Sponsored by Spectra Group
10 Feb 22. Australia, UK, US release joint cyber security advisory.
The nations have published a joint cyber security advisory, outlining recommendations to shore up cyber defences.
In collaboration with counterparts in the United Kingdom and the United States, the Australian Cyber Security Centre (ACSC) has released an advisory, flagging risks associated with an increase in sophisticated, high impact ransomware attacks directed at organisations, including critical infrastructure.
The publication – developed by ACSC, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) – outlines recommendations for bolstering cyber defences.
- Keeping all operating systems and software up to date
- Securing and monitoring RDP or other potentially risky services
- Implementing a user training program and phishing exercises
- Increasing the use of multifactor identification
- Requiring all accounts with password logins (e.g. service account, admin accounts and domain admin accounts) to have strong, unique passwords.
“Australia is one of the most secure places to connect online, yet this advisory warns us that we cannot be complacent,” Assistant Minister for Defence Andrew Hastie said.
“We need to be vigilant in updating devices and securing our networks, our businesses and homes.”
Assistant Minister Hastie added that the spike in malicious cyber activity has coincided with shift in the technological landscape off the back of the COVID-19 pandemic, with state-sponsored actors looking to exploit transitional vulnerabilities.
“We are seeing that playing out with authoritarian governments threatening conflict to achieve political aims – the rise of cyber crime and grey zone tactics like ransomware attacks are now a feature of our current security landscape,” he said.
According to the 2021 ACSC Annual Cyber Threat Report, ransomware remains the most serious cyber crime threat, given the financial burden such attacks impose.
Ransomware-related cyber crime reports to the ACSC surged 15 per cent in the 2020-21 financial year.
As such, the Commonwealth government is looking to leverage the technology sharing arrangement established under the AUKUS pact to shore-up cyber security.
“Together with our AUKUS partners, our respective cyber agencies are striking back at the cyber criminals who are seeking to employ ransomware and extort individuals, businesses and governments in our nations – this joint advisory highlights our mutual concern and commitment to tackle this scourge,” Assistant Minister Hastie said.
The release of the advisory comes just weeks after Australian Minister for Foreign Affairs Marise Payne and UK Secretary of State for Foreign, Commonwealth and Development Affairs Elizabeth Truss signed a Cyber and Critical Technology Partnership, aimed at shaping a positive technology environment. As part of the agreement, the nations have pledged to intensify cooperation and delivery of shared opportunities and challenges across the cyber and critical technology policy. (Source: https://www.cybersecurityconnect.com.au/)
09 Feb 22. US Army network modernization sets the stage for JADC2. The U.S. Army’s incremental approach to network modernization is producing results, inching the service closer to the Pentagon’s vision of being able to connect sensors and shooters across the force.
The Army has adopted a multiyear strategy involving the incremental development and delivery of new capabilities to its integrated tactical network. Those “capability sets” now provide technologies to units every two years, each building upon the previous delivery. Capability Set ‘21 was primarily designed for infantry brigades; Capability Set ‘23 is focused on Stryker brigades, and Capability Set ‘25 is focused on armored brigades.
Officials said Capability Set ‘23 begins to set the foundations for the Pentagon’s new concept — Joint All-Domain Command and Control — which seeks to seamlessly connect sensors and shooters to share information across services and domains while enabling faster decision-making.
Features and capabilities that are being added to this iteration of the network set the stage for enhanced situational awareness, greater tracking of troops on the battlefield, better transport of data – secure but unclassified, secret and top secret – from the tactical edge to the command post, and the automatic transition of communications pathways referred to as PACE, or primary, alternate, contingency and emergency.
The latter is an important component of military communications capabilities officials have discussed for several years, equating it to the way cell phones seamlessly transition from WI-FI to cellular network when the user leaves their home without any action taken by the user. In the field, this means that if a vehicle or system’s connection to its primary form of communication is unsuccessful for whatever reason, it will automatically switch over to the next available communication pathway. This allows the soldiers to be much more mobile and focused on their mission rather than having to be constantly fiddling with buttons to get on the right radio or waveform. In addition, soldiers can now turn the radios in their vehicle off to conserve power, connecting to the WI-FI in their Stryker as they transit from one place to another.
