Sponsored by Spectra Group
https://spectra-group.co.uk/
————————————————————————
03 Feb 22. SlingShot™ Vehicle Antennae Mounting Bracket launched. SlingShot™ is a unique technology that enables in-service radios to work beyond line of sight, delivering a “battle-winning” advantage and simplified mission-planning. Vehicle Antenna Mounting Bracket ™ Spectra Group (UK) Ltd (“Spectra Group”) strives to continually develop its portfolio of products and services. Whilst the information contained within this document was correct at publication, it is subject to change without notice. The information contained herein has been produced for the sole purpose of giving an approximate idea of the goods and services described. Spectra Group makes no warranty or representation as to the accuracy, completeness, fitness for purpose or use of this information and it shall not form part of any contract with Spectra Group. Copyright © Spectra Group (UK) Ltd 2022. US: www.spectra-group.us +1 202-818-8429 UK: www.spectra-group.co.uk +44 845 2600 444 The new mounting bracket for the vehicle antenna makes installing SlingShot on a wide variety of vehicles even easier. The surface area for mounting on some vehicles can be limited and off-road use may require a more secure fixing than the standard magnetic base, so Spectra Group has introduced a new bracket (NSN: 5985-99-847-1470) that can be pole-mounted as well as bolted to the chassis with a standard NATO 4 or 6 hole mounting pattern. Designed for any vehicle platform that requires a permanent installation, or where a magnetic mount isn’t suitable, the new Slingshot Vehicle Antenna Mounting Bracket provides users flexibility to mount the SS Vehicle Antenna in the optimum location. It is made from aluminium with a stainless steel pip-pin, measures 146 x 140 x 24 mm, weighs just 225g and is available to order immediately. In-service across the globe, SlingShot complements oversubscribed TACSAT. With flexible leases and dedicated beams you can be confident of having command and control communications when and where you most need it. Small, lightweight and low-power omni-directional antenna give added safety and increases mission success outcomes by maintaining communications on the move and bringing together units on land, sea and air in one integrated tactical radio network.
04 Feb 22. New DOD Chief Digital Artificial Intelligence Office Launches. The Defense Department must become a digital and artificial intelligence-enabled enterprise capable of operating at the speed and scale necessary to preserve its military advantage, according to a memorandum issued by Deputy Secretary of Defense Kathleen H. Hicks.
The memorandum, published on defense.gov, outlines how the chief digital and artificial intelligence officer, or CDAO, is charged with making sure DOD supports such an enterprise. John Sherman, DOD chief information officer, will serve as the acting chief digital and artificial intelligence officer until the position is filled permanently.
“ an honor to be able to help get this organization stood up while performing my chief information officer duties,” Sherman said today in a Pentagon media roundtable, adding that he has worked closely with several organizations to make sure the CDAO effort is launched on a solid footing.
“This is a key milestone for the department to become a digital AI-enabled enterprise,” a senior DOD official said in the roundtable. The intent of the office is to set up a strong foundation for data analytic and AI-enabled capabilities to develop and field at scale, the official said.
“This foundation includes the necessary people, platforms and processes needed to continuously provide business leaders and warfighters with agile solutions, so the CDAO will serve as a department senior official responsible for strengthening the integration of data analytics and digital solutions, as well as AI functions across the department,” the official explained.
DOD has made a lot of progress in this effort the last few years, and has a number of different components that have been working on it, such as the Joint Artificial Intelligence Center, Defense Digital Services, chief data officer and the Advana platform.
“At this stage in the department, what we’re hoping to do is provide an opportunity for stronger alignment and synchronization among these efforts,” the DOD official said. “The principal purpose for creating the CDAO is to elevate the importance of the issue sent to the secretary of defense, deputy secretary and other principals … while also ensuring unity of mission and strategic alignment in the department’s enterprise level, data analytics, digital solutions and AI efforts.”
