View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 10, 2023

DARPA announces a global competition to create AI-enhanced cybersecurity tools

Through the development of such tools, the US agency is hoping to protect CNI and open source code from malicious interference.

By Claudia Glover

US government research and development organisation DARPA has announced it is holding its first AI Cyber Challenge (AIxCC) to encourage innovation in AI-optimised cybersecurity solutions, in a bid to overhaul the security of US critical national infrastructure (CNI) and open-source code. The two-year competition will be held in stages, with the final being held in Las Vegas in August 2025. The overall winner of the contest is set to receive $6m, with technology giants Microsoft, Open AI, Google and Anthropic providing pro-bono resources and advice to participants.

President Biden giving a speech.
Biden Administration has announced a competition, to be organised by US government research agency DARPA, to develop AI-enhanced cybersecurity tools. (Photo by Ron Adar/Shutterstock)

AIxCC has been organised to raise the bar of cybersecurity in the US, while also encouraging innovation in the ethical use of AI. 

“In the past decade, we’ve seen the development of promising new AI-enabled capabilities,” explained Perri Adams, DARPA’s AIxCC program manager, in a press release about the competition. “When used responsibly, we see significant potential for this technology to be applied to key cybersecurity issues. By automatically defending critical software at scale, we can have the greatest impact for cybersecurity across the country, and the world.”

Announced by the Biden Administration at this year’s Black Hat conference, the AIxCC will consist of a semifinal held next year at the DEFCON hacking conference, for which the prize is $2m for five winners. The winner of 2025’s final, also held at that year’s DEFCON conference, will receive a further $4m. Those placed second and third will received $3m and $1.5m respectively.

The competition will allow for two tracks for participation: a funded track for small businesses, and an open track. Up to seven successful applicants for the funded track will be offered up to $1m each to participate in the competition. 

The Open Source Security Foundation, a subsidiary of the Linux Foundation, will act as a challenge advisor to guide teams in creating AI systems capable of addressing vital cybersecurity issues, focusing on the security of critical national infrastructure (CNI) and software supply chains. 

Why is this happening now?

In a call to reporters on Tuesday previewing the announcement of the competition, the director of the White House Office of Science and Technology Policy Arati Prabhakar said that AIxCC was “a clarion call for all kinds of creative people and organizations to bolster the security of critical software that American families and businesses and all of our society relies on.” 

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“AI is the most powerful technology of our time, and we have to get it right for the American people,” Prabharker continued. “That means managing its risks and it means harnessing its tremendous potential.”

The strengthening commitment to overhauling the US’s cybersecurity posture comes amid increasing interest in automated AI-powered cybersecurity solutions, as devastating software supply chain attacks continue to breeze past the defences of public and private organisations. For example, the MOVEit Transfer vulnerability weaponised by Russian-speaking ransomware gang Cl0p has amassed over 600 victims, affecting nearly 40 million people since it first appeared in May of this year, according to Reuters. That same month, the US Cybersecurity and Infrastructure Security Agency released an advisory describing recent attempts by the People’s Republic of China to find vulnerabilities in US CNI.

‘Private sector partners have identified that this activity affects networks across U.S. critical infrastructure sectors,’ read the warning. ‘[T]he authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide.’

Read More: US government proposes guidelines for responsible AI use by military

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU