Sponsored by Spectra Group
05 Aug 21. US Navy chief pleads for more funding, says US can lose cyber war. Principal Cyber Advisor at the Department of the US Navy Christopher Cleary warned this week that the US could lose a cyber war if the government was unwilling to fund the cyber domain.
As reported by the US news outlet MeriTalk, while many of the US’ key organisations have tried to protect their organisations in the cyber domain with an array of defensive techniques and measures, Cleary suggests that there is little limit to how sophisticated malicious state-based and criminal hacking groups can become in this domain.
The warnings come following months of cyber intrusions across the United States, including the Colonial Pipeline attack as well as the Microsoft Exchange hack. Recently, Australia joined a chorus of 30 nations holding the CCP responsible for state-sanctioned cyber attacks, which enabled cyber criminals to exploit loopholes in Microsoft.
“Cyber security is an infinite game. There’s no perfect tool that’s going to come out,” Cleary was quoted as saying in MeriTalk.
“One of the things as a realist in the environment, I would acknowledge zero trust is a great construct … [but] zero trust is not the last construct we’re going to see. It’s just the thing we’re focused on now.”
Indeed, one of the crucial factors that Cleary noted was that cyber groups are able to impact considerable damage with constrained funding.
“The only way that you that you fall out of the infinite game is you either lose the will or the resources to continue,” Cleary continued.
“If you find yourselves in the crosshairs of a sophisticated adversary, you could have every tool on the market, you could have every product … but do you have the time and resources to train your people appropriate to use those products for more than a security standpoint … when you have to transition into more of a dynamic defensive standpoint, which is really where the art of our adversaries are coming at us.”
Indeed, according to MeriTalk, cyber criminals can inflict widescale damage to organisations without requiring costly infrastructure.
“Somebody somewhere is making cyber, a very, very expensive problem for the Department of Homeland Security, for the Department of Defense. You know, I’m not a conspiracy theorist, but I’m also not a dummy,” Cleary said in the publication.
“Warfare is simply about getting your adversary to succumb to your wants, needs, and desires. We always saw that through the engagement of kinetic military actions that’s going to get my adversary to eventually succumb to my will. Well, now we’re finding there’s a lot of other ways our adversaries can get us to succumb to their will. This is very much one of them.” (Source: https://www.cybersecurityconnect.com.au/)
05 Aug 21. Putin’s push for isolated internet will shift the Russian cyber landscape. After President Biden’s Geneva meeting with Russian President Vladimir Putin, the heads of state declared their commitment to future, lower-level cybersecurity dialogues. Biden, in a press conference held separately from Putin — smartly so, given the latter’s propensity for lying and what-about-ism at media events — also said he pressed Putin to crack down on cybercrime in Russia. And yet, just weeks later, over the July 4 weekend, a criminal group in Russia launched a ransomware attack on Kaseya, a U.S.-based managed service provider.
Now, ransomware is all over the news. Biden told Putin in a July 9 phone call to curb recent ransomware attacks coming from within Russia, and on July 20, the House Energy and Commerce Committee held a ransomware hearing that further catalyzed productive conversations about government responses to the threat. Yet when talking about Russia and ransomware in particular, the national security and cyber policy communities should not forget another force shaping the Russian internet security landscape, and one that the U.S. and its NATO allies can no longer ignore: Putin’s push for an isolatable domestic internet.
Western debates often separate out Russian domestic internet policy from the Russian cyber ecosystem, but there are many important links between the two, which I explore in a new Atlantic Council report. The so-called domestic internet law in Russia, signed in 2019, was itself propelled by Kremlin fears of U.S. interference in Russian politics and with Russian interests via the open internet. As Moscow pursues its (frankly, very) aspirational goal to isolate the internet in Russia from the rest of the world, it’s worth asking what further internet isolation could do to shift cyber operations conducted from within Russia — and the Kremlin’s calculus around them.
Putin’s general worldview — one of paranoia, conspiratorial thinking, zero-sum international competition — is reflected in his comments on, and his regime’s approach to, the internet domestically. The Kremlin sees internet openness as a threat to regime stability. It continually imagines a Western hand in digitally coordinated protests in Russia (even those visibly organized by Russian citizens), and in the influence Silicon Valley tech giants have on global online discourse. Olga Melnikova, head of the Russian Ministry of Foreign Affairs’ Department of International Information Security, recently underscored this belief in an article that lamented the United States’ “dominance” of global cyberspace and pointed to greater state control of internet standards as the solution.
Internet control in Russia is not easily understood, though, if Beijing’s internet control model is taken as the sole paradigm of digital repression. The Kremlin relies on much less technical control than its Chinese counterpart, and instead uses a mix of traditional, offline tactics along with some technical ones to shape behavior. As the Atlantic Council report says, “Intimidation, harassment by security services, court-ordered fines, and complex, restrictive, and inconsistently enforced speech laws are all employed to shape the internet in Russia and citizens’ interactions with it.”
The Russian government’s push to develop a domestic internet — the focus of a so-called domestic internet law that went into effect November 2019 — is already changing this internet landscape. Moscow has already run into hurdles, including technical challenges in consolidating control of internet traffic routing and political challenges in compelling internet companies to install packet-filtering equipment on their networks. A domestically isolatable internet is easier said than done. But as part of this push, changes to internet within Russia are already underway: more authorities for Roskomnadzor, Russia’s internet and media regulator, to issue orders to companies; wider deployment of deep packet inspection, which the state used to throttle (slow down) Russians’ access to Twitter in March.
Further internet isolation could increase the Kremlin’s feelings of insulation from foreign cyber threats, prompting more assertive, overseas-focused operations in response. It could also cause the Russian government, if isolation were widespread enough, to increase its involvement with select cyber proxies in some cases, to provide necessary infrastructure or other technical capacities to launch operations that would require strong and prolonged connectivity to the global internet.
However, negatively impactful possibilities abound; building a custom DNS for Russia could make it easier for foreign powers to manipulate traffic routing within Russia, or aid in the attribution of Russia-originating cyber operations due to unique DNS signatures. Isolating the internet within Russia from the rest of the world could also harm the Russian technology sector and, specifically, cyber skill development. There are many possibilities, and they may shift as the Russian government continues its push to establish a sovereign, isolatable internet domestically.