While Capability Set ‘21 provided units a level of situational awareness on the battlefield not previously realized, Capability Set ‘23 provides the first mounted and dismounted situational awareness capability, providing a common operational picture and mobile command posts that significantly improve the understanding of troop locations on the battlefield. It is also the first time that the command post can connect via line-of-sight to other platforms and automatically switch to satellite communications if that link is broken.
The command vehicle, a Stryker where the battalion or brigade commander resides, has a variety of situational awareness tools to see their troops on the battlefield.
Additionally, a new revolutionary tool is being introduced to the network that allows dismounted soldiers to call for fires. Previously, soldiers would have to use a mounted tool, and there was a lot of human input and verification prior to issuing a fire to ensure there weren’t any friendly soldiers in the area. With Precision Fire-Dismounted, soldiers can plan targets and send information back through the network that tracks their exact location, making the process faster, more seamless and leading to less friendly fire.
“I would argue this is the first real step towards a true JADC2 environment that we’re getting after here,” said Col. Gregory Napoli, the unified network lead for the Network-Cross Functional Team.
When it comes to sharing this common operational picture with other services, officials said they need a data fabric, which is not a single solution, but a federated environment that allows information-sharing among various forces and echelons. While the other services won’t have the same exact systems as the Army, as long as the data can be shared over networks they can attack the same targets. Officials said this is what the Army has sought to do with Project Convergence.
Officials also explained they are now beginning to fold in electronic warfare and intelligence systems into the Army’s network as part of Capability Set ‘23. That includes the forthcoming Terrestrial Layer System, the Army’s first integrated electronic warfare, signals intelligence and cyber platform mounted to a Stryker;
It also includes the Electronic Warfare Planning and Management Tool, or EWPMNT, a software interface that serves as a command-and-control planning capability, allowing forces to visualize the potential effects of electronic warfare in the field and chart courses of action to prevent jammed capabilities. While the Army initially expected EWPMT to reside in a command post, officials realized they needed that capability inside the vehicle to process data at the edge.
“The key thing you’re getting here that we didn’t have before is you’re getting real time data from the soldier, from the platform, back to the command post,” said Kenneth Strayer, project manager for electronic warfare and cyber within Program Executive Office for Intelligence, Electronic Warfare and Sensors. “In the old days, even if you collected data, you’d have to manually move it from the soldier to the platform, manually move it from the platform to the command post. The ability of the commander to see this in near real time is the greatest advantage.”
Commanders will now be able to plan and visualize what they previously couldn’t see and to better understand how communications could be jammed.
And given that TLS is both an electronic warfare and a signals intelligence platform, it needs to work with data at both the secret and top secret classification levels. In the past, the Army has relied on an intelligence network to move that data, which presented a number of challenges.
“We relied on the intel network and it’s worked for us, but it’s a single network, single point of failure for us with limited bandwidth and the ability to move that data off that network is really impossible,” Strayer said.
Now, the Army has created a PACE plan for that data by linking it to the Army’s overall battlefield network. This requires what officials call “colorless transport” which means data of all classifications can flow over the network with proper automated controls to ensure the right people are seeing the data.
Adding these tools will require more bandwidth, and the Army is working with network management tools to prioritize what information is sent at what time.
“In a certain part of the mission, they may want to prioritize some of those intel and electronic warfare resources. You start to capture some of those demands on the network, now you can help our communicators, our signaleers, work with the commander to prioritize those,” said Maj. Gen. Robert Collins, program executive officer for command, control, communications-tactical.
