In the 1983 movie WarGames, a young Matthew Broderick plays a high school-age hacker who unwittingly breaks into a United States military supercomputer from his bedroom. Broderick’s character thinks he’s found some unreleased computer games to play, with promising titles like “Global Thermonuclear War” and “Theaterwide Biotoxic and Chemical Warfare.” In reality, he’s accessed a war-simulation program that comes close to bringing about a conflict with the Soviet Union that would result in mutually assured nuclear annihilation.
Jump forward the best part of 40 years, and users can take a turn at this for themselves (well, kind of) — and it’s thanks, in part, to a man named Zac Staples. Staples spent 22 years serving his country in the United States Navy as a surface officer with a special interest in cyberwarfare. He retired in December 2017, took exactly two days off, then started a tech company called Fathom5. The Austin, Texas-based company’s website describes its line of work as “building secure pipelines and tools for industrial technology applications while reducing cyber vulnerability.”
With the approval and funding of the U.S. Navy, Fathom5 launched a hackathon called HACKtheMACHINE, an event that seeks to give lone hackers and small startups the ability to compete for prize money and military contracts by, among other things, hacking naval infrastructure.
“When you look at [the cybersecurity landscape today], you have Advanced Persistent Threats — APT — which is kind of like cyber community speak for Russian and Chinese hacking that’s state-funded,” Staples told Digital Trends. “These are potential competitors in the global landscape who are actively funding offensive cyber teams. We have to be proactively thinking about how we’re going to defend against that. We’ve seen Russia use cyber as a precursor to kinetic operations a couple of times, including the invasion of Ukraine [and] Crimea. I don’t think there’s been a future battle that doesn’t either begin with cyber or is enabled by cyber, even if it’s just as a way to conduct espionage.”
Bug bounty for the Navy
Many tech companies today have what are called “bug bounties.” Apple, for instance, will shell out up to $1 million for anyone who can find glaring security vulnerabilities in devices like the iPhone. While Apple, in an ideal world, probably doesn’t want cybersecurity researchers prodding about inside its software, it would rather that the people who feel compelled to do this do so on Apple’s behalf. Whatever bugs they find can then be squashed before they’re exploited by baddies.
HACKtheMACHINE is, on one level, similar to this. “We’re 100% going after meaningful insights that allow two outcomes: To allow the United States to identify things that they need to protect against in their warships and submarines, and validating technologies that they may be considering deploying,” Staples said.
The setup for #HACKtheMACHINE is well on its way!
The team is working hard, and we are excited to start.
It's not too late to register! https://t.co/js7KxyuD6j#maritime | #cyberattack | #cybersecurity
| #datascience | #3DprintingPowered by @BoozAllen & @Fathom5_co. pic.twitter.com/wOyleYrMmw
— HACKtheMACHINE (@HACKtheMACHINE) March 21, 2021
There are various parts of the challenge, which runs March 23 through March 26. One part consists of two “games” called “Grace Maritime Cyber Testbed” and “Crash.” (So far, so WarGames.) In the former, players must “hack from the cloud into the Grace Maritime Cyber Testbed.” The setup includes a “full bridge navigation suite and a fly-by-wire propulsion system running on NMEA2000.” In the latter, players must “test one of the tools the U.S. Navy is considering for a cybersecurity monitoring environment.” With an urgency straight out of a Hollywood blockbuster script, the pitch says: “The U.S. Navy needs you to CRASH it and expose any vulnerabilities before it goes live!”
Staples admitted that “what we’re not doing is making a fully representative set of warship control systems accessible over the internet.” However, he said that this is very much based on genuine naval infrastructure that the hackers will help to “stress test.”
Another bit of the contest asks contestants to create algorithms that can be used to support informed decision-making. One other asks them to design a 3D-printable component that can be prototyped and tested. Prizes range from monetary awards to, in the case of one challenge, a genuine Defense Department procurement contract.
Short hair, pushups, and algorithms
Staples calls HACKtheMACHINE a “Blue Angels for geeks,” referring to the flight demonstration squadron that performs at dozens of airshows each year. That is to say that there is a definite PR slant to the endeavor. Specifically, it’s about showing that the Navy can be, well, down with the coders.
That might seem an overly broad mission until you consider the facts: The Department of Defense wants smart people working for it. But, as can be seen anytime there’s pushback from those working in tech against a military contract of some sort (think about the Google and DoD breakup with Project Maven), many in tech and engineering aren’t necessarily tripping over themselves to sign up for such initiatives. Given that this potentially discounts some of the sharpest minds in the country, that’s bad news.
“If you’re outside the military, and you don’t know much about it, you think the military is, you know, short hair and pushups,” Staples said. “[You need] someone to show you that it’s [also about] fascinating data science problems, it’s telemedicine, it’s figuring out how to deliver food to people that have been ravaged by hurricanes. You can take all the non-government organizations in the world and stack them up. But when you have someplace like Haiti that’s been completely blown over by a hurricane, nobody brings more helicopters than the U.S. Marine Corps.”
Staples notes that, traditionally, Silicon Valley was tight-knit with the defense community. “It’s a little known fact that almost 90% of all of the technology in the original iPhone was originally started as U.S. Department of Defense-funded projects,” he said. “For example, it uses the internet — which the DoD funded with the ARPANET, which became the internet. The original cellphone compression technology that became 3G was invented by the Army Research Laboratory. Corning Glass was actually designed to create scratchproof rifle optics. The military invented GPS so that submarines could pop up anywhere in the world and know exactly where they are.”
Can a hackathon not just give the Navy some of the tools it needs to solve big problems, but also serve as a recruitment platform for tomorrow’s tech startups and stars? That remains to be seen. It’s not a question Matthew Broderick and Ally Sheedy had to grapple with in WarGames, that’s for sure.