The White House said it did not believe the Kremlin was involved with ransomware attacks launched earlier this year against major U.S. companies, and that may very well be true. Putin does not control everything in Russia. Yet the regime’s coercion of domestic tech companies — meshed with its overall coercion and control of regime-threatening forces — underscores that Putin could crack down on cybercrime if he so desired.
The U.S. and its NATO allies must confront this interplay head-on. Washington should link strategic and operational interagency conversations on Russian cyber operations with those on Russian internet policy. It also must bridge these gaps within bureaucratic organizations, such as in the Department of State, where teams often manage these issue sets separately from one another. Internationally, the NATO bloc must pay more attention to domestic Russian internet policy developments, including integrating changes to Russian internet architecture into conflict scenario planning and commissioning further studies on the interplay between Russian internet policy and the Russian cyber ecosystem. U.S. and EU partners must also recognize there is limited room for maneuver: The Kremlin is not going to waver in pursuing internet isolation. The greater pressure points for the Putin regime may be the technical and economic difficulties it faces in pursuing the “sovereign internet,” rather than its overall political calculus (where internet control and regime security are aligned).
Russia’s Deputy Foreign Minister recently advocated for the U.S. and Russia to broaden their cyber talks beyond cybercrime, likely an attempt to distract from the ransomware issue by bringing espionage, military cyber operations, and other topics into the fray. But if the U.S. is going to continue addressing cyber threats from within Russia, it must prioritize a comprehensive analysis of Russian cyber policy amidst all these incidents. (Source: Defense News)
05 Aug 21. US Navy aims to tackle cross-domain data sharing in Project Overmatch. The Navy is hoping to clear network and data hurdles at the tactical edge with its answer to Joint All Domain Command and Control (JADC2).
Kelly McCool, the acting director for the Digital Warfare Office, said Project Overmatch, the Navy’s initiative to create an architecture to seamlessly send information across networks, platforms and domains, will first focus on understanding what data the tactical units need now and “stitch” it together.
“What we’re really after is, much like our phones, having the ability to send information from point A to point B without caring about how it got to that place,” McCool said during a Aug. 2 panel discussion at the 2021 Sea Air Space Conference. “Being able to walk and have different Wi-Fi networks pick up our cell phone towers …that being seamless to us. That’s really what we need in our networking capabilities across the fleet.”
The Navy, like the other military branches, is trying to solve the problem of sending key data to decision makers fast enough and over contested networks. But there’s the persistent challenge of getting the right information to the right individual, while having a backup plan.
“Conceptually, the idea of any sensor, any shooter, that’s to me, nirvana. But I think more practically, we’re looking at how do you ensure you have primary alternate paths, you have contingency paths, you have emergency paths. And having that flexibility [bound] in some way, is really what we need to go after, in addition to designing for the security upfront…that has to be a No. 1 design constraint as we’re as we’re going through this,” McCool said.
“Let’s start with what our tactical units need right now to coordinate across aviation, surface and subsurface, and how do we stitch that data together in a way that is meaningful. But then set the conditions so that we can scale rapidly as we learn more,” she said.
Rear Adm. Douglas Small, the commander of Naval Information Warfare Systems Command, said JADC2 was less about connectivity and more about getting the right information to the right person fast enough to make a decision before the adversary can react, but with the caveat of some of that information being at the highest classification levels.
“Too often the discussion on JADC2 focuses on the lightning bolts, how are we going to connect everything to everybody … that’s not the problem we’re trying to solve,” Small said during a separate question and answer session following the JADC2 panel.
Small said the Navy wants to be able to separate data from applications and provide it “as-a-service.”
“It’s like Facebook … all of your data stays the same, the app can be updated,” he said. “The data that’s in there is not touched because the data is provided as a service.”
But from a warfighting perspective, a major challenge is making sure the data can be “hidden” — something that a combat cloud platform could help with, according to Scott Stapp, the chief technology officer for Northrop Grumman.
“To share data shouldn’t be that hard. What you really find out in the classification world, which is what makes it hard to share with allies, it’s platform. So when unique data is coming from a unique platform, it is hard to hide that. When we get to a point where we can actually push data into a platform where it can all be combined together into a cloud environment, pushing that data to allies becomes easier, because you can hide it,” Stapp said during the panel.
“Again, data is just data. So as long as it’s nothing too unique, you should be able to push it out at a collateral level, which allows you to do both coalition allied,” he said. (Source: Defense Systems)
05 Aug 21. Department Prioritizes Electromagnetic Spectrum Superiority, Implementing 2020 Strategy. The Secretary of Defense Lloyd James Austin III signed the 2020 Electromagnetic Spectrum Superiority Strategy’s Implementation Plan (EMSSS I-Plan) on July 15. The Strategy’s I-Plan provides the Department of Defense with the direction and executive oversight needed to achieve the Strategy’s vision of “freedom of action in the electromagnetic spectrum, at the time, place, and parameters of our choosing.”
The Department’s air, land, maritime, space, and cyberspace operations depend on the electromagnetic spectrum (EMS). In the midst of commercial advances, and increasingly contested, congested, and denied spectrum environment, the Department is committed to prioritizing our warfighters’ freedom of action and achieving spectrum superiority while supporting the Nation’s economic competitiveness.
The Vice Chairman of the Joint Chiefs of Staff is the Senior Designated Official (SDO) and oversees the implementation of the EMSS Strategy and leads the Strategy’s execution and oversight.
“Today’s EMS Superiority Strategy combined our electromagnetic warfare and spectrum equities for the first time ever,” said Air Force Gen. John E. Hyten, Vice Chairman of the Joint Chiefs of Staff. “The Strategy’s I-Plan provides direction to the Department to accomplish the Strategy’s goals and objectives and realize the vision. Future challenges require us to fight and win in the EMS from the beginning, and commanders must plan to win the EMS in their area of responsibility. The Strategy’s I-Plan sets us on a path to dominate the future battle space. While the services are organizing, training, and equipping better for EMS, we have more work to do. We are determined to get there and achieve spectrum superiority in all domains.”