Sherman, as acting CDAO, will serve a couple of critical functions, such as lead the department strategy and policy on data, analytics and AI adoption and governance to oversee these efforts across the department, the official said.
The second function will be to enable the development of digital and AI-enabled solutions across DOD while also selectively scaling proven solutions for enterprise and joint-use cases, the official said.
The third function will provide a ”sophisticated cadre of technical experts that serve as a de facto data and digital response force,” able to address urgent crises and emerging challenges with state-of-the-art digital solutions, the official said.
“The CDAO is going to perform these functions in close collaboration with the military services, Joint Staff, our research and engineering undersecretary and other digital leaders,” the official added.
The CDAO will also need to work closely with industry, interagency and DOD’s international mission partners.
“Our planning to get to has incorporated extensive feedback from a wide range of stakeholders internal to the department, including the undersecretaries for military departments, the services, Joint Staff, combatant commands, defense agencies and field activities, as well as inputs from a number of external stakeholders in Congress, academia and industry,” the official said.
The goal is for data, data analytics and AI to enable faster and better decision-making to allow for military advantage, from campaigning to conflict, the official said.
A concern to DOD is China’s aggressive investments in using such capabilities to offset traditional U.S. advantages, the official said, adding “and this is a key part of our effort to keep that pacing threat.”
The CDAO’s full operating capability is expected to be June 1, officials said. (Source: US DoD)
04 Feb 22. Special US ‘Nuke Sniffer’ aircraft in the UK for rare visit. The US Air Force says its mission is to collect samples from the atmosphere for the purpose of detecting and identifying nuclear explosions.
A US Air Force aircraft designed to ‘sniff out’ radioactivity associated with the use of nuclear weapons has arrived in the UK.
WC-135W Constant Phoenix landed at RAF Mildenhall for a rare visit on British soil – with the ‘sniffer’ only visiting Europe twice in the last decade, once in 2017, and again in 2020.
The special-purpose aircraft is tasked with testing the atmosphere for evidence of nuclear explosions. It does this using its onboard atmospheric collection suite, which allows the mission crew to detect radioactive ‘clouds’ in real-time. (Source: forces.net)
03 Feb 22. Realignment of Responsibility for Cybersecurity Maturity Model Certification (CMMC) Program. On Feb. 2, Deputy Secretary of Defense Kathleen H. Hicks directed the realignment of responsibility for the Cybersecurity Maturity Model Certification (CMMC) program. With this directive, the responsibility for the program transitions from the USD(A&S) to the DoD CIO. This realignment will also move the team of six DoD civilians, with contract support, responsible for administering the program, from USD(A&S) to DoD CIO.
“I’d like to highlight the great work by A&S to establish the CMMC program,” said Hon. John Sherman, DoD CIO. “As we realign responsibility for the program, it’s important to note that we will continue to work closely with A&S on this program. The CMMC team, led by Stacy Bostjanick, will be aligned under the Deputy CIO for Cybersecurity to increase the program’s integration with other Defense Industrial Base Cybersecurity programs. We are moving out in the coming weeks on the rulemaking process and look forward to continuing critical collaboration with industry stakeholders.”
The Department has taken this action to consolidate industry-related cybersecurity programs under common leadership and direction to enable increased synergy and collaboration across the Defense Industrial Base (DIB) Cybersecurity programs.
In the coming weeks, the CIO will begin submitting proposed changes to the Defense Federal Acquisition Regulation Supplement (DFARS) rule-making process to ensure maximum collaboration on these requirements.
For more on how CMMC 2.0 differs from its predecessor changes, visit https://www.acq.osd.mil/cmmc/index.html. (Source: US DoD)
03 Feb 22. General Atomics Aeronautical Systems, Inc. (GA-ASI) successfully tested advanced datalink capability as part of a U.S. Army-funded development effort to upgrade the MQ-1C Gray Eagle Extended Range (GE-ER) Unmanned Aircraft System (UAS).
