Sponsored by Spectra Group
23 Feb 21. Cyber Workforce Vital to Protecting National Security. During Engineers Week, the Defense Department is highlighting its efforts to develop a diverse and well-educated future engineering workforce and to increase understanding of and interest in engineering and technology.
The Defense Department’s cyber workforce is tasked with defending virtually every system that the department relies on to protect national security, a cyber leader discussing the department’s missions, technology and workforce said.
John Marx, acting principal director for cyber modernization, office of the undersecretary of defense for research and engineering, spoke this week as part of Engineer Week.
The goals of modernizing cyber capabilities within the Department of Defense, he said, are:
- The first is to advance the department’s ability to develop and deploy cyber-resilient systems. “These systems and infrastructures that are built to withstand the kinds of cyber attacks that we know about today, but also with the capacity and agility to be rapidly updated to address new threats as they emerge in an operational environment.”
- The second goal is to develop an unrivaled capability for highly integrated cyber and electromagnetic spectrum operations in support of national strategic objectives. “These will enable the Department of Defense to achieve information advantage across all domains of operations and through all phases of conflict.”
- The third goal, which directly supports the first two, is to build a cyber and electromagnetic spectrum expertise that is unrivaled throughout the world. “Without a workforce made up of innovative, creative and driven experts with expansive knowledge of how software makes complex systems function and who truly understand the limits of this software, those first two goals are unachievable.”
Besides these three primary missions, DOD supports the critical civilian infrastructure at times of need when it is requested by those by those infrastructure owners, under authorities, such as the Defense Support to Civil Authorities, Marx said, adding that this support happens in close collaboration with other federal agencies and local entities.
The department is always seeking cyber talent as well as talent residing in its workforce. DOD is looking for individuals who have a strong understanding of how software drives complex systems, Marx said.
Computer engineers, software engineers and electrical engineers, who are often associated with the cyber workforce, typically possess this kind of knowledge. Individuals with those academic backgrounds will always be in high demand to fill cyber positions, he said, but it’s important for engineers of every discipline to have an understanding of how what they do intersects with the cyber domain. Mechanical, aerospace, civil, chemical and biomedical engineers all should have a strong understanding of how their fields of practice rely on cyber systems.
“The extent at which software drives everything is an exciting and interesting area,” Marx said. “Understanding how software works, especially in the face of a determined adversary who might seek to do us harm, is important.
All types of engineers have a natural curiosity to learn how things work, and then to figure out how to make them work better, Marx said. “When our engineering workforce, regardless of discipline, possesses a level of knowledge in cybersecurity, where they can then innovate and communicate effectively with experts who spend all of their time within the cyber domain, then we’re going to be able to make great strides in our ability to deliver systems that can withstand cyber attacks and achieve information advantage on the battlefield.”
There are a couple of ways that engineers, aspiring engineers and students can gain more knowledge in cybersecurity, he said. Colleges typically have hacking clubs, for instance. Getting connected with these groups is a great way to learn some of the basics of hacking and cybersecurity. They can also help prepare for capture-the-flag-type competitions, where these skills can be put into practice.
Another thing engineers can do is learn to code, he said. Whatever the venue, be it a local college or online class, learning to code is one of the best ways to enhance one’s knowledge of how software makes the world work.
Marx spoke of experiences he had with non-cyber engineers participating in capture-the-flag-type events.
During last year’s Hack-a-Sat competition, which was put on by the Air Force, Space Force and Defense Digital Service, there were several aerospace engineering students who participated who had never taken part in a hacking event before, he said. “Their feedback was, ‘Well, geez, this was a lot of fun. We, we learned a lot, and we want to come back and learn more and do it again.'”
Marx noted that there are a lot of new and exciting innovations in technology on the horizon that will improve cybersecurity. For example, artificial intelligence and human machine teaming will likely contribute to automating many of the processes that are now being done manually in the design and operation of cyber resilient systems. But at the end of the day, there will always be a need for the skilled, motivated cyber operator or engineer, who can apply their knowledge to solve higher-order problems. (Source: US DoD)
23 Feb 21. After SolarWinds, US needs to toughen cyber defenses, says Microsoft president. In the wake of a sweeping hack that may have revealed government and corporate secrets to Moscow, the U.S. must strengthen its cyber defenses and prepare a “robust menu” of responses to attacks, Microsoft Corp. President Brad Smith said Tuesday.
The breach, which hijacked widely used software from Texas-based SolarWinds Inc., has exposed the profound vulnerability of civilian government networks and the limitations of efforts to detect threats.
The U.S. must draw a lesson about danger cyberattacks pose to American civilians from the recent severe weather power grid collapse in Texas and a hacker’s botched attempt to poison the water supply of a small Florida city, Smith told the Senate Armed Services Committee.
“Think about the danger to American civilians if there is a disruption of the water supply, and then think about a future where a nation need not send missiles or planes but can simply send code to do its fighting for it,” Smith said.