The Department’s advancement in EMS superiority is essential to successful modern military operations to mitigate risks to U.S. national and economic security. Due to the rapid pace of EMS technology development, DoD must continually reassess, develop, and adopt new capabilities, techniques, training, and enterprise-level integration across the Department and with international and domestic partners. The Strategy lays a foundation for an enduring EMS community, decisive EMS maneuverability, and maximized EMS-sharing. The I-Plan provides the direction for the Department to regain EMS dominance.
The U.S. Strategic Command is the lead for EMS operational advocacy.
“In today’s modern battlefield, the joint force has to achieve electromagnetic spectrum superiority,” said Navy Admiral Charles Richard, commander, U.S. Strategic Command. “We have gotten used to a process designed for permissive environments that are intended to minimize programmatic and technical risk at the expense of operational risk. One of my big functions inside the EMSSS I-Plan is to bring the operational risk component back into the department processes.”
On Oct. 29, 2020, the Department published the 2020 Electromagnetic Spectrum Superiority Strategy to align EMS resources, capabilities, and activities across the DoD to support our core national security objectives and remain mindful of U.S. economic prosperity. The Strategy has five goals:
Goal 1: Develop Superior EMS Capabilities
Goal 2: Evolve to an Agile, Fully Integrated EMS infrastructure
Goal 3: Pursue Total Force EMS Readiness
Goal 4: Secure Enduring Partnerships for EMS Advantage
Goal 5: Establish Effective EMS Governance
The DoD Chief Information Officer works in partnership with the Electromagnetic Spectrum Operations Cross-Functional Team (EMSO CFT) to achieve the goals and objectives of the EMSSS. The EMSO-CFT is a unique team empowered to identify requirements, develop policies, and implement plans to establish EMS enterprise governance and improve EMSO capabilities across the Department to achieve EMS superiority, assuring military advantage over competitors.
The EMSSS I-Plan provides the Department with the vision, plan, leadership, and tools to build a Department-wide EMS Enterprise. The I-Plan requires accountability and results. It prioritizes greater oversight, integrating electromagnetic spectrum operations across DoD, governance and management reforms, progress on workforce issues, and conditions to facilitate a smooth transition from the SDO and EMSO CFT to enduring functions in the Department.
“The enterprise approach in the EMSSS I-Plan reaches beyond the traditional ‘silos’ and drives the Department to act in a more integrated fashion, mirroring the shared nature of the EMS,” said Acting DoD CIO, John Sherman. “It allows us to pursue, track, and measure identified EMS capability gaps; enables the DoD to define and refine our policy, processes, and procedures; and establishes effective and enduring EMS governance. As we did with Cyber, we will define an EMS Workforce and look at what we need to do to increase and track our readiness across this strategically significant, cross-domain maneuver space. Lastly, it is important to note the I-Plan defines enterprise EMS capabilities and establishes and executes new processes for funding, tracking, and reporting of those capabilities.” (Source: US DoD)
05 Aug 21. Guardrail Goodbye. At fifty years old, the US Army’s Guardrail series of Signals Intelligence (SIGINT) aircraft are looking at a well-deserved retirement. The Guardrail concept employed a turboprop aircraft, initially Beechcraft’s U-21 based on the company’s King Air turboprop family. From 1983 the army used the RC-12 series based on Beechcraft’s C-12D Heron turboprop . Since then, the RC-12 has been cycled through several incarnations. The RC-12X represents the latest incarnation. The aircraft is deployed at the operational level. It supports the ground force manoeuvre commander by detecting and geolocating radio and radar emissions. The exact frequencies the RC-12X is capable of detecting remain classified. These are most probably wavebands of at least 30 megahertz up to 20 gigahertz. This would allow the aircraft to detect very/ultra high frequency radio signals, and radar signals from red force Weapons Locating Radars (WLRs).
The location of red force units can be determined by detecting and geolocating radio and radar signals. This information can be shared in real time across tactical datalinks allowing commanders to plan and execute their scheme of manoeuvre. A surge in red force radio traffic may mean that manoeuvre is imminent, for example. Meanwhile the collection of electronic intelligence pertaining to WLRs lets artillery determine the location of hostile radars so that these can be made priority targets for fires.
The US Army’s High Accuracy Detection and Exploitation System, or HADES forms the mission system for the Intelligence, Surveillance and Reconnaissance (ISR) aircraft which will replace the RC-12X. Reports state that candidate aircraft include the Boeing 737-800ERX, Gulfstream G-550, Bombardier Global Express and Northrop Grumman RQ-4B Global Hawk.
The HADES payload will include Communications Intelligence (COMINT) and Electronic Intelligence (ELINT) sensors. Reports continue that some of the sensor architecture equipping the HADES mission system has been flown on two Bombardier Challenger-650 test beds. The aircraft, and their mission system, is known as the Aerial Reconnaissance and Targeting Exploitation Multi-Mission Intelligence System, or ARTEMIS.
The US Army revealed their existence in August 2020. Since this announcement, the two aircraft have performed several sorties to the Asia-Pacific and Europe. These aircraft have almost certainly been evaluating the performance of the COMINT and ELINT sensors within the ARTEMIS architecture. A deployment to the Black Sea region in September 2020 is illustrative.
In June, the US Army awarded contracts to L3 and Raytheon for Phase-1 of HADES. Both companies will develop prototype ELINT and COMINT capabilities which for the HADES architecture. This contract should conclude in January 2023.
All the candidate aircraft offer a significant leap over the RC-12X’s current capabilities. Taking the Beechcraft King Air series as a guide, the RC-12 has a range of circa 1,720 nautical miles/nm, a 310 knot (570 kilometres-per-hour) cruising speed and a ceiling of 35,000 feet (10,668 metres). The 737-800ERX has a range of circa 2,935nm (5,436km), a 455 knot (842km/h) cruising speed and a ceiling of 41,000ft (12,497m). The G-550 has a range of 6,750nm (12,500km), a cruising speed of 566 knots (1,049km/h) and a ceiling of 51,000ft (16,000m). The Global Express Global-5000 has a 5,200nm (9,630km) range, a cruising speed of 504 knots (934km/h) and a ceiling of 51,000ft. Finally, the RQ-4B has a 12,299nm (22,780km) range, a cruising speed of 310 knots (570km/h) and a ceiling of 60,000ft (18,000m).
