Sponsored by Spectra Group
https://spectra-group.co.uk/
————————————————————————
04 Nov 21. Strategic Direction for Cybersecurity Maturity Model Certification (CMMC) Program. Today, the Department of Defense announced the strategic direction of the Cybersecurity Maturity Model Certification (CMMC) program, marking the completion of an internal program assessment led by senior leaders across the Department.
The enhanced “CMMC 2.0” program maintains the program’s original goal of safeguarding sensitive information, while:
- Simplifying the CMMC standard and providing additional clarity on cybersecurity regulatory, policy, and contracting requirements;
- Focusing the most advanced cybersecurity standards and third-party assessment requirements on companies supporting the highest priority programs; and
- Increasing Department oversight of professional and ethical standards in the assessment ecosystem.
Together, these enhancements:
- Ensure accountability for companies to implement cybersecurity standards while minimizing barriers to compliance with DoD requirements;
- Instill a collaborative culture of cybersecurity and cyber resilience; and
- Enhance public trust in the CMMC ecosystem, while increasing overall ease of execution.
“CMMC 2.0 will dramatically strengthen the cybersecurity of the defense industrial base,” said Jesse Salazar, Deputy Assistant Secretary of Defense for Industrial Policy. “By establishing a more collaborative relationship with industry, these updates will support businesses in adopting the practices they need to thwart cyber threats while minimizing barriers to compliance with DoD requirements.”
The CMMC program includes cyber protection standards for companies in the defense industrial base (DIB). By incorporating cybersecurity standards into acquisition programs, CMMC provides the Department assurance that contractors and subcontractors are meeting DoD’s cybersecurity requirements.
The DIB is the target of increasingly frequent and complex cyberattacks by adversaries and non-state actors. Dynamically enhancing DIB cybersecurity to meet these evolving threats, and safeguarding the information that supports and enables our warfighters, is a top priority for the Department. CMMC is a key component of the Department’s expansive DIB cybersecurity effort.
The internal assessment of CMMC was co-chaired by: Mieke Eoyang, Deputy Assistant Secretary of Defense for Cyber Policy; David Frederick, Executive Director of U.S. Cyber Command; David McKeown, Deputy Chief Information Officer for Cybersecurity; and Jesse Salazar, Deputy Assistant Secretary of Defense for Industrial Policy; and included senior leaders from 18 components across the Department.
For more on the changes, visit https://www.acq.osd.mil/cmmc/index.html(Source: US DoD)
04 Nov 21. Mind The Gap. The French Air and Space Force will retire its two C-160G SIGINT planes next year. Will this cause a shortfall in strategic/operational SIGINT collection? Both aircraft serve with the Armée de l’Air et de l’Espace (ADAE/French Air and Space Force) 00.054 Dunkerque electronic warfare squadron at Évreux-Fauville airbase, northern France. They were acquired in the mid-1980s. The TransportAllianz C-160G Gabriels collect operational and strategic Signals Intelligence (SIGINT). This is supplied to the Direction du Renseignement Militaire (French Military Intelligence). The SIGINT may include Electronic Intelligence (ELINT) on radars, radio communications and cellphones.
ELINT is collected by the aircraft’s Thales ASTAC (Analyseur de Signaux Tactiques/Tactical Signals Analyser). This is located inside the aircraft in electronic bays. Accompanying interferometry antennas are mounted in two pods on the aircrafts’ wingtips. These detect and locate ground radar emissions, most probably across wavebands of at least two gigahertz/GHz up to 18GHz, possibly extending to 40GHz. Several antennas on the dorsal fuselage may transmit raw or analysed ELINT across very/ultra-high frequency datalinks.
The retirement of the C-160G next year risks a capability gap for the ADAE. The air force is acquiring a fleet of three new Dassault Falcon-8X Archange SIGINT aircraft. The first is expected to enter service in 2023 risking a twelve-month gap sans the C-160G’s capabilities. This assumes that the first of Falcon-8X enters service on time.
Trivia buffs might be interested to know that Gabriel is an acronym. It stands for Groupement Aérien de Brouillage, Recherche et Identification Electronique. This translates as Jamming, Research and Electronic Identification Air Group. Archange is an acronym for Avion de Renseignement à Charge de Nouvelle Genération. This translates as New Generation Intelligence Aircraft. In Abrahamic faiths, Gabriel is an archangel, and the patron saint of those working in broadcasting and communications.
Options
How might the air and space force address this gap? Armada approached the ADAE who declined to comment. Pierre-Alain Antoine, an electronic warfare expert, told Armada that the force has several options. He cited ASTAC pods equipping the ADAE’s Dassault Mirage-2000D combat aircraft. These have similar in capabilities to the Gabriels’ ASTAC system. They could be supplemented by ELINT captured with the Thales Spectra self-protection systems of the ADAE’s Rafale-F3B/C combat aircraft. One disadvantage of both the Mirage-2000D and Rafale-F3B/C is that neither can accommodate SIGINT experts to analyse signals in real time in situ.
Another option is to use the Breguet/Dassault Atlantique ATL-2 maritime patrol aircraft of the Aeronavale (French Naval Aviation). These are outfitted with an Electronic Support Measure (ESM) optimised for supporting naval operations. The ADAE’s four Boeing E-3F Sentry airborne early warning aircraft are also equipped with ESMs.
Intelligence sharing is another option. Brexit and the recent AUKUS pact involving Australia, the UK and United States have battered Anglo-French relations. That said, the 2010 Lancaster House treaty between the UK and France has provisions for intelligence sharing. It may be possible for the Royal Air Force to share raw ELINT collected by its Boeing RC-135W Airseeker R.1 SIGINT planes. French SIGINT analysts could then interpret this data and configure it for French military aircraft threat libraries.
