ARPA-H joins DARPA’s AI Cyber Challenge

Published

ARPA-H joins DARPA’s AI Cyber Challenge to safeguard nation’s health care infrastructure from cyberattacks 

The interagency collaboration expands the competition’s prize pool and creates direct transition pathways for AI cybersecurity tools and capabilities that address critical vulnerabilities in medical devices, hospital IT, and biotech equipment  

The Advanced Research Projects Agency for Health (ARPA-H) is joining forces with the Defense Advanced Research Projects Agency (DARPA) to expand the Artificial Intelligence Cyber Challenge (AIxCC). Cyber and ransomware attacks on America’s health care systems have increased significantly in recent years, often preventing patients from receiving care and compromising their personal information1. By collaborating with DARPA on the AIxCC, ARPA-H aims to spur the development of AI-enabled technology to safeguard hospitals, pharmacies, and medical devices from cyberattacks. 

AIxCC is a two-year competition that asks competitors to design novel AI tools and capabilities to find and fix vulnerabilities in software used in critical infrastructure. This software runs everything from transportation to water and wastewater systems, emergency services, and energy sources. At the center of this infrastructure are the health care and public health sectors, which are uniquely sensitive to disruptions in these areas. 

Teams will be given challenges based on real-world open-source and critical infrastructure software. The teams that meet the competition requirements will receive millions of dollars in cash prizes. Through this partnership, ARPA-H will lend its expertise in health care to ensure the competition appropriately addresses critical vulnerabilities in the health care ecosystem. ARPA-H is also committing an additional $20 million to reward top performers and help transition resulting technologies to address software vulnerabilities in medical devices, hospital IT, and biotech equipment. 

“In the wake of recent cyberattacks targeting our nation’s digital health infrastructure, there is increased urgency to develop straightforward and dependable solutions to protect patients’ data and access to care,” said ARPA-H Director Renee Wegrzyn. “Off-the-shelf software tools aren’t cutting it when detecting emerging cyber threats and protecting our country’s care centers. We need rapid progress to close these gaps, which is why ARPA-H is partnering with DARPA on AIxCC to drive the development of next-generation digital security tools that can address this urgent challenge.”  

AIxCC also brings together leading AI companies Anthropic, Google, Microsoft, and OpenAI to make their cutting-edge technology and expertise available to challenge competitors. Additionally, the Open Source Security Foundation, a project of the Linux Foundation, will serve as an advisor in developing realistic competition challenges, and ensuring the solutions developed through this challenge can transition to the real world.  

“In an increasingly connected world, cyberattacks on our infrastructure are a tremendous threat to national security. Similarly, connected sectors like transportation, water, and energy can have a cascading impact on a hospital’s ability to provide care,” said DARPA Director Stefanie Tompkins. “By partnering with ARPA-H on AIxCC, we are broadening the competition to innovators with ideas to address digital infrastructure vulnerabilities across sectors supporting national security more broadly.”   

AIxCC semifinal and final competitions will be held at DEF CON, an internationally recognized cybersecurity conference that draws tens of thousands of experts, practitioners, and spectators from around the world to Las Vegas every August.  

Visit AICyberChallenge.com for complete details about the competition, including registration timeline, eligibility information, rules, and more. 

  1. Assistant Secretary for Public Affairs (ASPA). “HHS Office for Civil Rights Issues Letter and Opens Investigation of Change Healthcare Cyberattack.” HHS.Gov, March 14, 2024. https://www.hhs.gov/about/news/2024/03/13/hhs-office-civil-rights-issues-letter-opens-investigation-change-healthcare-cyberattack.html.