These criteria are important. Range translates into endurance. The longer the range, the longer the aircraft can remain on station. This is vital if the aircraft is to provide the manoeuvre commander continual real-time reports on the situation on the ground derived from the COMINT and ELINT the aircraft gathers.
Likewise speed is important. The quicker the aircraft, the quicker it can deploy. This is particularly relevant if the aircraft is located in the continental United States and needs to rapidly reach Europe or the Asia-Pacific due to a sudden crisis.
Altitude has a similar relevance. The higher you are, the more you can see. Flying at 35,000ft the RC-12 would have a line-of-sight range of 230nm (425km). This is already quite respectable for operational-level SIGINT collection. However, taking either the G-550 or Global-5000 as an example, this increases to 277nm (513km). It is perhaps no surprise that the army is not looking at turboprop platforms for the HADES requirement.
COMINT and ELINT capabilities form one part of the wider HADES architecture.
A spokesperson for the US Army’s Programme Executive Officer for Intelligence, Electronic Warfare and Sensors told Armada that “HADES will carry a variety of SIGINT sensors, synthetic aperture radar/moving target indication radar, cyber, electronic warfare, optronics sensors and air launched effects.”
SIGINT components will be folded into the first increment of HADES, alongside the radar. The spokesperson continued that the open architecture standards at the heart of HADES means that “upgrading, changing or incorporation new sensors will require minimal changes to the aircraft.” This should also keep integration costs manageable during the aircraft’s lifetime.
Reports say that Phase-2 will see the contractors performing additional developmental work on the aircraft’s COMINT/ELINT sensors. The spokesperson stated that, although Phase-2 has been fully funded, its timelines are still to be set: “The government will make that decision based on the amount of development work required as determined by Phase-1, balanced against the desire to rapidly deliver capability to the field.” Although the spokesperson said that there are no firm dates as yet for HADES’ fielding, “we currently plan to deliver HADES to the field as a prototype for soldier evaluation in the 2024/25 timeframe.” (Source: Armada)
05 Aug 21. The Australian government has selected Lockheed Martin Australia and Northrop Grumman Australia to continue to the final stage of the competitive evaluation process for the Australian Defence Force’s new Joint Air Battle Management System. Minister for Defence Peter Dutton commended the commitment of both Defence and Australian industry in working together to increase the protection of Australian deployed forces. “The Morrison Government’s $2.7bn investment in a sovereign Joint Air Battle Management System will deliver a critical capability to defend against increasingly advanced air and missile threats,” Dutton said. “Through the competitive evaluation process, Australian industry has demonstrated its versatility and adaptability to provide innovative proposals in the challenging field of Integrated Air and Missile Defence. The Joint Air Battle Management System will connect our ships, aircraft and other capabilities together in a way that multiplies their defensive power.”
Minister for Defence Industry Melissa Price congratulated the successful participants on their well-considered and highly competitive responses. “Defence found the down-selected companies demonstrated the best understanding of its capability requirements, as well as a strong commitment to developing Australian industry capability,” Price said. “I look forward to seeing the advanced technical solutions and prototypes that will be developed as these companies refine their final offering for the Joint Air Battle Management System.”
The competitive evaluation process will select an Australian company to lead the delivery of the Joint Air Battle Management System and provide the core architecture of Defence’s future Integrated Air and Missile Defence capability. Boeing Defence Australia and Raytheon Australia also participated in the first stage of the competitive evaluation process, and will continue to be involved in developing the Joint Air Battle Management System and supporting the Integrated Air and Missile Defence Program. The successful strategic partner for the Joint Air Battle Management System is expected to be announced in late 2023. Joe North, chief executive Lockheed Martin Australia and New Zealand said, “Today’s announcement marks the next step in AIR6500-1 to work in partnership with the Australian Defence Force and industry partners to support the Royal Australian Air Force’s vision to transform the Air Force into a next-gen-enabled force through delivering a sovereign highly advanced Joint Air Battle Management System to protect Australia’s security. Since 2016, we have been highly committed to supporting the AIR6500-1 project. Our Lockheed Martin Australia AIR6500-1 team has steadily grown over this time to over 80 Australians in Adelaide, Canberra and Williamtown. Critical to that effort has been our focus on proactively engaging and establishing important partnerships with Australian industry to identify and invest in ‘best of breed’ local capabilities to deliver a truly sovereign capability solution for Australia,” said North.
Lockheed Martin Australia will continue partnering with industry, academia and government to develop, integrate, build, and sustain future technologies that can be integrated into an open architecture framework to support AIR6500-1. This approach will ensure innovative small to medium Australian high-tech businesses remain at the core of shaping Australia’s future defence capabilities. “We look forward to collaborating with Australian industry and the Royal Australian Air Force to progress the AIR6500-1 solution as part of the CEPS2. We would like to congratulate Northrop Grumman for also being down selected for the CEPS2,” said North. (Source: News Now/https://asiapacificdefencereporter.com/)
04 Aug 21. Australia unveils new data strategy. The Commonwealth government has laid out a new plan aimed at bolstering cyber resilience across Defence amid the heightened threat environment.
Assistant Minister for Defence Andrew Hastie has announced the release of the Defence Data Strategy 2021-2023, which outlines the pillars, practical initiatives and priority data areas required to enhance data management and analytics across Defence in response to the evolving threat environment.
The five-pillar strategy — govern, trust, discover, use and share — aims to enable Defence to more effective leverage data to execute tasks in support of Australia’s national interests.
Priority areas include;
- Identifying gaps in workforce capability
- Assessing the effectiveness of capability delivery to stakeholders
- Exploring better ways to improve organisational capacity and provide policy advice to government
- Identifying ways to ‘stand up’ strategic taskforces and support their evolving needs
- Improving whole-of-life health, safety, and wellbeing outcomes for past and present ADF personnel and their families
To advance the agenda outline int eh strategy, the government has set out a roadmap detailing next steps.