Moreover, France possesses four ELISA (ELINT by Satellite) spacecraft most probably collecting raw ELINT. France’s is also getting new CERES SIGINT satellites. The first of these could be launched in November 2021 according to Armada sources. The CERES constellation could also help raw ELINT collection. Yet this would be a temporary solution at best. Both ELISA and CERES are thought to be tasked with collecting civilian and military SIGINT. The asset of using an aircraft like the C-160G is that ELINT can be immediately analysed in situ by SIGINT experts familiar with the area.
At best, the ADAE will be able to make good the C-160G’s shortfall with these other capabilities. However, complex undertakings like the Archange programme can suffer delays. In the worst case scenario the air force will have to wait longer than planned for the new aircraft. Should that happen, these stopgap capabilities may have to be teased out for a little longer than originally anticipated. (Source: Armada)
04 Nov 21. Let’s Be Careful Up There! October’s EW Europe conference included presentations and discussions on how NATO sees aircraft integrated self-defence systems developing in the coming years. Aircraft survivability was a focus of this year’s EW Europe conference and exhibition. EW Europe was hosted by the Association of Old Crows in Liverpool, northwest England, between 12th and 13th October.
The conference included a panel looking at aircraft survivability across the North Atlantic Treaty Organisation (NATO). This included discussion of NATO’s forthcoming Standardisation Agreement 4781, better known as STANAG-4781.
STANAG-4781 has two distinct strands: To ensure NATO nations can protect military aircraft in complex, hostile environments. To develop an open architecture to support the integration of sensors and effectors to this end. It is a framework to help NATO get ahead of the air defence threat presented by near-peer adversaries like the People’s Republic of China and Russia.
At the heart of the framework is a standard architecture known as NDAS (NATO Defensive Aids System). NDAS is intended to ensure that a DAS can receive threat information from multiple onboard and offboard sensors. The architecture will prioritise multiple threats and coordinate multiple countermeasure responses. Specifically, NDAS covers sensing and effectors, and gateways to an aircraft’s non-DAS functions and other systems. Datalinks will also be included to send and receive data pertinent to the threat environment. NDAS will manage countermeasures techniques and payloads. Above all, it will enhance survivability.
CESMO
For example, a fighter might be advised of a specific radar threat via NATO’s emerging Cooperative Electronic Support Measure Operations (CESMO) protocol. CESMO allows ground-based radar parameters to be shared in real time between aircraft flying in the vicinity of the same radar threat. Sharing threat information is important so that an aircraft’s DAS can use the most appropriate response.
Several combat aircraft may have detected an Almaz-Antey 91N6 (NATO reporting name Big Bird) S-band (2.3 gigahertz/GHz to 2.5GHz/2.7GHz to 3.7GHz) ground-based air surveillance radar nearby. Each aircraft sends details of the radar’s location relative to its position over the CESMO link. The CESMO software triangulates this information and sends out data on the radar’s location.
The NDAS architecture will ensure that the aircraft’s self defence systems select the most effective response to the threat. This could be a specific jamming or deception waveform known to be effective against the 91N6’s target detection and tracking modes. Likewise, expendable radio frequency decoys like Leonardo’s BriteCloud could be programmed thus before launch.
FCAS and Tempest
Development of STANAG-4781 was completed in 2020. Its ratification is expected by all NATO’s members in 2022. The STANAG can be updated every six months. This will help account for new technologies and techniques pertinent to the NDAS as and when they appear.
It seems likely that the NDAS architecture will be adopted for the pan-European Tempest and FCAS (Future Combat Air System) programmes. The Tempest initiative includes Italy, Sweden and the United Kingdom, and involves BAE Systems, Leonardo and Rolls-Royce. FCAS involves France, Germany and Spain. Participants include Airbus, Dassault, Indra, MBDA, MTU, Safran and Thales. Prototype Tempest and FCAS sixth-generation combat aircraft should have performed their maiden flights by early next decade. Ultimately the NDAS approach and STANAG-4781 stresses “efficiency, cost effectiveness and interoperability.” (Source: Armada)
04 Nov 21. Persian Perniciousness. The government of Iran is an enthusiastic user of cyberattacks against the country’s strategic rivals. The tempo and breadth of these attacks may well increase in the future.
The government of Iran continues to target rivals with cyberattacks, according to a recent presentation at the EW Europe conference and exhibition.
Dr. Justin Pelletier is the director of the Global Cyber Security Institute Range and Training Centre at Rochester Institute of Technology, New York. Iranian cyberattacks were the subject of his presentation given during the Association of Old Crows’ EW Europe conference and exhibition. The event was held in Liverpool, northwest England between 12th and 13th October.
Dr. Pelletier examined the indicators and impacts of Iranian cyberattacks. He kicked off by stating that the direct, unequivocal attribution of cyberattacks to the Iranian government can be a “sticky wicket”. Understandably, that government works hard to cover its tracks and conceal Iranian involvement in cyber warfare.
The aerospace, defence, energy and petrochemical industries are among targets favoured by Iranian cyber warriors, Dr. Pelletier said. These have probably concentrated on targets in the United States and Saudi Arabia. Both the US and Saudi Arabia are strategic rivals of the Iranian government. Dr. Pelletier added that cyberattacks may have emanated from Iran against targets in the Republic of Korea (ROK).
Armada believes that attacks against ROK targets may have been performed on behalf of, or in support of, the Democratic People’s Republic of Korea (DPRK). Iran and the DPRK share close relations. For example Iranian experts may have assisted the DPRK’s intercontinental ballistic missile programme, according to reports.