“We need to strengthen the nation’s digital infrastructure and digital defenses, and that touches every part of the public sector, and every part of the private sector as well.”
Beyond modernizing dated information technology infrastructure, Smith suggested Congress address gaps in intelligence sharing between private companies and the government, and in the government’s intelligence gathering. For example, the National Security Agency’s authority allows it only to look outside U.S. borders, when it appears the SolarWinds hack used data centers of private firms inside the country.
The government, Smith said, should default to “a culture of a need to share,” though with privacy controls and divisions between the public and private sectors, using AI-assisted data aggregation.
The comments came as panel lawmakers on both sides of the aisle voiced worries about Russian hacking and that the Pentagon isn’t investing correctly to codevelop advanced capabilities to counter Chinese dominance in the tech sphere.
Experts testifying before the panel sounded the alarm that the U.S. could fall behind in semiconductors, artificial intelligence, quantum computing, biotechnology, hypersonic weapons and 5G networking. However, the SolarWinds hack surfaced repeatedly.
President Joe Biden plans to release an executive order soon that will include about eight measures intended to address security gaps exposed by the hack. The administration has also proposed expanding by 30 percent the budget of the U.S. Cybersecurity and Infrastructure Agency, now under intense scrutiny because of the SolarWinds breach.
Biden, making his first major international speech Friday to the Munich Security Conference, said that dealing with “Russian recklessness and hacking into computer networks in the United States and across Europe and the world has become critical to protecting our collective security.”
At Tuesday’s hearing, Sen. Richard Blumenthal, D-Conn., said the SolarWinds hack signaled a need to strengthen supply chain defenses and that Russia needed to “pay a price” for the hack.
“There has been no proportionate response, no response whatsoever that I’ve seen to the SolarWinds attack, and I think that making our adversaries, Russia in particular, pay a price for this attack is absolutely necessary, and that is one of the ways to establish some rules of the road,” Blumenthal said.
Smith agreed that the Biden administration, working with allies, should hold offenders accountable.
“I think it needs to start by public accountability, with the United States and other governments as the country did in 2017 twice: after WannaCry and not NotPetya [cyberattacks],” Smith said.
“Then there needs to be … a range of responses for different circumstances, but it needs to be a robust menu, and we’re going to need an executive branch that has the confidence and the support of the American public to carry them out.” (Source: Defense News)
23 Feb 21. Australia releases cyber security guide for SMEs. The federal government has developed a cyber security guide in conjunction with the defence industry, designed to ensure businesses implement appropriate safeguards before engaging in defence projects.
Minister for Defence Industry Melissa Price has announced the launch of a new ‘go to’ cyber security guide, ‘Working Securely with Defence’, in a bid to enhance security practices across the sector.
The guide has been developed by Defence in conjunction with the AiGroup, the Australian Signals Directorate (ASD), the Australian Security Intelligence Organisation (ASIO) and the Australian Cyber Security Centre (ACSC) over the past 12 months.
“The development of this guide has been a genuine team effort, drawing on deep expertise and connections across government, Defence, Australian defence industry and industry associations,” Minister Price said.
“It has been developed by industry for industry and will help businesses understand what they need to do to improve their security practices.
“The guide also provides direction and support to current and prospective defence industry and supply chain providers on how to understand their security obligations and improve their security practices when delivering Defence capability.”
Minister Price said the guide complements Defence’s ‘Five Pillars’ strategy.
“I am making sure Defence works with our industry partners, especially when it comes to cyber security, so that businesses can be ready and more experienced as we come back from COVID-19,” the minister said.
Australian Industry Group national president Chris Jenkins added: “The guide brings together a wealth of relevant information to assist the Defence industry and help build the security culture, compliance and resilience of the sector.
“This is so important to the strategic priorities of Australia, ensuring that both industry and Defence are working on the same page.
“We would especially like to thank all those involved, including the Ai Group Defence Council members, who shared their time, knowledge, expertise, experience and insights in contributing to the development of this guide.”
The release of the guide comes amid research which found that 40 per cent of businesses applying to win Defence work have “insufficient” cyber security measures, which fail to meet Defence’s standards.
According to Defence, more than 600 companies have been offered support to improve their security through the Defence Industry Security Program (DISP).
The DISP, which comprises of over 230 programs, aims to ensure businesses meet their security obligations when engaging in Defence projects, contracts and tenders.
This forms part of the government’s $15bn investment in enhancing cyber and information warfare capabilities over the coming decade, with $1.35bn committed to combating malicious cyber activity.
This includes $31m to provide ASD with the capability to disrupt cyber crime offshore and $35m to deliver an enhanced cyber threat-sharing platform.