This begins with the appointment of a chief data integration officer and an implementation team later this year.
The chief data integration officer will be responsible for leading Defence engagement with Five Eyes and whole-of-Australian government data and analytics forums.
This will be followed by the development of a detailed implementation plan, a Defence data operating model, and the establishment of a Defence data management board.
“As our strategic challenges evolve, we are also witnessing the exponential growth of data and its application in the digital battle space,” Minister Hastie said.
In the uncertain years ahead, the use of data and the management of data will be fundamental to how we keep our nation and our people safe and secure.”
Minister Hastie noted the deterioration of the geostrategic environment amid major power competition, military modernisation, and disruptive technological change.
“Expanding cyber warfare, grey zone tactics, and the willingness by some countries and non-state actors to use hostile cyber activities are further degrading Australia’s strategic environment,” he continued.
“These cyber activities will compromise military capability and operations if we fail to act. They can also drive disinformation, weaken critical infrastructure, and destabilise political and social systems.
“They are a reality that we cannot ignore.”
Hastie added: “Whether we like it or not, we are joined in an online contest to preserve our digital sovereignty as a country.
“Therefore, lifting Defence’s data maturity across the organisation will position us to achieve a strategic advantage over our adversaries.” (Source: Cybersecurity Connect)
03 Aug 21. Pentagon uses AI to predict enemy moves ‘days in advance.’ The US military is testing an advanced artificial intelligence (AI) system that it hopes can predict an enemy’s next move days before it actually occurs. Predicting the future is normally a hopeless task, but advances in technology and the increasing shift to using AI to assist decision-making have opened up possibilities for warfare that would once have felt like science fiction. The US defence department has created a new acronym for the computerised crystal ball-gazing: GIDE, or global information dominance experiments. The aim is to achieve “decision-making superiority”, said General Glen VanHerck, commander of Northern Command and the North American Aerospace Defence Command, both of which are intended to protect the US homeland from every form of enemy attack.
“What we’ve seen is the ability to get way further [than] being reactive into actually being proactive — and I’m talking not minutes and hours, I’m talking days,” he said at a Pentagon briefing.
The project outlined by the general, which has been in development for about a year, echoes the film Minority Report, based on a Philip K Dick story, where Tom Cruise was a cop in a “pre-crime” division where arrests are made based on predictions of a future criminal acts.
VanHerck said the system represented “a fundamental change in the way we use information and data” to accelerate decision-making at the tactical and strategic level at a time when both Russia and China are challenging the US on a daily basis.
In the latest of three experiments carried out by the Pentagon and all 11 US combatant commands, one of the focuses was on envisaging a threatened takeover of the Panama Canal by such a “peer competitor”, disrupting a crucial line of communication for US military logistics.
During the simulated attack, AI systems exploited a mass of data in a way no human could absorb to predict how the enemy might react, by examining patterns and changes. Once alerted to anything significant, commanders fed the information to orbiting satellites to “take a closer look at what might be going on in a specific location”, VanHerck said.
“The ability to see days in advance creates decision space,” he added.
In the past, secret information provided by intelligence sources such as satellites could take a long time for an analyst to pore over.
“Now the machine can take a look and tell you exactly how many cars are in a parking lot or how many aeroplanes are parked on a ramp, or if a submarine is getting ready to leave or if a missile’s going to launch. Where that may have taken days before, or hours, today it can take seconds or less than minutes,” the general said.
The project was not about new ways of gathering data: “This information exists from today’s satellites, today’s radar, today’s undersea capabilities, today’s cyber, today’s intelligence capabilities.
“What we’re doing is making that data available and shared into a cloud where machine learning and AI look at it and process it really quickly and provide it to decision-makers.
“This gives us days of advanced warning and ability to react. Where in the past, we may not have an analyst eyes-on with a satellite image, now we are doing that in near real-time.” (Source: The Times)
03 Aug 21. UK Ministry of Defence makes first ever bounty payments to hackers. Just over two dozen security researchers took part in the MoD’s first programme which provided them with direct access to its internal systems. The Ministry of Defence (MoD) has for the first time paid bounties to hackers for finding vulnerabilities in its computer networks before they could be exploited by the UK’s adversaries.
Just over two dozen civilian hackers were permitted to take part in the 30-day programme after undergoing background checks with HackerOne, a company that specialises in bug bounty competitions.
In an announcement on Tuesday, the ministry’s chief information security officer, Christine Maxwell, said the security test was “the latest example of the MoD’s willingness to pursue innovative and non-traditional approaches” to securing its networks.
Bug bounty programmes offer hackers a financial reward for discovering and disclosing software vulnerabilities so they can be fixed rather than exploited by hostile states.
Many of the largest technology companies offer monetary rewards to security researchers, or hackers, for disclosing issues so that they can be patched – and the MoD is the latest government organisation to run a specific competition for those purposes.
Trevor Shingles, one of the participants, focused on identifying authentication bypasses that would allow people already on the MoD’s systems to access material which they shouldn’t be able to.
Mr Shingles, who is British but didn’t have any affiliations with the UK government before taking part in the bug bounty programme, connected to the MoD systems from a comfy chair in his study at home.
Ms Maxwell said: “Working with the ethical hacking community allows us to build out our bench of tech talent and bring more diverse perspectives to protect and defend our assets.
“Understanding where our vulnerabilities are and working with the wider ethical hacking community to identify and fix them is an essential step in reducing cyber risk and improving resilience.”
Mr Shingles said he didn’t want to go into “the finer points” about the rewards he received, but added that it was “nice to see the MoD taking the same direction with their security as the US Department of Defence (DoD)”, which has run bug bounty programmes previously that he participated in.
Katie Moussouris, a security researcher and the chief executive of Luta Security, worked with the US DoD to launch the Pentagon’s first bug bounty programme in 2016 after pioneering some of the fundamentals in the vulnerability disclosure field.