Threat Groups
Dr. Pelletier revealed that the Iranian government’s modus operandi for cyberattacks is to employ several so-called ‘threat groups’. This is fairly typical of any government’s cyber activities. Open source intelligence published by the MITRE Corporation details the activities of these groups. APT-33 is one suspected Iranian threat group believed to have been active since 2013. APT-33 has also been described with the appellations Holmium and Elfin. Dr. Pelletier stated that the group is responsible for targeting aerospace, defence, energy and petrochemical sectors in the US, Saudi Arabia and ROK. Cyberattack techniques employed by APT-33 include spear phishing, droppers, wipers and back door attacks.
Spear phishing targets a specific person or organisation to steal sensitive information via email. Dropper attacks deliver and install malware. Wipers are classes of malware wiping computer hard drives. Back door attacks exploit weakly defended parts of a computer, network or software application to gain access.
Other favoured techniques include botnet tool kits. Dr. Pelletier mentioned the Itsoknoproblem botnet. This may have exploited vulnerabilities in the WordPress and Joomla content management systems. Iranian cyber warriors may have also used techniques like Google Dorking. This uses Google applications to find vulnerabilities in the code used by websites hosted by the search engine.
APT-34, also known as Oil Rig, Cobalt Gypsy and Helix Kitten, has been involved in defacing websites of the above industries, and those involved in finance and telecommunications. It may have also been responsible for attacking the websites of governments deemed hostile to Iran. APT-34 is thought to have been active since 2014.
Also active since 2014, APT-35 is believed to collect strategic intelligence for the Iranian government. Targets include the media, defence, energy and telecommunications sectors in the US and Middle East. Dr. Pelletier stated that APT-35 may use its resources to attack internal online criticism of the Iranian regime. Likewise, APT-39 (a.k.a Remix Kitten, ITGO7 and Chafer) performs cyber espionage. It is thought to work on behalf of Iran’s Ministry of Intelligence and Security (MOIS). MOIS is believed to collect foreign intelligence, but may also work internally, according to open sources. Mitre’s information states that APT-39 performs some of its activities through a front company called Rana Intelligence Computing. Other Iranian cyber warfare front companies include MERSAD and ITSec. Like APT-34, APT-39 is thought to have been active since 2014.
That Iranian cyber activities gained momentum from the start of last decade is unsurprising. The years 2009 to 2010 witnessed large protests against the electoral victory of President Mahmoud Ahmadinejad. Internal allegations of electoral fraud greeted Mr. Ahmadinejad’s win. Doubts were expressed over the veracity of his victory by governments in North America and the European Union.
Other threat groups cited by Dr. Pelletier included Copy Kitten/Slayer Kitten. This was believed to have targeted aerospace, defence and petrochemical industries in Germany, Israel and Turkey. Academia and research organisations are believed to have been targeted by the Silent Librarian/Cobalt Dickens threat groups.
Other favoured targets for suspected Iranian cyberattacks have included groups opposing the regime of Syria’s President Bashir al-Assad. Open sources note that the Iranian government has provided important materiél and political support to Mr. Assad during the long-running Syrian civil war.
Evolution
Over the long term, Dr. Pelletier expects Iranian cyberattacks to continue against targets in the US, Europe, Saudi Arabia and allied countries. Targets are likely to remain the same, along with further attacks against Critical National Infrastructure (CNI).
Dr. Pelletier highlighted a 2013 cyberattack against the Bowman Avenue Dam, New York State, blamed on Iranian cyber warriors. He continued that attacks will likely be performed by Iranian proxies. These could include the Basij volunteer paramilitary organisation. Although probably part of Iran’s Revolutionary Guard Corps, using the Basij would help create an illusion of plausible deniability. Meanwhile, the Iranian government is expected to strengthen its own National Passive Defence Organisation (NPDO). The NPDO, formed in 2003, performs internal cyber protection and protection of Iranian CNI. Future tactics could include repurposed criminal malware along with more ‘homebrewed’ cyberattack tools, Dr. Pelletier notes. (Source: Armada)
04 Nov 21. Spectrum Sitrep. Armada’s new section detailing new products, programme developments and operational news across the electronic warfare domain.
Products
Roke launched its new Perceive Electronic Support Measure (ESM) at the Association of Old Crows’ EW Europe event in Liverpool, northwest England on 13th October. Perceive builds on the company’s EW heritage forged through its Resolve ESM. The new product covers a waveband of 30 megahertz/MHz to six gigahertz, Roke officials disclosed at the show. Perceive provides direction-finding in azimuth and elevation for signals between 30MHz to six gigahertz. Signals on frequencies of two megahertz to 30MHz can be intercepted. Roke’s literature says Perceive detects, classifies and identifies frequency-hopping targets moving at up to 10,000 hops-per-second. 32 targets can be classified simultaneously, including mobile targets. The product uses the company’s PREFIX/VIPER software. Officials said Perceive deliveries will commence to undisclosed customers in 2022.
Roke’s Perceive communications ESM was launched at the Association of Old Crows’ EW Europe event in Liverpool this October.
CommsAudit also took advantage of EW Europe to showcase new products. The company exhibited its new SpectraGo tactical communications ESM. SpectraGo supports dismounted military and civilian communications intelligence gathering. The product covers a 30MHz to six gigahertz waveband. Company officials told Armada that SpectraGo has 100MHz of instantaneous bandwidth. Raw COMINT can be gathered by the system which also supports fine grain analysis of signals of interest. Up to six hours of raw COMINT can be recorded by SpectraGo. No details have been revealed, but SpectraGo is already thought to be in service with several customers.
CommsAudit showcased the company’s new SpectraGo communications ESM at this year’s EW Europe exhibition.
Babcock’s SCOUT (Signal Collection Observation and Understanding Technology) was also at EW Europe. SCOUT software can analyse captured voice COMINT and the company teamed with SpiritAI to develop this. Specific voice traffic which the analyst wishes to examine is fed into the software. The software converts the traffic into text. It is trained to recognise specific speech behaviours. For example, are these detailing success, failure, low morale, a specific person or people, or a military situation? Are particular codewords being used, or do unusual words keep cropping up in conversation?