During the December tests, the joint U.S. Army and GA-ASI ground demonstration showed the ability of GE-ER to maintain link and support high bandwidth data rates with Geostationary Earth Orbit (GEO) Ku/Ka band satellites and Medium Earth Orbit (MEO) Ka band satellites with common hardware and software. This allows the modernized GE-ER to conduct uninterrupted flight operations over multiple satellite constellations to support continuous operations in contested environments.
“Extensive use of Modular Open Systems Approach (MOSA) principles, along with Model Based Systems Engineering (MBSE), made this capability possible,” said GA-ASI Vice President of Army Programs Don Cattell. “Together with our U.S. Army teammates, we’re making important progress in preparing GE-ER for successful operations in contested environments. Completion of the GE-ER modernization will enable mission success for the Army’s highest priority capabilities.”
Advanced waveform capabilities were also tested during this event. Satellite constellation diversity combined with multiple line-of-sight options for interfacing with the modernized GE-ER provides resilient and robust communications with supported maneuver units and manned aviation assets.
Flight testing of the modernized GE-ER system is scheduled for fourth quarter 2022.
03 Feb 22. The Russian Army has deployed electronic warfare systems to Kazakhstan. Russian troops were sent to the country on 6th January. They were requested by Kazakhstan’s President Kassym-Jomart Tokayev. The troops were deployed under the auspices of the Collective Security Treaty Organisation (CSTO). The CSTO is a military alliance comprising Armenia, Belarus, Kazakhstan, Kyrgyzstan, Russia and Tajikistan. The deployment occurred amidst rising civil unrest. Protests erupted on 2nd January following an increase in gas prices. Reports said that Russian Army assets deployed to Kazakhstan included Special Technological Centre RB-341V Leer-3 jamming systems. As Armada has reported in the past the RB-341V can detect and jam communications. These include GSM (Global System for Mobile Communications) protocols. GSM frequencies inhabit wavebands of 900MHz to 1.9GHz. The deployment of the RB-341V indicates that Russian forces maybe assisting the Kazakh government in jamming protesters’ cellphone communications. This seems to suggest that the Kazakh armed forces lack this specific capability. The RB-341V may also be used to detect and track individual protesters and persons of interest based on their cellphone transmissions. (Source: Armada)
03 Feb 22. The menadefense.net website reported in early January that the Algerian Army has taken delivery of new ELINC/CEIC LDK-190 electronic attack apparatus. Reports did not reveal how many of these vehicle-mounted systems have been delivered. Open sources say that the LDK-190 covers frequencies of 500MHz up to 40GHz. This indicates that the system has been acquired primarily to attack radars alongside UHF radio and Satellite Communications (SATCOM). A plethora of emitters could be held at risk by the LDK-190. These include radars transmitting in L-band (1.215GHz to 1.4GHz), S-band, C-band (5.25GHz to 5.925GHz) and X-band (8.5GHz to 10.68GHz). SATCOM transmissions in similar frequencies may also be targeted by the LDK-190. Sources continued that the jammer could have a range of circa 324 nautical miles/nm (600 kilometres/km) and produce up to 500 kilowatts of effective radiated power. This refers to the power of the jamming signal at the LDK-190’ antenna and not the amount reaching the target, which invariably diminishes with range. No further details were made public regarding how many LDK-190s have been acquired by the army, nor the units they deploy with. (Source: Armada)
03 Feb 22. It was reported in late December that the TKK had received its first ASELSAN ILGAR ground-based electronic warfare system. ILGAR is designed to electronically attack hostile communications. Although not specified, this probably means the system can target emitters on frequencies of circa 30 megahertz up to five gigahertz. This will allow ILGAR to attack Very/Ultra-High Frequency (V/UHF) emitters. High frequency (three to 30MHz) threats are the target of the TKK’s ASELSAN SANCAK communications jammer. (Source: Armada)