A further $12m is expected to be invested in new strategic mitigations and active disruption options, while $118m is set to be spent expanding ASD’s data science and intelligence capabilities. (Source: Defence Connect)
23 Feb 21. Northrop Grumman Communications Systems Provide Foundational Elements for JADC2. Anticipating how adversaries are likely to employ new operational concepts and systems has always been important, but in an era of rapid digital transformation, it’s fundamental and critical to all U.S. Department of Defense (DOD) efforts. Understanding how these adversaries are harnessing new technology, responding with new operational concepts and enhanced lethality in accelerated timelines is how DOD intends to retain a strategic advantage on the battlefield.
Northrop Grumman’s Battlefield Airborne Communications Node (BACN) gateway system recently reached 200,000 combat operational flight hours since its first deployment with the U.S. Air Force in 2008.
There is no doubt that we are facing new and increasingly sophisticated threats from near-peer adversaries, underscoring the importance of innovation in order to maintain an advantage in an age of technology-driven warfare.
One DOD initiative, Joint All-Domain Command and Control (JADC2), sits at the center of technology-driven modernization. The DOD summarizes JADC2 as “an effort to integrate sensors with shooters across all domains, commands and services.”
With its focus on integration, it is clear that communications and networking capabilities will be essential to help DOD realize its vision for JADC2. As JADC2 seeks to connect communications nodes, shooters and platforms across all domains and branches of the military, cyber-secure, integrated, open architecture communications capabilities will be critical.
For 60 years, Northrop Grumman has been a leader in the design, development and delivery of end-to-end communications and advanced networking capabilities sought out by U.S. and allied military forces. Today, the company’s communications systems are already bringing forward the integrated, open and advanced networking capabilities needed to support the foundation of JADC2.
Northrop Grumman’s gateway offerings—communications systems that help the DOD securely share mission information across military branches—are one example of how the company is already enhancing the flow of data and strengthening the overall command-and-control structure of the DOD.
Northrop Grumman’s gateway systems have an extensive track record of helping interconnect branches of the military. The company’s leading Battlefield Airborne Communications Node (BACN) gateway system recently reached 200,000 combat operational flight hours since its first deployment with the U.S. Air Force in 2008.
Northrop Grumman’s BACN offerings have been one of the Defense Department’s most enduring capabilities, delivering interoperable voice and data communications between boots on the ground and pilots in the sky since 2008. Northrop Grumman’s BACN gateway system and sustainment efforts, combined with both manned and unmanned aircraft, provide warfighters an essential round-the-clock capability—enabling the enhanced communications and situational awareness picture needed to defeat threats in the most challenging battlefield environments.
Northrop Grumman’s BACN offering is a high-altitude, airborne communications gateway that translates and distributes imagery, voice and tactical data from disparate elements—enhancing situational awareness communications and coordination for joint warfighters operating across space, air, land and sea. It is also one of the first battle-tested gateway systems to enable warfighters and platforms to effectively communicate and securely share data across all branches of the DOD.
Over the course of more than 15,500 missions, enabled by sustainment support that delivers uninterrupted mission readiness, the BACN gateway system has a mission availability rate greater than 98 percent. Northrop Grumman takes an agile approach to introduce new capabilities on the BACN gateway system such as the integration of new automation software, implementation of agile software development processes, and the incorporation of enhanced military standard communications protocols—all to meet emerging mission demands.
The open architecture design and cyber-secure processing of the BACN gateway system, coupled with its ability to easily integrate advanced technologies and proven track record of success, make this system well suited to meet the needs of JADC2.
According to David Deptula, dean of the Mitchell Institute for Aerospace Studies, “BACN’s operational success suggests that it, or similar data translators, could help build an ethereal nervous system for JADC2.”
Northrop Grumman is also bringing forward a new family of gateway systems that are designed to enable communications and cross domain translations between multiple beyond line-of-sight and line-of-sight networks and datalinks—inclusive of 5th-to-4th generation capabilities. The development of these systems includes a focus on cyber-secure and integrated functions such as cloud computing, machine learning and secure and ethical artificial intelligence, among other capabilities.
Another example of Northrop Grumman’s JADC2 offerings can be found in the company’s Communications, Navigation and Identification (CNI) system. Northrop Grumman pioneered the design of its CNI system—currently used across a number of high-profile DOD platforms—to provide more than 27 fully-integrated communications, navigation and identification functions.
Over the years, the company’s CNI systems have been battle-tested and proven to enhance warfighters’ situational awareness; improve interoperability across platforms; adapt to emerging mission demands; and securely distribute critical information needed for mission success.
The software-defined nature of Northrop Grumman’s CNI system allow for continuous enhancements and its signature design will open up the company’s CNI offering to provide new functionality, such as the use of third-party capabilities that will help meet the advanced networking needs of JADC2 efforts.
A third example of Northrop Grumman’s JADC2 offerings is tied to the U.S. Air Force Advanced Battle Management System (ABMS) initiative. According to the Air Force, ABMS is the services’ primary contribution to Joint All-Domain Command and Control efforts.