Artificial intelligence is at the core of SCOUT’s approach. The rationale is to ease the analyst’s burden of wading through torrents of COMINT to find subjects of interest. Babcock and SpiritAI officials told Armada that SCOUT can work with COMINT feeds in all major European languages. The software can also be trained by a linguist to recognise specific dialects. SCOUT can be hosted on a standard laptop or desktop computer. Development of the software for commercial and/or government applications is complete while development of SCOUT for military applications is ongoing.
Away from EW Europe, Unitronix announced in October that it will be introducing Ocupoint’s products to the United Kingdom and continental European. Unitronix has also secured a deal to represent PLATH in the UK. Tim Marshall, Unitronix’ managing director, told Armada that “we will be promoting all the Ocupoint products, but the hottest right now are the Catalyst-2 (CR2) ultra-wideband programmable coherent front ends. These are 25.4mm diameter coin-size units.” The firm will also offer Ocupoint’s “RF front ends, programmable filters and attenuators, and field-programmable gate array back ends.” Regarding the partnership with PLATH, Mr. Marshall said that Unitronix will offer the latter’s products to the UK and Australian markets: “PLATH products have always been sold direct to programmes, this is the first time they are offering their kit to a COTS (Commercial Off-The-Shelf) market.”
Eizo Rugged Solutions has introduced its new Condor XR1 6U VPX series 6U OpenVPX 6U embedded computing card. This includes a general purpose graphics processing unit combined with a single board computer, according to the company’s press release. Applications mooted for this product include Signals Intelligence (SIGINT) and Electronic Warfare (EW).
Infozahyst announced on 20th October that it had launched its Apella Communications Intelligence (COMINT) system. Covering a waveband of 25MHz to six gigahertz, it forms part of Infozahyst’s Khortytsia-M mobile COMINT system. Apella has between two and four channels offering real-time bandwidths of 20MHz per channel, according to the company’s specifications. Apella can process up to 4,096 radio networks in scan mode. Each channel can scan at a rate of twelve gigahertz-per-second.
CERBAIR announced during October’s Milipol security exhibition in Paris that it had entered a partnership with KEAS. Both companies are active in the Counter-Uninhabited Aerial Vehicles (CUAV) sector using radio frequency jammers, among other technologies, to neutralise UAVs. Armada reported in October 2020 that CERBAIR had shown its CUAV technologies to the Marine Nationale (French Navy). A press release announcing the news said that both companies will benefit from their global networks and distributors. The partnership will also help both companies identify new opportunities.
KRYTAR has unveiled its Model 110050030 dual-directional RF and microwave coupler. The product offers 30 decibels of broadband frequency range across bandwidths of ten to 50GHz. Applications mooted for this new product include EW alongside communications and radar.
Elbit Systems announced in mid-October it had demonstrated its Micro Spear electronic warfare system onboard an Aera-1 Altius-600 UAV. According to its manufacturer this UAV has a range of 237.6 nautical miles (440 kilometres) and a four-hour endurance. Elbit states that the Micro Spear payload can detect and jam threats across frequencies of two to ten gigahertz although this can be extended to 18GHz.
UASWERX has revealed its Kiowa-II E-Scout tactical, vertical take-off and landing platform. The company says this aircraft has been optimised to support battlefield cyber warfare and EW. It continued that the aircraft will detect, identify and engage all battlefield emitters. This can include radio frequency-initiated improvised explosive devices up to ground-based radars. UASWERX added that it had already completed wind tunnel and airworthiness tests. It hopes to have a prototype ready by mid-2023.
Programmes
The US Air Force (USAF) awarded L3Harris a ten-year contract to modernise the firm’s AN/ALQ-172 integrated self-defence system, according to reports. This equips the USAF’s Boeing B-52H Stratofortress strategic bombers. The modernisation ensures the AN/ALQ-172 can address simultaneous, multiple threats. This will be achieved through improvements to the system’s hardware and software. The contract is worth over $970m.
EW enhancements are ongoing for other USAF combat aircraft. On 25th October Boeing announced it had won a $55.4m low-rate initial product contract. This will procure BAE Systems’ AN/ALQ-250 Eagle Passive Active Warning and Survivability System (EPAWSS). The EPAWSS equips the USAF’s McDonnell Douglas/Boeing F-15 series combat aircraft.
Other USAF contracts over the past month included one of an undisclosed value awarded to Northrop Grumman. This covers part of the air force’s Global High-Altitude Open System Sensor Technology (GHOST) programme. GHOST is developing new platform-agnostic SIGINT sensors. The contract will see Northrop Grumman developing a prototype sensor. Last month GHOST contracts were also awarded to a team comprising BAE Systems and Sierra Nevada Corporation. These companies will also develop a GHOST prototype.
The USAF’s Lockheed Martin EC-130H Compass Call communications jamming aircraft, the Gulfstream EC-37B, has moved one step closer to service entry. It was reported on 19th October that the first EC-37B had performed its maiden flight. L3Harris is ‘cross decking’ the existing Compass Call payload onto the EC-37B. This aircraft is expected to be delivered to the USAF to commence flight tests in 2022.
October witnessed a flurry of activity in the US EW training domain. Lockheed Martin was awarded a contract to provide five Advanced Radar Threat System – Variant-2 radar emulators to the USAF. Known as the ARTS-V2, the equipment mimics transmissions from hostile ground-based radars. The contract is worth $80.7 m. Staying in the training domain, on 22nd October Leonardo’s DRS subsidiary announced the award of a five-year contract worth $950 m for EW threat simulators.