Before working with the DoD, she started Microsoft’s bug bounty programme in 2013, working out the game theory and economics which would make bug bounties viable for a company which was then receiving up to 250,000 free vulnerability reports a year from the community of security researchers.
“From there, I was invited to brief the Pentagon on how to take such a complex problem and scale it so that it could work in large, complex organisations like the US Department of Defence,” Ms Moussouris told Sky News.
Following that, Luta Security was contacted by the UK’s National Cyber Security Centre (NCSC) to help shape the British government’s mechanisms for coordinating vulnerability and bug reports.
“I had worked with MoD back in that pilot programme, so it’s nice to see that they’ve taken a few years to get their processes in order – which is exactly what we recommend,” she added.
“Bug bounty programmes are a useful tool, but only if you’ve invested in preparations to fix those bugs in the first place. Even more importantly, that you’ve invested your own resources to try to uncover low-hanging fruit yourself first.”
Martin Mickos, the chief executive of HackerOne, said: “Governments worldwide are waking up to the fact that they can’t secure their immense digital environments with traditional security tools anymore.
“Having a formalised process to accept vulnerabilities from third parties is widely considered best practice globally, with the U.S government making it mandatory for their federal civilian agencies this year.
“The UK MoD is leading the way in the U.K government with forward-thinking and collaborative solutions to securing its digital assets and I predict we will see more government agencies follow its example.” (Source: The SUN)
02 Aug 21. General Dynamics Mission Systems Introduces Badger Software-Defined Radio. General Dynamics Mission Systems introduced the new Badger software-defined radio today at the Navy League’s Sea-Air-Space Symposium in National Harbor, Maryland. Produced at the company’s Scottsdale, Arizona facility, the Badger is a compact, 2-channel software-defined radio that provides Multiple Independent Levels of Security (MILS) for ship-to-ship and ship-to-shore voice and data communications. It is the only radio available that provides High Frequency (HF), Very High Frequency (VHF), Ultra High Frequency (UHF) and SATCOM Mobile User Objective System (MUOS) waveform capability. The integration of MUOS significantly enhances beyond line-of-sight, or satellite voice and data communications.
Badger’s software-defined, flexible open architecture enables future next-generation communications including waveforms, encryption algorithms and advanced network connectivity to be easily incorporated without redesign. Similar to a commercial smartphone, this approach simplifies the incorporation of new features and functions by enabling the radio to be upgraded in the field without having to take it out of service, resulting in significant time and cost savings. In addition, the Badger’s Voice over IP (VoIP) audio capability modernizes and simplifies platform audio distribution using network connectivity.
The Badger is based on the long history of General Dynamics’ Digital Modular Radio (DMR). With over 900 radios delivered, DMR provides secure communications aboard U.S. Navy surface and sub surface vessels, as well as fixed sites. At a quarter of the size of DMR, Badger provides the waveforms and flexibility of the DMR in a compact platform.
“The Badger was developed in collaboration with our customer to meet their requirements for smaller ships and platforms,“ said Stan Kordana, Vice President of Surface Systems at General Dynamics Mission Systems. Badger offers many of the same capabilities that have made DMR a communications standard for the U.S. Navy, in a much smaller form factor. The reduced size, weight and power make it ideal for smaller platforms across multiple domains that only require two channels, and at the same time simplifies logistics and reduces costs.”
The Badger has programmable embedded NSA certified Type 1 encryption that secures communications and simplifies the system architecture. It has MILS capability which enables it to communicate simultaneously at multiple levels of security, on each of the radio’s two channels.
For additional information or to purchase a Badger, please visit www.gdmissionsystems.com/Badger.
General Dynamics Mission Systems, a business unit of General Dynamics (NYSE: GD), provides mission-critical solutions to defense, intelligence and cyber-security customers across all domains. Headquartered in Fairfax, Virginia, General Dynamics Mission Systems employs more than 12,000 people worldwide. For more information about General Dynamics Mission Systems’ broad portfolio of capabilities, visit gdmissionsystems.com or follow @GDMS on Twitter.
02 Aug 21. Electronic attack system to provide U.S. Navy more capabilities, flexible options. U.S. Navy’s ship-based electronic countermeasure system will provide an unlimited supply of ammunition against incoming threats, allowing the service to be more dynamic, and will open up new concepts for other capabilities, the system’s contractor said.
The Block III of the Surface Electronic Warfare Improvement Program, or SEWIP, provides ships a non-kinetic, electronic attack capability and will be outfitted to Arleigh Burke-class destroyers, but contractor Northrop Grumman said there are bigger plans in the works.
The Navy awarded Northrop a contract in June to develop a technology data package based on the SEWIP technology for larger-deck ships such as aircraft carriers and amphibious assault ships.
“This system was developed at a really good time because as our peer and near-peer adversaries are growing in capability, one of the areas that they’re growing in is anti-ship missiles,” said Mike Meaney, vice president of land and maritime sensors at Northrop. “Really, really essential that all of our deployed forces have effective EA [electronic attack] against some of our adversaries’ weapons.”
The SEWIP system essentially provides an “unlimited supply of bullets” against incoming missiles or any other threats, Meaney said, to non-kinetically confuse the missile or deny it information, forcing the weapon to crash into the ocean.
Meaney added that with further development and deployment of this type of technology, ships will have the ability to increase their kinetic missile magazines and be more flexible to use those kinetic weapons in other ways rather than dedicating some to shooting down incoming missiles.
“What we see as the future is by having effective electronic attack systems like SEWIP on ships, it’s going to allow the ship’s captain and crew to depend on them and solve the anti-ship threat with non-kinetic solutions, allowing them more missiles than their magazine to shoot for offensive purposes,” he said. “That’s the opportunity that SEWIP provides to the Navy, is an opportunity to rely out how they configure their ships’ missile magazines. And as it’s proven out there and fully demonstrated, the confidence will grow, and then the Navy can look at putting more offensive weapons into their ship magazines than they currently have today.”
In terms of deployment, for the two systems on which Northrop received low-rate initial production approval, Meaney said the service will install them to the destroyers later this year. He declined to identify the warships or offer a concrete timeline. The equipped ships will then undergo sea trials — the capstone test for the system.
