US Army releases cyber defense code, taps open source knowledge

The U.S. Army is harnessing the knowledge of the open source tech community in an attempt to bolster its cyber defenses.

Army tech experts have released a version of the Dshell forensic analysis code on the GitHub social coding site with the goal of better understanding compromises on Pentagon networks.

Dshell is a framework that lets users develop analysis modules based on security issues they encounter. Since the code was added to GitHub on Dec. 17, 2014, it has been downloaded more than 100 times, according to the U.S. Army Research Lab (ARL).

"Outside of government there are a wide variety of cyber threats that are similar to what we face here at ARL," said William Glodek, network security branch chief at ARL, in a statement. "Dshell can help facilitate the transition of knowledge and understanding to our partners in academia and industry who face the same problems."

Eager to tap into as broad a knowledge base as possible, Glodek is starting an open source working group at ARL to examine other potential GitHub projects.

"I want to give back to the cyber community, while increasing collaboration between Army, the Department of Defense and external partners to improve our ability to detect and understand cyber attacks," he said.

The security expert is confident that ARL will have a flourishing GitHub developer community within the next six months, encompassing users from government, industry, and academia.

The Army's move comes at a time of heightened awareness of cyber threats to key government infrastructure. Last year, for example, the main provider of background checks for the U.S. government fell victim to a cybersecurity attack. In 2013 a Defense Science Board report accused China of using cyberattacks to access information from almost 40 Pentagon weapons programs.

Pentagon cyber security was also thrust into the spotlight last month when hackers seized the U.S. Central Command's Twitter and YouTube accounts. The incident, which saw the accounts briefly carrying messages promoting the Islamic State, prompted the military to tighten its social media password security.

Follow James Rogers on Twitter @jamesjrogers