In support of ABMS, Northrop Grumman is rapidly working on developing and fielding a gatewayONE prototype by leveraging its proven Freedom Radio and gateway technologies. Freedom multifunction, software-defined radios are the heart of the F-22 integrated avionics suite and F-35 communications, navigation and identification system.
On December 9, 2020, Northrop Grumman’s Freedom Radio supporting ABMS efforts, successfully integrated with an attritableONE platform and enabled 5th-to-5th generation aircraft communications. According to the Air Force, “…this test was the latest demonstration of the transformative warfighting impact of the open architecture underpinning the Advanced Battle Management System.”
The signature design and open architecture functionality of the Freedom Radio supporting gatewayONE will enable 5th- to-4th generation platforms to communicate and extend capabilities to enable multiple 5th generation platform types to share and integrate data, helping make network-centric operations and JADC2 a reality for the DOD.
As the DOD moves forward to network-centric operations, Northrop Grumman is well suited to strengthen the DOD’s ability to maintain a strategic advantage in the new age of technology-driven warfare, supporting the open and integrated communications architecture needed for JADC2. Visit Connecting The Joint Force As One to learn more.
22 Feb 21. Chinese spyware code was copied from America’s NSA: researchers. Chinese spies used code first developed by the U.S. National Security Agency to support their hacking operations, Israeli researchers said on Monday, another indication of how malicious software developed by governments can boomerang against their creators.
Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.
Yaniv Balmas, Checkpoint’s head of research, called Jian “kind of a copycat, a Chinese replica.”
The find comes as some experts argue that American spies should devote more energy to fixing the flaws they find in software instead of developing and deploying malicious software to exploit it.
The NSA declined comment. The Chinese Embassy in Washington did not respond to requests for comment.
A person familiar with the matter said Lockheed Martin Corp – which is credited as having identified the vulnerability exploited by Jian in 2017 – discovered it on the network of an unidentified third party.
In a statement, Lockheed said it “routinely evaluates third-party software and technologies to identify vulnerabilities.”
Countries around the world develop malware that breaks into their rivals’ devices by taking advantage of flaws in the software that runs them. Every time spies discover a new flaw they must decide whether to quietly exploit it or fix the issue to thwart rivals and rogues.
That dilemma came to public attention between 2016 and 2017, when a mysterious group calling itself the “Shadow Brokers” published some of the NSA’s most dangerous code to the internet, allowing cybercriminals and rival nations to add American-made digital break-in tools to their own arsenals.
How the Jian malware analyzed by Checkpoint was used is not clear. In an advisory published in 2017, Microsoft Corp suggested it was linked to a Chinese entity it dubs “Zirconium,” which last year was accused of targeting U.S. election-related organizations and individuals, including people associated with President Joe Biden’s campaign.
Checkpoint says Jian appears to have been crafted in 2014, at least two years before the Shadow Brokers made their public debut. That, in conjunction with research published in 2019 by Broadcom Inc-owned cybersecurity firm Symantec about a similar incident, suggests the NSA has repeatedly lost control of its own malware over the years.
Checkpoint’s research is thorough and “looks legit,” said Costin Raiu, a researcher with Moscow-based antivirus firm Kaspersky Lab, which has helped dissect some of the NSA’s malware.
Balmas said a possible takeaway from his company’s report was for spymasters weighing whether to keep software flaws secret to think twice about using a vulnerability for their own ends.
“Maybe it’s more important to patch this thing and save the world,” Balmas said. “It might be used against you.” (Source: Reuters)
22 Feb 21. US Industry Struggles To Strip Chinese Tech From Networks. “[N]obody was watching too closely to see just how far these Chinese components and hardware have infiltrated U.S. businesses,” one telecoms expert says.
More than two years after Congress passed two laws to strip Chinese hardware and software from US defense and telecommunications supply chains, industry is struggling to figure out how.
“No one really has the answers on some of this stuff,” Nick Jones, director of regulatory policy at the National Defense Industrial Association (NDIA), said in an interview.
One key problem, Jones explained, is that neither DoD nor the FCC have issued lists of what equipment is banned by the laws.
“Good national security intentions, but poor execution thus far,” one telecoms expert summed up.
The 2019 National Defense Authorization Act (NDAA) included section 889 which prohibits the federal government, contractors, and federal grant/loan recipients from buying or even using “covered telecommunication equipment or services” from Huawei, ZTE, Hytera, Hikvision and Dahua and their subsidiaries as a “substantial or essential component of any system, or as critical technology as part of any system.” It also allows the Defense Secretary, the Director of National Intelligence and/or the FBI Director to “add to the list at anytime.”
DoD, the General Services Agency (GSA) and NASA in July 2020 issued a Federal Acquisition Regulation (FAR) “interim rule” to implement the provision, and followed up with a second one in late August aimed at helping companies through the process of certifying compliance.