SEWIP was built with an open-architecture, hardware-designed, software-enabled approach, allowing for rapid upgrades to keep pace with changing threats. It was also designed to be multifunctional, providing the Navy additional options, including signals intelligence capabilities, limited radar and communications.
“We developed an advanced communications link using some of the best technology and showed a brand-new communications signal coming out of our system,” Meaney said. “That was a new comms link we demonstrated, but we have the capability to interface with and interact with other communications systems that are out there. We also are integrated into the combat systems on the ship, so the information flowing from our system can be connected to those combat systems, and those combat systems are being connected via other activities into the larger kill web, if you will.”
He said this approach is in line with the Defense Department’s larger push to ensure sensors and platforms are interconnected to rapidly and seamlessly share data so commanders have what the department calls decision advantage.
In terms of forthcoming capabilities, Meaney said Northrop is investing significant research and development dollars toward introducing artificial intelligence and machine-learning algorithms to the system. The aim is to have these capabilities be able to rapidly identify unknown emitters and provide estimates on what those are, and create jamming waveforms on the fly. (Source: Defense News)
02 Aug 21. Horizon Technologies Announces New BlackFish™ Tri-Band SIGINT System. On 2 August 2021 Horizon Aerospace Technologies (a wholly-owned subsidiary of Horizon Technologies) announced the release of a new airborne SIGINT product: BlackFish™ a small airborne qualified, Sat Phone SIGINT system which simultaneously monitors the Iridium, Thuraya, and Inmarsat (IsatPhone Pro) Sat Phone networks. Due to its small size and weight (8kg), it is ideal for fixed and rotary wing manned and unmanned aircraft. Horizon Technologies’ CEO John Beckner said, “Horizon Technologies has been listening to our customers who want smaller, lighter systems and the ability to simultaneously monitor multiple Sat Phone networks. They also want a common SIGINT product across manned aircraft and UAVs. BlackFish™ is the answer to these requirements and like all our products is non-ITAR.”
Blackfish™ uses Blackfish™state-of-the-art technology, and is based on a Software Defined Radio (SDR), equipped with powerful CPU and GPU processing capacity, a passively cooled system ensuring maximal reliability and performance. The system has no moving parts which ensures high reliability during operation in extreme conditions. It is fully qualified to DO-160. BlackFish™ is a completely self-contained Sat Phone monitoring system; it doesn’t require any external peripherals like external RF switching and complex cabling or multiple antennas which impacts the overall reliability of the system. The highly sensitive L-band receiver front-end targets Sat Phone communications, and the system offers maximum out of band rejection of interference frequencies while being broadband, and having an excellent dynamic range to handle near-far radio scenarios. With our proprietary software, it can be easily integrated into aircraft tactical mission systems to look like one of many ISR sensors.
Blackfish™ is now in production, and Beckner announced “We will have an actual production version at our stand at DSEI 14-17 September 2021 (UK Pavilion: H2-958), and will be demonstrating the system’s capabilities. While we are still supporting our legacy FlyingFish™ products, BlackFish™ is now our flagship product, and we are excited to be selling it to our worldwide government end users in support of their expanding ISR requirements.” Beckner added, “We have demo units available for evaluation anywhere worldwide and we look forward to engaging with our current and future customers to introduce BlackFish™ as the “go to” Sat Phone SIGINT solution.”
02 Aug 21. US Army working on cloud, data mesh capabilities for CPCE. The US Army officials are exploring ways to integrate cloud computing and mesh networking capabilities into the service’s Command Post Computing Environment (CPCE) system, as programme officials are in the midst of implementing cyber awareness applications in the platform.
CPCE officials and their counterparts at the army’s Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance, and Reconnaissance (C5ISR) directorate are working to evaluate the Rainmaker mesh data fabric application for artificial intelligence (AI)-enabled data networking and management capabilities on the CPCE.
Initiated in 2018 the CPCE is a single-mission command software suite designed to provide a common operational picture to ground commanders at the tactical level and above, according to an army fact sheet. Based on the SitaWare-powered core server hardware, the CPCE is capable of hosting “a comprehensive suite of software applications and services upon which warfighting functions can be converged and future applications can be built”, the fact sheet noted.
Rainmaker is a science and technology programme run out of the C5ISR directorate, focused on common data fabric integration and data transport among service sensors and platforms. Most recently, service leaders evaluated Rainmaker’s advanced data transport capabilities between low Earth orbit (LEO) and medium Earth orbit (MEO) satellite capabilities, in support of the service’s Integrated Tactical Network (ITN). (Source: Jane’s)
02 Aug 21. US Navy nears production decision on fleet’s electronic warfare system. The Navy is nearing a decision to OK production for a fleet electronic protection system, according to the system’s manufacturer.
The Advanced Off-Board Electronic Warfare sensor pod will be outfitted on MH-60 Sierra and Romeo helicopters to extend ships’ line-of-sight limitations in the electromagnetic spectrum.
“The technical data has been submitted and we’re square there, and we expect a final decision in the next 30 to 60 days timeline and then expect immediately, shortly after that, to move into low-rate initial production,” Joe Ottaviano, director of maritime and airborne cyber and electronic warfare at Lockheed Martin, told C4ISRNET regarding an impending Milestone C decision from the Navy.
The system can work in coordination with the fleet for extended electronic warfare protection, but can also autonomously work in a denied environment, Ottaviano, said.
While it has undergone some flight tests, more testing must be done.
While Lockheed worked with the Navy on the program, Ottaviano said, they have learned how the system interacts with the environment and seen ancillary capabilities not specifically intended during initial design.
“Whenever we roll out new systems … you quickly learn it does a lot of things, capability you didn’t actually plan for,” he said.
He pointed to a similar case with the Surface Electronic Warfare Improvement Program, or SEWIP Block II, which Lockheed is providing to the Navy for ship-based electronic protection.
When SEWIP was being installed on ships, Ottaviano said, the firm noticed new capabilities it didn’t initially realize.
Lockheed recently delivered the 100th Block II system to the Navy.