03 Feb 22. A social media post by Professor Ismail Demir head of Turkey’s presidency of defence industries revealed that new EW systems have entered service with the Turkish armed forces. To this end ASELSAN’s VURAL system is believed to have been delivered to the Türk Kara Kuvvetleri (TKK/Turkish Army). Reports state that VURAL is a radar electronic attack system. It has been developed using ASELSAN’s KORAL radar jammer. As Armada has previously reported, the latter can engage radars transmitting in S-band (2.3GHz to 2.5GHz/2.7GHz to 3.7GHz) up to Ka-band (33.4GHz to 36GHz). KORAL is in service with the Türk Hava Kuvvetleri (Turkish Air Force) and has also been exported to Morocco. The system is thought to be used to attack airborne radars. VURAL, which equips the TKK, maybe optimised to attack ground-based radars. This could include ground-based air surveillance, weapons locating and ground surveillance radars. (Source: Armada)
03 Feb 22. In late 2021 Qorvo announced the introduction of three new wideband power amplifiers. A company press release said these products cover a one gigahertz/GHz to 40GHz frequency range. Mooted applications include electronic warfare and radar. The trio of products includes the Qorvo QPA0106, QPA2966D and QPA2640D power amplifiers. The first provides 18 watts of saturated power over a one gigahertz to six gigahertz frequency range. The QPA2966D delivers 20 watts of saturated power on wavebands of two to 20GHz. Finally, the QPA2640D produces eight watts of saturated power covering wavebands of 20GHz to 40GHz. All are built using Gallium Nitride technology. They have been optimised to reduce size, weight and power consumption, according to the press release. (Source: Armada)
03 Feb 22. UK Signal, Manoeuvre. The British Army is due to receive a new EW unit in the form of the 21st Signal Regiment. This will be re-rolled from its current signals responsibilities. It will form part of the army’s new CEMA group. More details come to light on the British Army’s future cyber and electromagnetic activities posture. The British Army’s Future Soldier Guide was published in late November 2021. It is a by-product of two recent British Government documents. The first, Global Britain in a Competitive Age, was published in March 2021. It outlined the United Kingdom’s foreign policy and defence priorities in the wake of her departure from the European Union. The same month the government published Defence in a Competitive Age. This outlined the UK’s defence procurement priorities for the goals outlined in the Global Britain publication.
In its own words, the Future Soldier initiative “is about delivering a modern British Army that is fit for the challenges of the future.” This focuses on improving the army’s lethal, agile and expeditionary attributes across the spectrum of operations. These include peace, war and so-called ‘grey zone’ operations betwixt the two.
The Future Soldier Guide says the army will enjoy a 100 percent increase in its Electronic Warfare (EW) capabilities. What this means in practice is that a new electronic warfare and signals intelligence unit will be added to the manoeuvre force, a UK Ministry of Defence (MOD) source told Armada.
21st Signal Regiment
The new unit will be raised by re-rolling the army’s 21st Signal Regiment. This formation is based in Colerne, western England. According to official MOD information, the regiment is responsible for tactical, operational and strategic communications. Other responsibilities include the deployment of wide area networks and information systems. It comprises 215 Signal Squadron which supports brigade headquarters, 220 Signal Squadron assisting brigade elements and a support squadron. The re-rolling of the unit for its new electronic warfare tasks should occur by 2024, according to the MOD source.
The 21st Signal Regiment will form part of a new British Army Cyber and Electromagnetic Activities (CEMA) group. “The timetable to establish the CEMA group is still being finalised,” the source continued. Once activated, the group will be headquartered in Andover, southeast England. In 2018 the MOD published its CEMA doctrine. This prescribed the deeper coalescence of cyber and EW capabilities across the British military.