This intelligence and sensor data will now be able to feed into a true common operational picture, officials explained, further contributing to the notion of JADC2 and multi-domain operations. This level of data integration has not occurred before. Now, commanders will be able to have a more holistic picture of the battlespace. (Source: C4ISR & Networks)
09 Feb 22. Black Sage’s Sawtooth™ CUAS Mesh Network Demonstration at DiDEX 3. Following Black Sage’s selection to participate in the US Army’s Defense-in-Depth-Experiment 3 (DiDEX), the company showcased its Sawtooth™ Mesh Network to the US Army and other military organizations. Black Sage’s Sawtooth™ Mesh Network is ideal to meet the unique challenges posed by UAS threats in dense urban environments. The US Army’s DiDEX 3 event provided a rare opportunity to demonstrate Counter UAS systems in a real urban environment. The Sawtooth™ Mesh Network’s capability to integrate Counter UAS sensors and effectors deployed at numerous locations into a unified mesh network addresses the myriad of obstacles present in a dense urban environment, such as urban canyons and complex line-of-sight challenges.
“Without a mesh network capability, it is impossible to provide Counter UAS protection in urban environments,” said Trent Morrow, Black Sage’s Chief Strategy Officer. “Our Sawtooth™ Mesh Network comprises sensors and effectors mounted on quad-pods at different locations with user friendly threat management software displayed on a computer. This complex system transforms into a simple solution allowing for easy, rapid deployment and operation.”
Black Sage’s DefenseOS® threat management software platform and Sawtooth™ modular hardware platform are the cornerstones upon which the Sawtooth™ Mesh Network has been developed. The company’s open architecture software and hardware platforms deliver an automated, end-to-end Counter UAS system, including AI, automated target recognition and threat evaluation, ISR functionality, and kinetic and non-kinetic effectors. These features were on full display at DiDEX 3.
“Our knowledgeable and experienced in-the-field team gathers invaluable customer feedback at CUAS demonstration and evaluation events, such as DiDEX 3,” stated Marshall Minder, Black Sage’s Director of Innovations. “Black Sage utilizes this feedback as we continuously improve the automation and effectiveness of our state-of-the-art Counter UAS systems.”
A key element of the demonstration was Black Sage’s data fusion capability. Instead of a confusing Common Operating Picture (COP) showing detections and tracks in relation to multiple sensor locations, Black Sage’s Sawtooth™ Mesh Network fuses data from all sensor locations and presents detections and tracks in relation to a single location selected by the operator.
For example, if a customer is looking to protect a senior government official standing at a podium outdoors in an urban environment, the customer will require that all detection and track data gathered from different sensor locations should correspond to the official’s location. Black Sage’s Sawtooth™ Mesh Network fuses the data from different sensor “nodes” to meet this requirement.
About Black Sage
Black Sage develops and integrates state-of-the-art counter unmanned aircraft systems serving military, internal security, and critical infrastructure protection missions. Black Sage’s DefenseOS® threat management software platform combined with our Sawtooth™ modular sensor and effector platform deliver user-friendly automation, AI target discrimination and threat evaluation, mesh network capability, and systems of systems integration. In the process to continuously improve our innovative Counter UAS systems, Black Sage has utilized the company’s urban, expeditionary, and remote testing facilities to evaluate over 50 sensors and effectors. (Source: PR Newswire)
09 Feb 22. Elettronica’s innovative ground-breaking technology at the Singapore Air Show 2022. Elettronica counters sophisticated threats with innovative, ground-breaking technology. Advanced air defence systems are proliferating throughout the Asia-Pacific region. Countries are investing in this technology to enhance their Anti-Access/Area Denial (A2AD) strategies. These air defence systems pose a grave danger to military aircraft. Elettronica’s state-of-the-art self-protection capabilities ensure aircraft can fly safely and perform their missions even in high threat environments. It is not only fighter planes which need protecting, supporting aircraft need similar provision. Large, wide-body military aircraft like tankers and rotary wing aviation need robust safeguards against advanced air defence systems which may have ranges of hundreds of kilometres. Elettronica’s Self-Protection Suite (SPS) protects all types of aircraft. Not only is the SPS configured to detect and counter radar threats it performs similar tasks against optically guided weapons.