On 22nd October it was revealed that L3Harris had won a contract worth $120.7 m to upgrade the company’s Counter Communications System Block-10.2 equipment. These systems are deployed by the US Space Force to jam hostile satellite communications. The work will cover 16 systems deployed at several Space Force bases in Colorado, Florida and classified non-US locations. The upgrade will be completed by late February 2025.
Looking towards the land domain, on 19th October Lockheed Martin was awarded a contract worth $9.7 m for phase 2 of the US Army’s Terrestrial Layer System (TLS) programme. TLS is rolling out new electronic warfare vehicles to support the army’s manoeuvre force. The company will finalise hardware and software designs for the TLS based on experience and feedback from phase 1. Meanwhile the US Army announced that it had purchased Galvion’s Squad Power Manager (SPM). The $8 m contract sees SPM deliveries commencing in December, according to reports. SPMs will power explosive ordnance disposal equipment used by US Army units.
A rendering of Lockheed Martin’s TLS prototype installation for the US Army’s General Dynamics M-1133 Stryker armoured fighting vehicle. This TLS variant will equip army brigade combat teams.
The US Army has also announced that it is seeking Position, Navigation and Timing (PNT) systems for dismounted troops. According to the official US Army announcement, the technologies “will enable US Army soldiers operating in dismounted operations to continue to obtain and maintain position navigation and timing” independent of Global Navigation Satellite Systems (GNSSs).
D-TA Systems Corporation and Epiq Solutions both announced via a press release in October their selection by the US Navy to design and prototype a sub-miniature radio frequency payload. The contract was awarded by the Naval Surface Warfare Centre. The companies will design a payload to actively and passively assist electromagnetic support operations for the navy’s Neptune Payload Prototype Project.
The US Marine Corps, meanwhile, revealed it has performed tests of CACI’s Backpackable Electronic Attack Module (BEAM) onboard a small quadrotor UAV. The flight tests took place from the USS New Orleans ‘San Antonio’ class amphibious assault ship. Although not revealed by the company, BEAM is thought to perform electronic attack over a 30MHz to six gigahertz bandwidth.
Israel Aerospace Industries (IAI) announced that its ADA GNSS anti-jamming equipment has been integrated into several Israeli Air Force (IAF) platforms. A press release said this includes combat aircraft like the IAF’s General Dynamics/Lockheed Martin F-16I Soufa jets. It added that ADA was used operationally during Israel’s Operation Guardian of the Walls in May. The Israeli government intervention in the Gaza Strip is thought to have witnessed attempted GNSS jamming by Hamas.
IAI also revealed that its EL/L-8257SB Scorpius-T active electronically scanned array EW threat simulator was deployed during the Blue Flag 2021 military exercise. These multinational exercises were held in Israel in October. Reports revealed that this year’s exercise saw participation from France, Germany, Greece, India, Italy, the United Kingdom and the United States.
IAI revealed that its EL/L-8257SB active electronically scanned array EW threat simulator had participated in Israel’s recent Blue Flag multinational air combat exercise.
Threat Board
As tensions between the People’s Republic of China (PRC) and Taiwan remain high, Taiwanese news reports noted several flights of PRC military aircraft into Taiwan’s Air Defence Identification Zone. These incursions included flights by Shaanxi Y-8 variant SIGINT gathering aircraft. The Y-8s were probably recording the electromagnetic reactions of Taiwan’s Integrated Air Defence System. Such intelligence is used to plan potential wartime ingress and egress routes for combat aircraft.
Jeremy Fleming, director of the United Kingdom’s Government Communications Headquarters (GCHQ) revealed that cyberattacks maybe used to deter future ransomware attacks against UK targets. These cyberattacks could be planned and executed by the UK’s National Cyber Force (NCF). The NCF is a combined UK Ministry of Defence and GCHQ initiative. It is tasked with protecting government departments, industry and the UK’s critical national infrastructure against cyber warfare. (Source: Armada)
04 Nov 21. AI research project on cybersecurity and training receives 12 MNOK from The Research Council of Norway. Due to a growing number of cyberattacks the demand for qualified cybersecurity professionals is greater than the available pool. The skill shortage is a significant concern for economic development and national security in the digital age. A recent study by global IT decision-makers shows that 61 percent of companies suffered a ransomware attack in 2020. Email threats increased by 64 percent. Post-Covid, the trend is that cybercriminals have been taking advantage of the rise in digital activity with new social engineering attacks. Cybersecurity is becoming a day-to-day struggle, leaving the market depleted of available expertise.
Filling the global cyber security skills gap
The research project on AI-Based Scenario Management for Cyber Range Training (ASCERT) is a partnership between the Norwegian Computing Center, the NTNU Cyber Range, the Norwegian Directorate for Civil Protection, and EcoOnline.
– By developing AI-enabled architecture for the design, execution, and evaluation of cybersecurity training exercises, the project focus is to narrow the gap between the need for cybersecurity experts and the education of new labor, says Audun Stolpe, Senior Scientist at Norwegian Computing Center and manager of the ASCERT-project.
– We need a more practically oriented education within information security. By using well-studied learning principles and performance metrics, our goal is to promote effective, long-term learning, he adds.
Complementary and interdisciplinary competencies
One success criterion highlighted in the project description is that ASCERT is a collaborative and knowledge-building project. By connecting methods and results from symbolic AI, cybersecurity, simulation-based training, and learning theory, the results will benefit students, the public, and the private market.
The research approach will be to use the existing EcoOnline Crisis Management solutions as a basis. An additional benefit of EcoOnline in the project is their high market share within digital tools for EHS. EcoOnline’s customer-centric approach will be essential for a successful go-to-market strategy.
– We are experiencing increasing demand from our customers on including cyber security as part of their emergency response plan. Although this is manageable using our tools today, the ASCERT project will allow us to strengthen our AI knowledge and enhance the EcoOnline product portfolio, says Harald Axelsen, EcoOnline’s representative in the ASCERT consortium.
