I keep having this dream…
…and I can’t get rid of it. It must mean something.
Ever since I was a little boy I loved playing with computers, taking them apart and trying to improve them. I always have been intrigued by how a human made those things work, so I wanted to do that too. Break in order to make it better. I have this idea inside my head and I can’t get rid of it. I do not have the power at this point to make my dream a reality, I hope by sharing it with you someone can.
All I ever wanted was to make the world a better place, or at least try to help making people better. I even attended medical school, making people better in the most literal sense of the word.
That didn’t work out for me, I won’t bother you with that story. I’ve been fortunate to work around the globe and met a lot of amazing people who all helped me growing this idea.
I believe that machines can help us, autonomously. These machines will reduce the impact of outbreaks by limiting the operational window of the attack. Preventing? No, we cannot prevent outbreaks, ever. There is always that next new thing. Reduce the window of opportunity for these attacks to spread? Yes, as close to zero as possible.
I really appreciate you taking the time to read my idea, maybe we can save the world together? J
The world is falling apart
Pick up the paper (old fashioned, I know…) and read a random story. Is this about a cyberattack destroying the world? Most likely. I know it sounds a little over the top, but you get the point I’m sure.
Over the last month alone we’ve seen WannaCry, Petya/Nyetya/NotPetya/Whateverya hitting home hard and causing mayhem all over the world causing millions of dollars of damage.
So what? Excellent question! I believe that in some cases script kiddies are trying to make a buck or two. But in other cases it might be state sponsored entities who are in need to wipe or get hold of data somewhere and don’t mind collateral damage. I’m worried shitless about the collateral damage part, because most often that will be an innocent human being
One company was hit but did not report any outage: the Russian oil company Rosneft. Apparently they were able to identify the problem and switch to their backup network lightning fast so that nothing impacted their business flow. Wow, impressive! These guys have their game plan ready.
Going through this interesting event, it reminded me of my original idea, which had been pushed back into a little corner inside my brain for a while due to the day-to-day distraction called work J
Rise of the Machines; Defcon 24
Last year, I was fortunate to attend Defcon 24. The absolute best part of the entire conference for me was when I spend 4 hours staring at a very large stage with 7 super computers a lots of screen (as if I don’t see those enough already, but hey!).
These massive machines where continuously busy attacking others, detecting attacks, identifying the attack and patching attacks in real-time. I didn’t watch this alone, I was together with 25,000 other idiots – because who else would stare 4 hours straight to some super computers on a large stage with live voice-over narration!
This all happened during the Cyber Grand Challenge Finale; an all-machine Capture-The-Flag event initiated by DARPA in 2014.
Read that sentence again “…all-machine…” Yes, that’s right. It indeed means “no human interaction”. The stage was even air-gapped (!) to ensure this.
One of the machines had an issue and stopped working / submitting work to the referees (yes, they had those too in the form of machines). After 45 minutes or so, the machine came back to live. Somehow this system was able to recover itself and start doing its thing again.
What I found really impressive was that some of the machines detected and patched vulnerabilities that weren’t part of the challenges. This can be equally as scary as it is impressive though.
OK, So now what?
I want to create this bad ass super computer which is capable to stop attacks dead on its tracks before causing the disruption it did.
Why? It is simple. I do not want to be bothered by attacks not aimed at me. I don’t want to be collateral damage.
When I order from China, I expect the vessel or plane that carries my package to arrive fast and safely, without being disturbed by an attack like Petya. If Mearsk would have this machine, they wouldn’t have had these issues now.
I also want to be able to use IoT devices (baby monitors, egg timers or more serious equipment in hospitals like pacemakers) without having to worry about them being held hostage.
Yay… but privacy?
The machine doesn’t differentiate, meaning that attempts to break privacy (think state sponsored) will also be caught. The machine doesn’t care about the contents of message and the data sent, but cares about the execution flow of programs. It catches anomalies, exceptions and unexpected network flow.
So what do you want to do?
I want to fuse Human Intelligence and Artificial Intelligence together. When these actors work individually they will never be able to reach their full potential.
Wouldn’t it be amazing if we combine the Microsoft Hololens with the power of the supercomputer we’re after? We can walk around in offices and visually see the attack take place in real time.
Identity patient zero while running around. Pulling the power-plug right there on the spot. I for sure see myself doing that!
Incident responders would much more effective while doing their job. I have had too many cases where precious time was wasted by searching for the right piece of the puzzle, purely because the network cable wasn’t where it supposed to be.
Automation reduces human failure. Trust me with first-hand experience, I fail a lot. It is much more convenient to let machines handle the repetitive tasks and do the continuous watching. This allows room for humans to run around, make guesses and interpretations which are not (yet) possible for the machine to make.
How can I help achieve that goal?
As I stated in the beginning, I do not hold the power nor do I currently have the platform to build this. I only want to make people better. If you know someone who can help, please share this message with them. I would love to buy them a cup of coffee to talk it over!