Congress in 2019 also passed the Secure and Trusted Communications Networks Act of 2019 directing the FCC to figure out how to remove and replace Chinese equipment from US telecoms networks, known as the “rip and replace” program. The bill also provided $1.89bn in FCC funds to help small and rural broadband providers comply. The FCC issued a new draft rule Thursday that would expand the pool of potential aid recipients — upping the cap from firms with 2 million customers to those with 10 million.
While the FCC rules do not directly affect most of the defense industrial base, DoD is working closely with affected commercial telecoms providers to speed 5G wireless connectivity to military users at home and abroad.
For example, DoD in October awarded some $600m in contracts for 5G experiments at five bases belonging to the Air Force, Army, Navy and Marine Corps. Joseph Evans, technical director for 5G in the DoD undersecretariat for research & engineering, said the awards involve “over three dozen contracts [with] prime contractors [and] over 100 total companies, over half of them non-traditional” – that is, commercial tech companies rather than longstanding defense contractors. (Awardees range from telecoms giants AT&T and Nokia to the tiny Shared Spectrum Company that has 14 employees.)
It is the second part of the 2019 NDAA Section 889 (Part B) — which covers third-party providers of systems, parts and services — that is causing the most trouble for defense contractors, Jones explained. Smaller firms in particular are struggling, he added, since they don’t have the resources the big primes do to engage legal and regulatory expertise to help.
Part B “has caused greater headaches for US Government contractors because of its broader reach,” stated a November blog post by law firm Baker MacKenzie. “It is not necessary that the Covered Equipment be used as part of the contract with the US Government to fall within the scope of the prohibition; rather, it is sufficient only that the offeror uses Covered Equipment as part of its overall business, making the breadth and applicability of this rule quite wide.”
For example, corporate leaders are scratching their heads over whether Chinese-made cameras for facility security are barred by Section 889, and what can be bought to replace the prohibited gear, Jones said.
“You know, security cameras looking at parking lots. So we’ve had people just rip those out, or turn them off,” he elaborated. “And there’s no replacement lists anywhere. Also cameras for things like simulation training and simulation applications that may have some of these [barred] components in there, and again, there’s no list.”
“The guidance/law is at the policy level and implementation is going to be hard, in part because nobody was watching too closely to see just how far these Chinese components and hardware have infiltrated U.S. businesses,” the telecoms expert said. “It’s going to take a while, and cost a lot, to purge them and I doubt it will be effective.
“Chip-level compromises, at the nation state level, are very hard to defeat and imposing this on industry without specific guidance makes it harder. It’s also imposing real costs on industry, which only makes sense if enforcement / market compliance incentives will follow,” the expert added.
Interestingly, the FCC regulations might actually help defense contractors implement Section 889, Jones noted, because the FCC is actually required to publish a list of barred equipment — a list that is expected to be released sometime next month. Further, that list will be based in part on determinations by DoD and the Intelligence Community as to what specific equipment should be deemed high risk, according to the FCC.
Tracking down the hundreds of subsidiaries for the five Chinese firms blacklisted in the NDAA also is a Sisyphean task, Jones said. While DoD has provided some guidelines for how contractors should conduct a “reasonable inquiry” into whether they (and their suppliers) are complying with the law, he explained, the Pentagon hasn’t actually name names of blacklisted subsidiaries. (Nor has the FCC provided a subsidiary list in its regulations implementing the rip and replace law.) (Source: glstrade.com/Breaking Defense.com)
22 Feb 21. Viasat Receives Enhanced Cybersecurity Services Accreditation from the U.S. Department of Homeland Security. Viasat Named One of Four Companies Authorized to use U.S. Government Provided Classified Cyber Threat Intelligence to Detect Malicious Activity for U.S.-based Public and Private Entities, including State and Local Governments Viasat Inc. (NASDAQ: VSAT), a global communications company, announced today it is part of an elite community of commercial service providers approved to receive cyber threat intelligence through the Department of Homeland Security (DHS) Enhanced Cybersecurity Services (ECS) program. As an accredited ECS provider, Viasat will receive DHS-provided sensitive and classified cybersecurity threat indicators and information to defend U.S.-based public and private computer networks, including state and local governments, against unauthorized access, exploitation and data exfiltration.
DHS accredited Viasat as one of four companies able to pass stringent ECS program requirements following an audit of Viasat’s cybersecurity capabilities, security architecture and facilities. All DHS ECS service providers must achieve a high standard of security competence and compliance, including maintaining the ability to safeguard sensitive and classified information, and security approvals for personnel, facilities and computer network systems.
Ken Peterman, president, Government Systems, Viasat commented, “The added DHS ECS intelligence coupled with the advanced capabilities inherent in the Viasat cyber offering, enables us to better fortify our customers’ cyber posture and maintain a vigilant and watchful defense against the world’s most advanced adversaries. This added insight allows us to create a more accurate, customized, real-time cybersecurity picture that will enable customers to reach advanced cyber resiliency levels needed to reduce overall risks against cyber threats.”