03 Nov 21. Leonardo and Elettronica together supporting the growth of sovereign national skills.
- An agreement has been signed today to strengthen long-term strategic cooperation to respond effectively to the challenges that are expected to arise on the domestic, European and international markets
- Alessandro Profumo: “By the consolidation of the partnership, a significant improvement in the industrial and proactive synergy between the two main domestic players in the Defence & Security sector”
- Enzo Benigni: “This agreement is proof that the domestic industry can and must proceed jointly to deal with the global challenges and support the domestic independent strategic effort”
Leonardo and Elettronica have signed an agreement to strengthen the long-term strategic cooperation between the two companies in support of the growth of sovereign technologies. On the basis of the complementary nature of their respective skills, Leonardo and Elettronica will jointly develop solutions and offers to effectively respond to the increasing challenges that are arising on the domestic, European and international markets.
“The agreement will enable a significant improvement to be achieved in the industrial and proactive synergy between the two main players in the domestic Defence & Security sector,” commented Alessandro Profumo, CEO of Leonardo, “to provide clients with the best possible solutions. The signing of the partnership is aimed at consolidating and strengthening Leonardo’s core business, in line with the goals of the long-term strategic plan for sustainable growth Be Tomorrow 2030”.
“This agreement”, highlighted Enzo Benigni, CEO and President of Elettronica Spa, “confirms the role of Elettronica as national champion of Electronic Defence systems. Moreover, it clearly shows that the wealth of knowledge and the qualified skills of national industry, as main asset of the Italian technological sovereignty, can and shall proceed jointly in order to address the global challenges and support the national efforts towards strategic autonomy.”
The partnership has led to the identification of the maritime and fixed and rotary wing avionics sectors as those of strategic interest. Within this perimeter, the “golden rules” have been agreed for sharing the market needs, on the basis of market scenarios, in order to jointly address the NATO and European EDF/EDIDP calls and the opportunities on the domestic defence market for maritime and helicopter systems and manned and unmanned airborne platforms.
Leonardo and Elettronica will propose integrated solutions for their customers – Elettronica systems and Leonardo platforms/systems – that are already in their portfolios or technological evolutions of them to better respond to customer needs.
Governance of the agreement has ensured by the appointment of a permanent steering committee to guarantee the full achievement of the purposes of the partnership. The committee is composed of the respective top management teams and has the duty of defining the strategic guidelines for the development of the evolutive plans and roadmaps of the collaboration agreement.
02 Nov 21. Nick Shave of Inmarsat gave a brief on the new Inmarsat ORCHESTRA network at the SMi Global MilSatcom 2021 Conference on November 2nd. ORCHESTRA will be the first of its kind. A unique, global, multi-dimensional, dynamic mesh network that will redefine connectivity at scale with the highest capacity for mobility worldwide and at hot spots, as well as the fastest average speeds and the lowest average latency of any network, planned or in existence.
In the largest ever transformation of Inmarsat’s market-leading services, ORCHESTRA will be a seamless configuration of our ELERA (L-band) and Global Xpress (Ka-band) networks with terrestrial 5G, targeted low earth orbit (LEO) capacity, and dynamic mesh technologies, to create a single advanced solution for global mobility.
This revolutionary layered approach is designed to meet the accelerating bandwidth requirements of more diverse, demanding and ever more widely adopted applications in the commercial and government mobility markets. By drawing on the unique capabilities of each component, it will deliver high performance connectivity everywhere, while eliminating the longstanding industry-wide challenge of congestion at high demand hot spots, like busy ports, airports, sea canals and flight corridors, for good.
“An orchestra brings different instruments together, each supporting the other and playing its role in the masterpiece. We’re building ORCHESTRA on the same concept.” Rajeev Suri, CEO, Inmarsat.
New use cases and business models
ORCHESTRA’s unprecedented combination of global coverage, unparalleled capacity and resilience will provide customers with a low-risk transition to next generation service capabilities, enabling new business models and use cases well into the future.
- Urban Air Mobility: Complete command and control and secure air traffic management capabilities for the safe operation of autonomous flying taxis and personal air transport.
- Industrial IoT: Secure, device-neutral, private networks for large scale IoT deployments that can integrate, manage and monitor disparate sensors and devices via a single cloud environment.
- Smart Cruise Ships: High speed, low latency passenger, crew and operational connectivity solutions for ferries and cruise ships, enabled through global satcom and on-board 5G networks.
- Tactical Private Networks: Bespoke, high-speed, local area, temporary ‘sovereign’ networks to connect international aid, forces or government agencies in the field while securely relaying critical data home for analysis.
One cohesive solution
ORCHESTRA will integrate Inmarsat’s existing geosynchronous (GEO) networks with terrestrial 5G and a new, targeted LEO satellite deployment.
- ELERA: provides a critical layer of always-on connectivity with all-weather resilience.
- Global Xpress: delivers reliable, high-speed, global coverage with security and full redundancy.
- Terrestrial 5G: adds ultra-high capacity at specific high demand hot spots, such as busy ports, airports, straits and sea canals.
- LEO: a small, targeted constellation of 150-175 satellites layering additional high capacity over further high demand areas.
This layered approach is supplemented by a ‘dynamic mesh network’, which allows individual terminals to act as nodes to route traffic to and from other terminals. The ability to extend the range of direct links to others beyond that range, like ships beyond the reach of 5G for example, will bring a powerful new dimension to networking.
01 Nov 21. The Pentagon is moving away from the Joint Regional Security Stacks. The Department of Defense chief information officer this summer decided to sunset the Joint Regional Security Stacks, initially established to shrink the cyberattack surface by consolidating countless classified entry points around the world to 25 sites, a spokesperson from the Defense Information Systems Agency confirmed.
