DARPA is developing a computer equipped with new security features that could make it completely ‘unhackable.’
DARPA said it will spend $3.6 million on the project, known as Morpheus, that will transform computer circuits into ‘unsolvable puzzles.’
The US military unit has set aside $50 million total for the Morpheus program.
The Morpheus system differs from traditional security methods, which rely on issuing software patches for vulnerabilities that have already been identified.
DARPA is working to develop a new computer with a system called Morpheus that it claims could be virtually ‘unhackable.’ The system constantly reshuffles data, making it harder for hackers to locate software vulnerabilities and important data like passwords.
WHAT IS MORPHEUS?
The Morpheus computer is equipped with software that constantly shuffles data to random places, like a Rubik’s cube, to prevent zero day vulnerabilities.
DARPA, a division of the US military, has awarded a team of University of Michigan researchers a $3.6 million grant to develop the project.
Eventually, DARPA believes that the system could be used to eliminate many of the most common software exploits in five years.
Instead, Morpheus operates in a way where information is ‘rapidly and randomly moved and destroyed,’ making it harder for attackers to seize critical data, while protecting hardware and software.
Researchers at the University of Michigan are developing the Morpheus security system, which they say functions somewhat like a Rubik’s cube.
‘We are making the computer an unsolvable puzzle,’ said Todd Austin, a professor of computer science at the University of Michigan.
‘It’s like if you’re solving a Rubik’s Cube and every time you blink, I rearrange it.’
The hope is that Morpheus can help prevent the kinds of dreaded, zero day exploits that have become so prevalent in 2017.
To be sure, it was a banner year for hacks in 2017.
Eventually, DARPA is hoping that it can eliminate many of the most common software vulnerabilities within five years. The most common vulnerabilities include permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection.
There was the massive WannaCry attacks in May that reached more than 230,000 computers, the Equifax breach in July that compromised 145 million people’s data and the Yahoo hack, announced in October, that affected 3 billion accounts – just to name a few.
Austin, the Michigan professor, said that typically, the location of data never changes, so all hackers have to do is find the data, steal it and then it’s ‘game over.’
Most vulnerabilities develop as a result of ‘software doors’ that hackers are able to locate.
According to DARPA, the most common vulnerabilities include permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection.
With Morpheus, the location of the vulnerability and the location of the passwords would change.
‘I’ve never known any security system that could be future proof,’ Austin added.
DARPA hopes to eliminate many of the most common software vulnerabilities within five years.
THE WANNACRY ATTACK
In May 2017, a massive ransomware virus attack spread to the computer systems of hundreds of private companies and public organisations across the globe.
The software locked computers and asked for a digital ransom before control is safely returned.
In just a few hours, the malware had already infected victims in at least 74 countries, including Russia, Turkey, Germany, Vietnam, and the Philippines – and was estimated to be spreading at a rate of five million emails per hour.
Hospitals and doctors’ surgeries in England were forced to turn away patients and cancel appointments after the attack crippled the NHS.
The WannaCry virus targeted Microsoft’s widely used Windows operating system.
The virus encrypts certain files on the computer and then blackmails the user for money in exchange for the access to the files.
It leaves the user with only two files: Instructions on what to do next and the Wanna Decryptor program itself.
The hackers asked for payments of around £230 ($300) in Bitcoin.
When opened the software tells users that their files have been encrypted and gives them a few days to pay up or their files will be deleted.
It can quickly spread through an entire network of computers in a business or hospital, encrypting files on every PC.