strategy to bring them to bear against the national cybersecurity challenge,” the report said.
The NSTAC report comes as the Trump administration is preparing to launch a “cybersecurity moonshot” to boost nationwide digital hygiene. The draft report, released this month, calls for the government to boost research and financial investment in the four technology areas, however each carry unique intricacies that if not managed properly can bring a gilded security.
The password wont be ‘password’
Behavioral bio-metrics, or the ability for computers to identify unique aspects of individuals, has been embraced by corporations and the government. Behavioral bio-metrics can make passwords obsolete, the NSTAC report says, and “give greater transparency and confidence in identifying users.”
The major government investments in behavioral bio-metrics have come in the form of a Defense Advanced Research Projects Agency grant and funding through the National Science Foundation, said Stephanie Schuckers, a professor at Clarkson University and Director of the Center for Identification Technology Research.
She said that public funding is important to advancing behavioral bio-metrics and suggested “focusing on the fundamentals” that dealt in two specific areas of research. First, the funding should focus on how you are able to “differentiate” one person from another which is related to overall security and “permanence,” which ensures that a person is not falsely rejected by identifying the changes in a person’s signatures at different times of the day.
DARPA has invested in an “active authentication” program, which studied “validating the identity of computer users by focusing on the unique aspects of individuals through software-based biometrics.”
The mechanics of quantum
Quantum-based communications, which provide significantly more processing power than current computers, are expected to be introduced in the coming decades. Along with the development will come a swarm of security challenges that will make current encryption all but useless. As a result, the NSTAC report suggested investment now into quantum capabilities that “can resist advanced attacks far into the future.”
Specifically, the report encouraged the development of encryption that can defeat quantum processing and protecting password databases.
However, some private sector leaders have suggested investments beyond technology.
The U.S. government should invest in the quantum computing workforce, support research and help the development of quantum algorithms today, Todd Holmdahl, the corporate vice president of quantum at Microsoft told lawmakers Sept. 25. “Despite their sophistication, the classical computers we currently use are fundamentally limited in their problem-solving capabilities,” Holmdahl said. “Quantum computers can solve problems in a fraction of the time it would take even the fastest conventional systems.”
Although fifth-generation communications technology is on the horizon, the U.S. government needs to embed its implementation with enhanced security, the NSTAC report argued.
The adoption of 5G technology will bring increased connectivity and a flurry of new devices that need to be regulated, according to the report. New products “are expected to relentlessly grow more integrated, interconnected, and complex,” the report said, particularly in the field of transportation infrastructure and the energy grid.
However, military officials have quietly pushed back against the adoption of 5G by the commercial market. Pentagon officials have told Fifth Domain that as more consumers overseas use the 5G network for personal use it will be harder to identity and jam devices they target on routine missions.
A.I. is T.B.D.
The development of artificial intelligence should augment, not replace humans, the NSTAC report argued. Research and investment should focus on “allowing for near autonomous response to cyber threats at machine speed to achieve self healing computing environments that identify flaws,” the report said.
It suggested that “automated cyber threat prevention” was one use of automated intelligence. However, some cybersecurity experts have cautioned about relying too much on artificial intelligence as a threat warning indicator, arguing that it can cause false positives.
Still, more than half of the new challenges and programs announced by Intelligence Advanced Research Projects Activity in 2018 involve machine learning or predictive analytics, according to an analysis by Fifth Domain.
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.