The program had faced multiple setbacks, with government watchdogs and Congress asking to pause the program and for more information along its lifecycle. Last year, Congress asked DoD to assess the fate of the program.
Officials originally lauded JRSS because it was aimed to provide increased security as well as unprecedented situational awareness of the network.
Now, DoD is preparing the transition strategy for JRSS, officials from the Defense Information Systems Agency said Wednesday.
“We’re working with the CIO now on figuring out what the JRSS transition strategy is. It was tagged for sunset within five years,” Andrew Malloy, technical director in the cyber development directorate at DISA, said during a panel presentation as part of TechNet Cyber on Oct. 27.
DISA will keep evaluating JRSS and make adjustments accordingly, according to the spokesperson.
As JRSS is phased out, DISA will begin phasing in Thunderdome, its approach and architecture for zero trust networking, officials said.
“The good news is that both Thunderdome and JRSS exist in the same DISA directorate, and we plan to run programs side by side so that as we ramp up Thunderdome, we start ramping down JRSS,” Angela Landress, division chief for perimeter security at DISA’s cyber security and analytics directorate, said. “We’re setting up various transition working groups across the department, but also with DoD CIO and internally to DISA to make sure that it’s very seamless and that we do that transition in a way that doesn’t break anybody.”
Part of the complexity is determining the services’ roadmap, Malloy said. DISA has maintained that its Thunderdome approach will not be mandated across DoD or the services, meaning the services can opt to partner with DISA or implement their own zero trust system.
“We’re open to partnering, and we’ve had an interest from a number of services who have already said we’d like to partner with how you’re doing this, but this is not a mandated system so the transition from an enterprise system to a collection of different offerings from both DISA and the services is also going to be one of the complexities that we have to navigate,” he said.
Stephen Wallace, systems innovation scientist in the emerging technology directorate at DISA, argued that despite its issues, JRSS “has done a lot for us over the years.”
“It’s easy to pick on certain aspects of it, but the reality is that JRSS has been a tremendous opportunity for the department to unify a number of capabilities and standardize a number of capabilities,” he said. “This is just the next logical progression and, frankly, where IT as a whole is going.” (Source: C4ISR & Networks)
03 Nov 21. Kromek to attend the Counter Threat Symposium 2021, Farnborough, November 9-11 2021, and showcase its portable detection products. Kromek, the radiation detection specialists based in Sedgefield, County Durham, will attend the UK’s Counter-Threat Symposium 2021 in Farnborough, between 9-11 November 2021.
Kromek will exhibit a range of its portable radiation detection products, ranging from wearable devices to those mounted on ground vehicles, which are used by British and American government agencies.
Kromek will be featuring its latest hand-held radioisotope detection device, the D5 RIID, the smallest, lightest and most accurate hand-held detector currently available. It features all the hallmarks of Kromek’s commitment to enhancing device speed, instant identification, accuracy, connectivity and endurance, while at the same time offering a full remote capability to both protect the operator and link different locations.
The D5 RIID has been designed to fit into the palm of the hand or be installed in a vehicle. Weighing just 660g, it has a <24-hour endurance and with a dual system of an internal battery backed up by widely-available AA-sized batteries means there is no need for an external charging station. And despite its small size, the D5 RIID has an extensive built-in radioisotope library, to accurately identify even the smallest samples and the lowest dose rates. The device has a networked capability to allow results to be transmitted to wherever they are needed in real time.
The D3S hand-held Radioisotope Identification Device will also be at the Symposium. It is widely used in the United States of America by agencies inside the Department of Defense and the Department of Homeland Security. The detector also has all the key Kromek features as standard. Its autonomous or semi-autonomous reach-back detection and analytical capabilities all lessen the time operators are directly exposed to radiological hazards and its instant ID feature has been welcomed by many of its longstanding users.
Craig Duff, Kromek’s CBRN Business Manager, said “We are delighted to be attending this year’s Counter Threat Symposium in Farnborough. Although Kromek has delivered many detectors around the world, as a British company designing and manufacturing in the north-east of England, we are particularly keen to help the UK government fulfil its different requirements for portable radiation detection products. Our combination of light weight and long-enduring detectors are ideal for the users across government and in the emergency services.”
01 Nov 21. Mynaric selected by Northrop Grumman as strategic supplier for laser communication. Mynaric has signed a multi-year, strategic agreement with Northrop Grumman that identifies the company as a strategic supplier for laser communications in the space domain.
“The U.S. government is the driving force to deploy laser communication capabilities in space,” said Bulent Altan, CEO of Mynaric. “We are happy to have been selected as a strategic supplier by Northrop Grumman to pursue ongoing and upcoming programs in this important market segment and look forward to jointly providing secure and broadband communication to serve the U.S. government’s needs for distributed communication architectures.”
Earlier this year Mynaric submitted bids with a combined value in the mid-double digit m USD range to Northrop Grumman in the framework of multiple government space programs that are still pending contract awards by the U.S. government. Separately, Northrop Grumman will issue a purchase order for a set of CONDOR Mk3 terminals to kick-start the new relationship.
The agreement provides Northrop Grumman assured and preferred access to Mynaric products and services. It also foresees that Mynaric and Northrop Grumman will jointly develop and offer laser communication solutions tailored to the unique needs of specific U.S. government space programs. Mynaric will exclusively develop and sell custom products to Northrop Grumman for this specific market segment.
“Laser communication is becoming a strategic must-have for a wide array of government programs, particularly as Joint All-Domain Command and Control (JADC2) capabilities are expanded to an increasing number of connected platforms and as cybersecurity threats increase,” said Dr. Robert Fleming, Sector Vice President, Strategy and Business Development, Northrop Grumman Space Systems. “We look forward to partnering with Mynaric to provide cost-effective solutions to our customers to deploy laser communication capabilities at scale.”