How Viasat’s ECS solution works
Viasat’s ECS solution is unique in that it uses Viasat’s National Security Agency (NSA)-certified Trusted Cyber Sensor (TCS) to monitor network traffic with government provided classified indicators without routing traffic through its data center. Viasat strategically places its TCS devices within a customer’s network and securely manages, maintains and configures them remotely from Viasat’s Cyber Security Operations Center (CSOC). Once in the customer’s network, the TCS devices inspect network traffic on-premises, inside the customer perimeter boundary, ensuring customer privacy is preserved.
Viasat’s ECS solution is the first to take advantage of the ECS Netflow Analysis capability, which provides network traffic flow indicators to help customers detect malicious activity within their network, in addition to the traditional email and domain name indicators. These indicators can be sent by DHS up to six months in advance of them appearing on other premium, commercially-available threat intelligence feeds——which means customers may detect serious threats before their current technology stack of security tools detects them. If the Viasat CSOC uncovers a security incident, the customer is immediately notified, sent actionable information to quickly triage and remediate the situation and is made aware of additional support resources to help them respond. In fact, Viasat offers a full range of Managed Detection and Partnered Response (MDPR) services integrated with, and complementary to, the ECS program.
Insights about Viasat’s threat detection service
Viasat has a world-class CSOC that uses an integrated and scalable cybersecurity model based on the MITRE ATT&CK® framework. Today, the Company analyzes 75,000 – 100,000 new indicators of compromise per day; 600,000 netflows of traffic data/minute and 27 terabytes of event data daily from commercial, enterprise, government and Department of Defense customers. Viasat processes this rich, diverse and large data set using proprietary analytics to create custom operationalized, contextualized and actionable intelligence for its premium level cybersecurity service.
19 Feb 21. Cubic Announces European Mission-Critical Communications Partnership. Partnership with Alea allows Cubic to provide a range of mission-critical communication broadband solutions for public safety and tactical markets.
Cubic Corporation (NYSE: CUB) today announced that its Cubic Mission and Performance Solutions (CMPS) business division signed an agreement with Alea, a company specializing in mission-critical communications software, for the joint development of public safety and tactical broadband solutions. Solutions developed under the partnership will leverage the 3rd Generation Partnership Project (3GPP) standardization body’s Mission-Critical Push-To-Talk (MCPTT) specifications for mission-critical communications over LTE.
Cubic’s radio gateway solutions, including the Vocality RoIP and DTECH M3-SE-MFGW, are compatible with a wide range of dispatch and push-to-talk (PTT) mobile app vendors. The addition of Alea MCPTT extends this support to include MCPTT-compatible vendors, providing customers with the confidence that their gateway solution is compliant with international standards for mission-critical communications.
“Support for MCPTT is a crucial product milestone for Cubic’s radio gateway products. This exciting new partnership further enables us to provide standards-based critical communications solutions to our first responder, disaster relief and defense customers,” said Mike Barthlow, senior vice president and general manager of Mission Communications and Computing, Cubic Mission and Performance Solutions.
Push-to-talk radios based on P25, TETRA, DMR and legacy analog technology are expected to be utilized for many years to come. However, there is an increased demand for a gateway solution that connects these radio technologies to cellular networks.
“Alea is excited to support the adoption of standards-based mission-critical solutions by the public safety community,” said Giuseppe Merlino, Alea CEO. “This new partnership confirms the quality of our solutions and is a source of pride for our company.”
As a leader in developing interoperability gateway solutions with integrated cellular modems, Cubic is already helping to provide a vital bridge between conventional push-to-talk radios and push-to-talk over cellular, allowing users to benefit from the latest cellular innovations while helping to protect the existing investment in traditional radio technologies.
For additional information on Cubic’s gateway products and services, please visit www.vocality.com and www.dtechlabs.com.
About Cubic Corporation
Cubic is a technology-driven, market-leading provider of integrated solutions that increase situational understanding for transportation, defense C4ISR, and training customers worldwide to decrease urban congestion and improve military effectiveness and operational readiness. Our teams innovate to make a positive difference in people’s lives. We simplify their daily journeys. We promote mission success and safety for those who serve their nation. For more information about Cubic, please visit the company’s website at www.cubic.com or on Twitter @CubicCorp.
Alea is an innovative software developer that boasts decades of experience in developing applications for mission-critical communications. The ISO9001 certified business prides itself on the partnerships it has created throughout Europe. (Source: BUSINESS WIRE)
17 Feb 21. Benefits of C3 modernization and network automation. Adopting new technologies and embracing digital transformation is a continuous process for everyone in the Industry 4.0 era, and the defense sector is no different. In 2019, the Department of Defense released its Digital Modernization Strategy, which highlighted four key strategic initiatives: Innovation for advantage, optimization, resilient cybersecurity, and cultivation of talent.
In order to achieve a competitive advantage and increase efficiency, defense forces must modernise their WAN to move data at greater speeds and scale. IP/MPLS may be the clear choice given its resiliency, multiservice support and ability to provide secure communications. However, WAN needs to use automation for high network agility, especially as the defense industry adopts new innovations for command, control and communication (C3) capabilities.