The army’s current EW unit is the 14th Signal Regiment headquartered at Cawdor Barracks, south Wales. By 2028, both the 14th and 21st Signal Regiments will have moved to Innsworth, central England. These two regiments will be joined by the new 13th Signal Regiment responsible for cyber operations. All three will form the CEMA group. In turn, the CEMA group “will be part of Land Operations Command” in the Field Army Headquarters the source said. The Field Army is responsible for generating and preparing units to support operations. Parts or all of the CEMA group will be made available to the army’s manoeuvre force as and when required the source continued.
Deep Effects
At the doctrinal level, the army is to shift from close battle to deep effects. This will be achieved by combining kinetic and non-kinetic capabilities to deliver effects at ranges of up to 499 kilometres (310 miles). The guide has set a target date of 2024 for this to become reality.
The bedrock of the army’s manoeuvre force will be the 3rd (UK) Division which will house the armoured force. This division will be supported by light forces in the army’s 1st (UK) Division and 6th (UK) Division. The latter houses the army’s unconventional warfare assets, including its EW elements. These three divisions will provide the constituent parts of the planned Brigade Combat Teams (BCTs) constituting the army’s deployable manoeuvre force. The army will have five BCTs. two (12th and 20th BCTs) will be built around armoured elements. Lighter forces will include the 7th Light Mechanised BCT and the 4th Light BCT. These will be supplemented by a Deep Reconnaissance Strike BCT.
As Armada has recently reported, plans are afoot to introduce new EW capabilities across the manoeuvre force. This includes the acquisition of eleven ARTEC Boxer wheeled armoured fighting vehicles configured to support electronic warfare. Although not confirmed by the MOD, it seems certain that the new vehicles will be deployed with the EW regiments in the CEMA group. (Source: Armada)
01 Feb 22. Ukraine seeks closer ties with NATO on cyber defense. Ukrainian government officials want closer collaboration with NATO’s cyber center of excellence, even after center overseers denied Kyiv a formal membership status last year. The request, and news of its rejection, comes as Ukraine faces potential Russian cyber attacks that Western officials believe would likely accompany a large-scale invasion. The Russian government has denied having such plans, though Moscow has declined to move back a buildup of 100,000-plus troops from the border unless the alliance closes the door to an eventual Ukrainian NATO membership.
Ukraine has found Estonia, which hosts the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) at the capital of Tallinn, to be a key collaborator on cyber defense matters. The Estonians have worked to facilitate ties between the alliance and Kyiv even outside of center channels, with experts from both countries meeting in January amid the growing crisis.
“The parties discussed the organization and overall state of Ukraine’s national cyber security, including the recent large-scale cyber-attacks against Ukraine and their impact on the current security situation,” the Estonian Ministry of Defence wrote in a statement last week.
“Estonia is ready to send cyber specialists to Ukraine to further develop this exchange,” added Margus Matt, undersecretary of cyber matters at the ministry. “By supporting Ukraine, we are also strengthening our own defence posture.”
Alliance leaders have said they support Ukraine as it faces cyber threats from Russia. A Jan. 25 NATO statement quotes Deputy Secretary-General Mircea Geoană as saying the alliance had been working with Ukraine “for years to increase its cyber defenses, and will continue to do so at pace.”
That support has yet to translate into granting Ukraine a formal role in the cyber center, which is possible for non-alliance countries through a so-called “contributing participant” role. The center’s website lists Austria, Switzerland, Sweden and Finland as contributing participants.
Ukraine submitted a request to attain that status last summer.
“Membership in the organization will provide Ukraine with the opportunity to exchange experience in detecting and countering modern cyber threats, developing skills in joint response to cyber attacks and conducting defense and deterrence operations in cyberspace,” Natalia Tkachuk, chief of the Information Security Office at the National Security and Defense Council, told news agency Ukrinform at the time. “Ukraine will have access to the latest research and development conducted by CCDCOE. All this will allow more effective countering Russia’s hybrid threats.”
