Intelligence work is often as much about gathering information as it is about disseminating misinformation. To that end, the Intelligence Advanced Research Projects Activity (IARPA) is looking for innovative solutions around deceptive cyber defenses.
In a request for information issued June 6, IARPA contracting officers put out the call to "identify existing capabilities and emerging methods" for protecting data and systems by confusing and otherwise deceiving the adversary prior to and during a cyberattack.
Download: Deception for Cyber Defense Research
"Historically, denial and deception (D&D) has been used by militaries for defense, whether it be to instill uncertainty or to provide misinformation," contracting officials explain in the RFI. "D&D can also be looked at similarly for increasing cyber defense posture and resiliency."
In the RFI, IARPA notes this concept is gaining traction in the private sector but has yet to really mature.
"Many techniques lack rigorous experimental measures of effectiveness, information is insufficient to determine how defensive deception changes attacker behavior or how deception increases the likeliness of early detection of a cyberattack," according to the notice.
Specifically, IARPA is looking for feedback on existing deception methods, test and evaluation methods, emerging techniques and information on the respondent company's organizational structure and service offerings. The RFI includes a detailed set of questions for each of the four areas.
Depending on the information received, IARPA plans to hold a one-day workshop on deception tactics, which could lead to research investments in the future.
Responses to the RFI are due by 1 p.m. on July 1.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.