Mynaric and Northrop Grumman signed the agreement upon a shared interest in accelerating the growth, development, adoption and innovation of laser communication solutions primarily for aerospace and defense applications, including air, space, ground, maritime, and undersea with a near-term emphasis on the space arena for the U.S. government’s needs and missions.
The agreement foresees business of a minimum value of Mynaric products and/or related services of at least USD 35 m over the agreement term. (Source: PR Newswire)
02 Nov 21. Rheinmetall and Intracom Defense join forces to cooperate in vehicle-based C4I systems. Rheinmetall and Intracom Defense of Greece have agreed to cooperate closely in the field of vehicle-based C4I systems. The two companies will coordinate their activities for joint development and marketing of a vehicle-based C4I system to jointly address the needs of their domestic and international markets. Both partners complement each other in ideal fashion: while Rheinmetall Electronics concentrates on command and communication systems for communication between vehicles and the chain of command, Intracom Defense is a globally acknowledged specialist for intercom systems that enable crewmembers to communicate with each other. In concrete terms, cooperation will centre on combining Rheinmetall’s TacNet tactical management system and expertise in soldier systems and C4ISTAR applications with Intracom Defense’s WiSPRevo communication and information system and longstanding experience in the field of vehicle communications. Under the cooperation agreement, Rheinmetall and Intracom Defense will pool their technological, production and commercial capabilities to produce operationally excellent, user-friendly, cost-efficient C4I solutions for military vehicles – invariably geared to the needs of the customer.
02 Nov 21. GAO backs Microsoft’s protest of $10bn NSA cloud award to AWS. The Government Accountability Office sustained Microsoft’s protest of the National Security Agency’s cloud award to Amazon Web Services. Microsoft protested the award of the secretive procurement known as Wild and Stormy or WandS in July. The ceiling value of the contract is estimated at about $10bn. The full GAO decision is classified. The agency released a statement saying that it found “certain aspects of the agency’s evaluation to be unreasonable” and recommends that “NSA reevaluate the proposals consistent with the decision and make a new source selection determination.” According to reporting in Washington Technology, the Wild and Stormy contract is designed as a replacement for NSA’s on-premise GovCloud environment, and is a distinct effort from the a multi-award intelligence community cloud contract called C2E which included awards to AWS, Microsoft, Google, IBM and Oracle. GAO plans to release a public version of the decision after NSA and the companies involved identify classified and propriety information to excluded. (Source: Defense Systems)
29 Oct 21. Cybersecurity experts warn on UK spy deal with Amazon. Concerns over privacy and national security risks come as MPs launch inquiry into cloud technologies. Amazon’s new contract to host top-secret intelligence for UK spy agencies must be scrutinised by parliament to ensure risks over data access, privacy, and sovereignty are being mitigated, cyber security experts have warned. The deal between GCHQ, MI5 and MI6 and AWS, Amazon’s cloud arm — estimated to be worth £500m to £1bn over a decade — was revealed by the Financial Times earlier this week. Just as news of the contract became public, parliament’s intelligence and security committee announced it was embarking on an inquiry into cloud technologies. The committee has declined to comment on the remit of its investigation or what has prompted the probe. Conor McGinn, Labour’s shadow security minister, said it was “only right” that the ISC should scrutinise the deal, given the sensitivities involved in a US tech company being contracted to host classified UK data.
“There are key issues that are causing concern, such as what security arrangements have been put in place given the deal is with a non-British company, and how such a large deal with one supplier will impact on the UK’s cyber resilience,” he said, adding that ministers should be more transparent about their agreement with AWS. Neither GCHQ nor AWS have commented on their contract, which was signed earlier this year. But people with knowledge of the deal confirmed that all the agencies’ data will be held in Britain, and Amazon would not have any access to information held on the cloud platform. Joss Wright, a researcher on information controls and privacy-enhancing technologies at the Oxford Internet Institute, said his main concern would be over how Amazon would be prevented from accessing the data. “There are all sorts of technical safeguards that could go into a system like this, but the idea that Amazon would be entirely unable to access the data . . . I wouldn’t say it was impossible, but I would want to question that very, very closely if I were on the committee,” he said. “My direct question would be, absent any legal or administrative constraints, would Amazon be able to get access to this data if it had to? Are there technical restrictions that would stop this from happening, or are the agencies relying on trust?” Other experts raised concerns over sovereignty and data privacy. James Sullivan, head of cyber research at the Royal United Services Institute, the think-tank, said there was a “legitimate question” over whether personal data would be used differently as a result of new search and AI capabilities made possible by the new platform.
“If storing data in the cloud enables intelligence agencies to use data for intelligence purposes at scale, how does that impact the privacy of the citizen? How will they manage that growing capability, and will the oversight mechanisms account for that change in scale?” he asked. Sullivan also urged MPs to probe the risk-management mechanisms in place in the event of Amazon suffering a data breach or change of ownership which changed its suitability as a commercial partner. “Assessing who is a reliable and trusted partner is a continuous process; even though the company is based in a partner country which is also an intelligence ally, it should still be subject to continuous scrutiny,” he said. Advocates of the deal argue that Amazon already has a proven record in supplying cloud services to US spy agencies, which work closely with their British counterparts as part of the Five Eyes intelligence-sharing alliance. AWS struck its first cloud deal with the CIA, worth $600m, eight years ago. Sir David Omand, former director of GCHQ, said he considered the security risks of using a US provider to be “manageable”. “If anything, a cloud solution should be more secure than the arrangements we have today,” he said. “Because if you’re trying to share information on legacy systems at great speed as threats change or new urgent missions arise, there’s always a risk you’ll expose yourselves to security problems you don’t even know about.” (Source: FT.com)
————————————————————————-
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.
————————————————————————-