Affiliation with the NATO center would constitute “another important step” in Kyiv’s aspirations to become a member of the Western alliance, she added.
At a steering committee meeting last November, however, member nations were “not unanimous in their approval,” the center’s director, Estonian Air Force Col. Jaak Tarien, told Defense News. A spokesperson for the center declined to detail the vote results, citing confidentiality rules.
“While currently there is no consensus on the membership of Ukraine to CCDCOE, this is not the end state,” he added. “CCDCOE member nations are actively seeking to build the necessary consensus in the near future.
Tarien said additional cooperation with Ukraine would be “useful for both sides,” noting how Ukrainian officials had previously participated in courses and exercises. “Right now the CCDCOE is mapping out new possible cooperation areas with Ukraine, since Ukraine has unique experience in combating hybrid threats. Sharing it will help to improve both the knowledge and readiness to face such threats in each Member State of CCDCOE individually and in NATO as a whole,” he added. (Source: Defense News)
01 Feb 22. U.S. NIAP Protection Profile 4.0. Black Box, an industry-leading provider of IT connectivity solutions, today announced that the company’s new range of Cybersecure KVM Switches has received full certification for the latest U.S. government-approved NIAP Protection Profile (PP) for Peripheral Sharing Device Version 4.0 (PP_PSD_V4.0). This new Black Box product line provides enhanced security against potential data leakage and hacking in applications including military and defense, government, utilities, healthcare, transportation and banking and finance.
Receiving certification under the strict U.S. NIAP PP 4.0 scheme, the Black Box KVM switches offer exceptional protection. Built with true data-path isolation between systems and networks, devices in the newly certified line of Black Box KVM switches help prevent hardware tampering and safeguard the network from accidental transfer, unauthorized access or compromise of critical data. As users control multiple computers through a single keyboard, mouse and up to four video displays, air gap isolation maintains information assurance-certified separation between systems of multiple classification levels.
Switches in the NIAP PP 4.0-certified product line from Black Box offer filters and the data detection and protection features needed to ensure the security of information sent between the PC and peripherals. They enable reliable protection of vulnerable peripherals shared by classified or secure networks while preventing threats from connections with unauthorized or untrusted peripheral devices.
A full range of Black Box KVM switches has earned NIAP PP 4.0 certification. Two-, four- and eight-port Cybersecure KVM switches are available with DisplayPort, HDMI or DVI video, with or without CAC support. Users can control up to eight isolated systems from one keyboard and mouse, saving desktop space while realizing improved situational awareness and operator response times. The KVM 4K quad multiviewer with four ports enables users to view all four sources on a single screen and to see and respond more quickly to any issues. The HDMI, DisplayPort and DVI KVM Defender switches make it easy for users to isolate a single system or device.
Black Box has enhanced its desktop KVM switches with Flexport technology, introducing high-density video ports that can accept both HDMI, DisplayPort and DVI. Eliminating the need to buy a new switch when changing from one video format to another, this flexibility makes the Black Box switches a future-proof investment.
“Our NIAP PP 4.0-certified devices offer best-in-class functionality, plus compliance with the industry’s most stringent U.S. security scheme,” said David Isola, product manager at Black Box. “When they invest in these Black Box KVM switches, users can be confident that they are deploying products that meet the latest government requirements and provide the performance and flexibility essential in mission-critical connectivity solutions.”
All devices in the newly NIAP PP 4.0-certified Black Box KVM switch product line are made in the USA and fully TAA compliant.
01 Feb 22. Cybereason Identifies New Malware Variants Used in Global Iranian Espionage Campaigns. Newly discovered StrifeWater RAT and PowerLess Backdoor highlight recent uptick in Iranian cyber offensive operations. Cybereason, the XDR company, today announced that it has discovered previously unidentified malware variants being leveraged in two separate Iranian state-sponsored cyberespionage operations targeting a wide range of organisations in multiple global regions. One of the malicious operations is deploying ransomware against targets following data exfiltration in order to inflict damage to systems as well as to hamper forensic investigations, and the other showed a connection to the recently documented Memento ransomware. This research closely follows an announcement by U.S. Cyber Command’s Cyber National Mission Force (CNMF) regarding multiple open-source tools being abused by Iranian threat actors, with Cybereason researchers having similarly observed open-source tools abused in both of the Iranian attack campaigns investigated.