Army-technology spoke with Scott Robohn, CTO for Nokia Federal Solutions, about C3 modernization and network automation in the defense industry.
According to Robohn, although there is always a mixture of perspectives, overall there has been no active resistance to adopting automation.
“The defense industry has quite a track record for adopting new technology in many different forms to support their missions. Automation is sought out as a tool to increase mission effectiveness,” he explains.
That said, modernization is a broad term and the transition to innovation as par for the course can be a lot of work. Within the industry, there is the risk of an “if it’s not broke, don’t fix it” attitude slowing down modernization efforts.
Robohn explains: “Modernization presents a bigger set of challenges. For example, you may have a technology that’s widely deployed and still works, still performing as required. Efficiency gains through modernization may not be enough to justify or motivate the modernization effort, such as reducing rackspace and power consumption by 75% or more, especially as it may be hard to get to all the places where that technology (or equipment based on that technology) is deployed.”
As modernization and digital uptake are in many ways inevitable, the longer change is resisted; the more work it creates in the long run. As command, control and communications are key aspects of defense operations, it is essential that C3 modernization is an ongoing process.
“Because technology advances, there can be an increasing risk of not modernizing. Over time, we see specific expertise go away (through SMEs who retire, especially with specificities hardware expertise) and a decreasing supply of replacement components. This is especially for some communications technologies, that reach their end-of-support but are still in use.”
Five key benefits of network automation
So what does network automation offer the defense industry? The first benefit is consistency. Once automated, a process can be repeatedly executed in the exact same manner, which leads to predictability and ease of troubleshooting. Secondly, there is a reduced risk of error; assuming a process is programmed and automated correctly, even if there is an error that only shows up in very specific conditions, automated routines can be modified to account for the flaw.
Automation also allows for greater innovation. The act of thinking through a process and understanding why it’s done a certain way can lead to much more effective and efficient processes, which directly falls in line with The Department of Defense’s first modernization strategy initiative.
By moving to more automated processes, you remove humans from the “Click OK To Continue” loop and reduce delays associated with human cognition, leading to overall increased velocity in operations. Additionally, this frees people’s time up to work on more creative and challenging issues. Many people, especially network engineers, want to learn new things and routinize the mundane and repetitive tasks. Robohn cites Hackathons as a prime of example of nurturing talent and encouraging innovation. These events bring together a cross-functional team of network engineers for multi-day events focused on automating repetitive tasks.
5G’s role in automation and C3 modernization
An advantage of 5G is its ability to provide slices, which are virtual network partitions that contain dedicated resources in order to consistently meet specific requirements, such as bandwidth, security and latency, of the given application. Slices can be quickly created and deleted as missions are launched and completed.
“5G commercial adoption is well underway and will increase over the next 3-5 years,” Robohn explains. “And 5G network slicing is heavily dependent on automation.
“There are significant improvements with 5G that are going to allow for new applications, such as augmented reality and virtual reality. Not only does this give carriers new opportunities for revenue, but it also gives defense consumers the ability to use those applications for remote training applications and remote control of autonomous vehicles. One of the particular design goals for 5G centres on providing ultra-reliable low-latency communications.
In 2020, Nokia rolled out the world’s first automated 4G/5G network slicing within RAN, transport and core domains, including new network management, controller and orchestration capabilities.
“Nokia has done a great job of building a robust and complete end-to-end portfolio for 5G networking. Automation and orchestration of the separate network domains (Radio network, IP and Optical transport, and cloud data centre services) is complex, and Nokia has the tools and expertise to do this well. These are all very critical to accomplish dynamic 5G slicing.”
WAN automation is a necessary component for DoD’s Digital Modernization Strategy; it provides greater agility that matches increasing needs for greater speed and scale. As DoD looks to 5G, WAN automation is a must-have to get the most out of 5G Network Slicing and other key 5G features.
19 Feb 21. Live-fire drill puts Europe’s military cyber responders to the test. Military cyber response teams from 18 European nations went through a live-fire exercise this week designed to test the bloc’s ability to bundle its forces in the event of a cyberattack.
The event, organized by the European Defence Agency, is the opening salvo in a campaign that will stretch through the summer and include training sessions and conferences. The idea is to enhance cooperation in a field that, compared with the civilian world, is still loath to share sensitive threat data and tactics across borders.
It is the first time that officials are considering cyberthreats from a purely military perspective on a European Union scale. Defensive capabilities are seen as increasingly important because new weapon systems heavily rely on data and communications, which could make them easy targets for hackers.
Officials dubbed the drill a “live-fire” event because it played out on a cloud-based cyber range with real targets. Three teams of opposing forces, including one composed of experts from five member states, required defending teams to react to unforeseen attacks. The scenario included figuring out where attacks originated and determining who was behind them.