Ottaviano praised the ability to deliver over-the-air updates to the system, allowing for the insertion of new software and firmware as needed to address new threats. Additionally, there will be a hardware refresh this year for the program.
Continued EW investment
Ottaviano said Lockheed’s Spectrum Convergence business is using open architecture and investments to create offerings across the services, meaning architectures built for sea-based platforms are now used for ground and airborne platforms.
He said Lockheed is also considering greater investments in artificial intelligence and machine learning that would provide recommendations to operators and additional analysis of the electromagnetic environment.
Moreover, it is meant to help operators assess the success of a certain effect.
“Let’s say I’m providing an effect through whether it’s cyber, EW, converged effect. How good am I doing with that effect? That’s always been something that’s been somewhat of a challenge for passive and electronic warfare systems,” he said. “If I provide an EA effect or a cyber effect, how do I know it’s working?”
“That’s another place we’re investing, and [AI and machine learning come] in because you can see behavioral changes in the target from what you’re providing that effect, and it’s faster than an operator can see,” Ottaviano added. “That system can learn and say: ‘Hey, this worked, this didn’t, do this next time, don’t do that next time.’ Those are the kind of capabilities we’re doing now.” (Source: Defense News)
02 Aug 21. HENSOLDT investigates modernisation of Eurofighter self-protection system. Sensor solution provider HENSOLDT has been commissioned by the German procurement authority BAAINBw to investigate the modernisation and performance enhancement of the Eurofighter self-protection system in a multi-year study. The BAAINBw’s study mandate aims to ensure the Eurofighter’s assertiveness and survivability even against the most modern threats, such as long-range integrated air defence systems and highly agile radars. At the same time, new cyber security requirements, the use of commercial-off-the-shelf (COTS) components and the new Eurofighter design and development standards will be taken into account. The results of the investigations will be worked out in close cooperation with the German Air Force and regularly presented to the customer by means of hardware and software demonstrations.
While the existing Eurofighter self-protection system is being continuously improved with various individual measures, preparations for a comprehensive weapon system update have begun with the Eurofighter Long Term Evolution (LTE) programme to ensure operational capability well into the 21st century and for future adaptations. To this end, the EuroDASS consortium (Leonardo UK, Elettronica, Indra, HENSOLDT) has developed a redesign of the self-protection system under the name Praetorian eVolution (eVo for short).
“We are pleased to be able to support and accelerate the four-nation LTE programme and the maturity of the targeted new Praetorian eVo self-protection system with this investigative contract,” said Celia Pelaz, HENSOLDT’s chief strategy officer and head of the Spectrum Dominance/Airborne Solutions division.
The existing Praetorian self-protection system protects the Eurofighter from radar- and infrared-guided missiles. The integrated sensor and jamming equipment also provides a precise situation picture and enables state-of-the-art electronic deception techniques. HENSOLDT has been a member of the EuroDASS consortium for decades and is involved in the development of Praetorian eVo. As a specialist in EloKa applications, HENSOLDT has supplied self-protection suites for helicopters and fixed-wing aircraft to customers all over the world, among others. With ‘Kalaetron’, HENSOLDT has a fully digitalised product family of sensors and jammers for electromagnetic signals.
30 Jul 21. MQ-4C Triton Completes First Flight in Multi-Intelligence Configuration. Milestone demonstrates significant progress toward initial operating capability. A Northrop Grumman Corporation (NYSE: NOC)-built MQ-4C Triton took to the skies for the first time in the highly upgraded multi-intelligence configuration known as integrated functional capability four (IFC-4). Triton is the U.S. Navy’s premier high-altitude, long-endurance (HALE), maritime intelligence, surveillance and reconnaissance (ISR) platform.
“The multi-intelligence configuration of Triton will completely revolutionize how the U.S. Navy and Royal Australian Air Force conduct maritime patrol and reconnaissance missions,” said Doug Shaffer, vice president and program manager, Triton programs, Northrop Grumman. “Multi-intelligence capabilities, coupled with Triton’s long-range sensors and 24-hour endurance, will enable an unprecedented amount of maritime situational awareness to inform real-time decision making at tactical to strategic levels.”
Northrop Grumman is working closely with the Navy to progress Triton toward initial operating capability (IOC) and world-wide deployments. The multi-intelligence configuration will also enable the Navy to retire the EP-3E Aries as Triton will be able to assume the intelligence collection missions currently conducted by the Aries.
“This hugely important milestone for our Triton Multi-INT program is the culmination of over five years of intense engineering, integration and test, and represents the efforts of the hundreds of team members who have worked so tirelessly to achieve this Herculean task,” said Capt. Dan Mackin, Persistent Maritime Unmanned Aircraft Systems program manager. “The Multi-INT capability that the U.S. Navy and Royal Australian Air Force have procured through Northrop Grumman, our Naval Warfare Centers and our GFE partners is like no other – 360 degree AESA maritime radar, full-motion EO/IR video streaming, high-altitude, long-endurance, full-spectrum signals intelligence and the pipes to send multiple data types to ships, aircraft and intelligence community ground stations allow our forces to hold adversaries at risk and protect the peace which is so vital to our national interest.”
The U.S. Navy is currently operating two Tritons in the Pacific region in the baseline configuration as part of an early operational capability deployment. The Triton program expects to achieve IOC in 2023, and the Navy will eventually maintain five 24/7 operational orbits with a planned 68-aircraft program of record.
Northrop Grumman’s family of autonomous high-altitude, long-endurance systems perform critical wide-area ISR collection. Today, autonomous HALE systems operate across the globe, with greater than 24-hour endurance, collecting essential ISR data over land and sea to enable rapid, informed decision-making. In the future, these systems will connect the joint force, implementing advanced autonomy and artificial intelligence/machine learning while delivering indispensable capabilities with fewer people to provide information at the speed of relevance.
Northrop Grumman solves the toughest problems in space, aeronautics, defense and cyberspace to meet the ever evolving needs of our customers worldwide. Our 90,000 employees define possible every day using science, technology and engineering to create and deliver advanced systems, products and services.
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.