The StrifeWater RAT Report
Cybereason researchers discovered a previously undocumented remote access trojan (RAT) dubbed StrifeWater that the company attributes to Iranian threat actor Moses Staff. This APT has been observed targeting organisations in the US, Israel, India, Germany, Italy, United Arab Emirates, Chile and Turkey in order to further the geopolitical goals of the Iranian regime. After infiltrating an organisation and exfiltrating sensitive data, the attackers deploy destructive ransomware to cause operational disruptions and make the task of forensic investigation more difficult.
Key Findings
- Novel Remote Access Trojan (RAT): The previously undocumented StrifeWater RAT is used in the initial phase of infection and is later replaced with other tools, a tactic likely used to allow the malware to remain undiscovered until now.
- Various Functionality: The StrifeWater RAT capabilities include: listing system files, executing system commands, taking screen captures, creating persistence and downloading updates and auxiliary modules.
- State-Sponsored Ransomware: Moses Staff employs ransomware post-exfiltration–not for financial gain, but to disrupt operations, obfuscate espionage activity, and to inflict damage to systems to advance Iran’s geopolitical goals.
- Full Report: StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations
The PowerLess Backdoor Report
Cybereason researchers discovered a new set of tools developed by the Phosphorus group (AKA Charming Kitten, APT35) that includes a novel PowerShell-based backdoor dubbed PowerLess. Cybereason also observed an IP address used in the attacks that was previously identified as part of the command and control (C2) for the recently documented Memento ransomware. Phosphorus is known for attacking medical and academic research organisations, human rights activists, the media sector, for exploiting known Microsoft Exchange Server vulnerabilities and for attempting to interfere with US elections.
Key Findings
- Novel PowerShell Backdoor: The previously undocumented backdoor PowerLess includes additional payloads including a keylogger and an info stealer.
- Evasive PowerShell Execution: The PowerShell code runs in the context of a .NET application so it does not launch “powershell.exe” which enables it to evade security products.
- Modular Malware: The toolset analysed includes extremely modular, multi-staged malware that decrypts and deploys additional payloads in several stages for the sake of both stealth and efficacy.
- Shared IOCs with Memento Ransomware: One of the IP addresses serves a domain which is being used as command and control (C2) for the recently discovered Memento Ransomware.
- Use of Publicly Available Exploits: The Phosphorus Group has been observed exploiting vulnerabilities in Microsoft Exchange (ProxyShell) and Log4j (Log4Shell).
- Full Report: PowerLess Trojan: Iranian APT Phosphorus Adds Novel PowerShell Backdoor for Espionage
“These campaigns highlight the blurred line between nation-state and cybercrime threat actors, where ransomware gangs are more often employing APT-like tactics to infiltrate as much of a targeted network as possible without being detected, and APTs leveraging cybercrime tools like ransomware to distract, destroy and ultimately cover their tracks,” said Cybereason co-founder and CEO Lior Div. “For Defenders, there is no longer a significant distinction between nation-state adversaries and sophisticated cybercriminal operations. That’s why it is crucial for us as Defenders to collectively improve our detection and prevention capabilities if we are going to keep pace with these evolving threats.”
31 Jan 22. RF SAMPO project strengthens Finland’s competitiveness in radio technologies. A consortium of major industrial and academic stakeholders led by Nokia and coordinated by the University of Oulu will start a massive project aiming to speed up the development of RF and antenna technologies and accelerate the transition from 5G to 6G. Through technological development, the project contributes to the creation of new jobs and new business opportunities.