Mario Beccia, EDA project officer for cyber defense, said the drill’s focus was to help teams work together across nations rather than employing the latest technology. “It is our attempt to create a structure where military personnel can focus on cooperation,” he said in a Feb. 17 virtual news conference.
Typical challenges that computer emergency response teams, or CERT, in armed services face include protecting the control infrastructure of drones and spacecraft, Beccia said.
EDA officials hired Estonian company CybExer Technologies to provide the cyber range for the exercise, enabling participants to log on remotely. The company also contributed two of the red teams.
Finding a cloud-based vendor was necessary because existing exercise infrastructure in the member states requires physical access to servers and computers, said Beccia. Such an insular mindset is emblematic for the secretive world of military cyber response.
“Military units are used to working in silos,” Aare Reintam, CybExer’s chief operating officer, told reporters.
Added Beccia: “Cooperation between military CERTs at the moment is low.”
Next up on the exercise schedule is a June conference for digesting lessons learned and formulating strategic-level steps toward improved cooperation, according to an EDA statement. (Source: C4ISR & Networks)
22 Feb 21. DIN calls for proposals in Cyber security and Undersea Surveillance. The NSW Defence Innovation Network (DIN) is calling for collaborative proposals in the field of Cyber security and Undersea surveillance. Through its Strategic Investment Initiative, DIN will invest $1m of research funding in developing cutting-edge prototypes for defence use.
With the recent announcement that Cyber Security and Undersea Surveillance are priority areas for Defence investment, the DIN has established the Strategic Investment Initiative (SII).
The purpose of the SII is to enable multi-disciplinary teams to produce two prototypes, to create lasting links to the defence industry, to catalyse commercialisation and additional investment in research and development in NSW.
A key objective is to build capability in the State by funding collaborative research that will enable a prototype to be made within a 12-18 month timeframe, suitable for a ‘demonstration’ of the new capability of the integrated system.
The Initiative is funded by the NSW Government and the Department of Defence through the Next Generation Technologies Fund.
Completed proposals must be submitted electronically by 5 pm, 5 March2021 to email@example.com.
Download DIN SII_Guidelines_amended_02_02_2021
18 Feb 21. Special Forces to build ‘influence artillery’ for online campaigns. To stay ahead of rapidly moving threats in the information space, 1st Special Forces Command is building an Information Warfare Center that will specialize in “influence artillery rounds.”
Critical to Special Forces’ role is deploying to remote locations while still being able to effectively message portions of a population.
The center, to be based at Fort Bragg, will consolidate the command’s psychological operations capabilities and will wrap around other information related capabilities such as cyber and space, Col. Ed Croot, chief of staff at 1st Special Forces Command, said in a Feb. 17 virtual presentation for AFCEA TechNet Augusta.
Ideally, the center will see, sense or detect adversary activity around the globe in physical and virtual spaces and within minutes, push that information to those that need it.
The team members will specialize in developing what Croot called influence artillery rounds, no easy task since in the influence world, they must tailor those “munitions” to each specific target, unlike a missile.
“There’s a unique threat audience, a unique friendly audience, a unique neutral audience that has to do with that influence and information piece. It’s extremely difficult to be able to move fast in that space,” Croot said.
The center will work with Special Operations Command’s Joint Military Information Support WebOps Center, which Croot said is delivers information through social media. The WebOps Center doesn’t build these digital rounds, so the Information Warfare Center will fill that role.
“Cyber is another delivery system. It’s a platform, like an artillery piece that you can deliver influence rounds through,” Croot said. “There’s an information revolution that has occurred, and things move faster than we’ve ever seen before, and it’s hard to change mindsets of people and systems and processes to be able to move at the speed of information.”
The geographic combatant commands are each building their own information warfare task forces, which act as forward extensions of the Information Warfare Center across 70 nations. The sensors in those 70 nations must be able to rapidly move information back and forth so the center can tailor the right influence campaigns in a timely manner.
Aside from the effort’s role to affect others within the information sphere, officials described the need to protect Green Berets from sophisticated snoops.
One’s digital footprint can easily be mapped in the modern connected world. As such, 1st Special Forces Command is looking for tools that can provide protection at the tactical edge.
This also includes training forces on how to reduce their digital attack surfaces while deployed and even in garrison in the U.S.
The dangers were demonstrated to great effect a few years ago during a unit exercise, Croot explained. Prior to deploying to the exercise in the U.S., the commander told his unit he wanted everyone off social media a full month prior.
One day into the exercise, the commander laid out how many people the unit had deployed, what base they came from, where they were going, what their mission was and where their families lived, all from their digital footprints, Croot said.
“If you want to be terrified, sit and see and watch a picture of a family member up on a Facebook post talking about you and where you work and where you’re going,” he said. “This is real, and it absolutely is something that we have got to take seriously from a from a home station force protection perspective, let alone at the edge.” (Source: C4ISR & Networks)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.