RF Sampo is the lead ecosystem project for the theme Optimized Antenna Technology under Nokia Veturi program. Partners of this industrial co-creation project funded by Business Finland include at the moment nine companies and three research organizations: Nokia, Flex, Bittium, Optenni, Keysight Technologies, SAAB, Senfit, Okmetic, ExcellAnt, University of Oulu, Aalto University and VTT. Overall budget is 14m euros.
Ensuring Growth
In the 5G value chain, RF technology addresses infrastructure and devices and facilitates 5G ecosystem cycle growth. Radio technologies provide the access to the frequency spectrum which is the most valuable resource for wireless business. That access needs to be as efficient as possible in terms of resource and energy use but also to be commercially competitive and to support the rapid pace of new product introduction.
The growth potential for RF technology companies arises from increasing need for wireless devices and also from innovations linked to new disruptive technologies. New frequency bands (mmWave and Tera-Hz frequencies), massive-MIMO and antenna array technologies and applying AI/ML have been identified as example of new disruptive technologies. In addition, new business opportunities arise from the fact that radio networks are sold directly to enterprise customers for example in the industrial segment. Industrial 5G is one of the fastest-growing markets in wireless communications.
“Finland has a strong tradition in radio technologies which is in the core of wireless systems. RF Sampo targets strengthening Finland´s competitiveness in radio technologies while moving beyond industrial 5G and toward 6G. RF Sampo includes the development of radio subsystems, components, and algorithms. It also addresses the development of the ways of working that enable taking innovations into use faster, for example, by more efficient simulation and modelling methodologies. Solving challenges of more and more complex wireless systems calls for close R&D collaboration between companies and research organizations – to enlarge and renew the knowledge base and innovation capacity in Finland,” says the Industrial lead of the project, M.Sc. Saila Tammelin from Nokia.
Mastering Future Technologies Comprehensively
As modern radio solutions and networks are becoming more complex, RF SAMPO wants to address ways of managing this complexity in comprehensive way.
The RF Sampo project will enhance future radio platform design by introducing a modelling concept supporting the design of complex wireless solutions. The project will investigate new RF solutions for 5G and 6G including antenna structures, integrated circuits, RF related architectures and algorithms. The RF Sampo project develops new competences, which help the project partners to realize the business potential in various 5G application areas.
“This project focuses on the most relevant core technologies in the field and can take a deep dive into many relevant details for future communications and sensing as well as a high-level synthesis from technologies to products and future applications. Both system architecture modelling and underlying key technologies are absolutely needed to maintain the high quality and enable the wireless industry’s growth and research in the core industrial segment for Finland. I’m happy to see the vital ecosystem working together with key players from academia to industry”, says the Project coordinator, professor Aarno Pärssinen from the University of Oulu.
27 Jan 22. Rafael outlines Fire Weaver demonstration plans, completes system integration. Rafael’s Fire Weaver target acquisition and engagement system is set for several demonstrations with armed forces around the world, a company spokesperson revealed to Janes at the International Armoured Vehicles 2022 conference in London. Since 2019 the system has been demonstrated to the Israel Defense Forces (IDF) and the German Federal Office of Bundeswehr Equipment, Information Technology and In-Service Support (BAAINBw) as part of its ‘Transparent Battlefield’ study to support research aimed at bolstering situational awareness across the battlefield. The IDF acquired the system in early 2020 and will field it across five brigades in around a year’s time. The spokesperson said that Dutch forces expressed considerable interest in Fire Weaver at DSEI 2021, and that they had attended the ‘Transparent Battlefield’ event, adding that Rafael will demonstrate the system to the Netherlands Special Operations Forces and the Netherlands Marine Corps in 2022. Rafael also intends to demonstrate Fire Weaver to US forces and an undisclosed country in Asia. (Source: Janes)
————————————————————————-
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.
————————————————————————-