At the heart of the SPS is its flexible design. The SPS uses Modular Open Systems Architecture (MOSA). This makes it scalable according to customer needs and aircraft type. The system easily accommodates a wide range of self-protection systems. These include laser, missile and radar warning systems, chaff and flare launchers, jammers and directional infra-red countermeasures. All these systems can be controlled from a central electronic warfare manager.
Elettronica’s self-protection suite is trusted by air forces, armies and navies around the world. The SPS protects a wide selection of aircraft from helicopters to fast jets and transport planes. Its constituent parts are the result of over 70 years of the company’s leadership and continuous innovation in the electronic warfare domain. Elettronica is proud to exhibit at this year’s Singapore Air Show. The company brings its diverse portfolio of electromagnetic spectrum operations capabilities, expertise and services to the event. To find out more about the SPS and our other technologies, please visit our stand B-H54.
08 Feb 22. Northrop Grumman and Kratos Demonstration Brings JADC2 Connectivity to Life. Northrop Grumman Corporation (NYSE: NOC) demonstrated open architecture communications capabilities that will help the Department of Defense (DOD) realize its vision of information advantage and decision superiority for Joint All Domain Command and Control (JADC2). In two recent U.S. Air Force demonstrations, Northrop Grumman partnered with Kratos Defense & Security Solutions, Inc. (NASDAQ:KTOS) to showcase how its Software Programmable Open Mission System Compliant (SPOC) solution can successfully operate simultaneous waveforms with an Open Mission Systems (OMS) interface—an industry first. These demonstrations validated that Kratos and other third-party industry providers can leverage Northrop Grumman’s open software development kit to drastically reduce integration timelines and incorporate new capabilities that will help enable JADC2. The SPOC radio terminal also demonstrated on-the-fly reprogramming capability by replacing one waveform with another, and demonstrated common and stealth communications functions in a live over-the-air test.
“This technology can significantly enhance warfighter situational awareness, speed up data-to-decision timelines and enable rapid technology insertion from third-party providers,” said Jenna Paukstis, vice president, communications solutions, Northrop Grumman. “Our SPOC solution will create an affordable path to curate functions needed for JADC2 operations, and provides a new offering that will allow the DOD to easily and securely share information across military branches.”
Northrop Grumman’s SPOC solution provides the Air Force with an open architecture, advanced connectivity capability that is designed to address near-term JADC2 mission needs. The company’s SPOC solution provides simultaneous access to four radio frequency waveforms to help interconnect the joint force in JADC2 environments.
Kratos provided their industry standard BE-CDL waveforms and software-programmable tactical radios for the demonstrations. BE-CDL integration with the SPOC solution was straightforward, as was the successful demonstration of CDL interoperability between SPOC and the USG qualified Kratos’ MissionWave120 tactical radios.
“Kratos’ tactical waveforms enable the interoperability vision of JADC2 while increasing operational flexibility through software programmability. The need to rapidly develop and deploy software-defined solutions across domains in relevant timeframes will be key to mission success in the future,” said Chris Badgett, vice president of Technology, Kratos Space. “Northrop Grumman’s SPOC solution is well designed, underpinning the plug-and-play integration of open third-party waveforms such as Kratos’ library of tactical waveforms.”
Northrop Grumman was awarded a SPOC contract by the U.S. Air Force in January 2020. The company will move its SPOC solution to the next stage of development with a flight demonstration planned for next year.
Northrop Grumman’s systems, including its SPOC capabilities, will enable data as a strategic advantage across domains. The company is bringing its extensive expertise in advanced technology, software, platform integration, advanced sensors, autonomy, manned-unmanned teaming and advanced networking across all domains to support emerging JADC2 needs across the DOD and our allies.
Kratos Defense & Security Solutions, Inc. (NASDAQ:KTOS) develops and fields transformative, affordable technology, platforms and systems for United States National Security related customers, allies and commercial enterprises. Kratos is changing the way breakthrough technology for these industries are rapidly brought to market through proven commercial and venture capital backed approaches, including proactive research and streamlined development processes. At Kratos, affordability is a technology and we specialize in unmanned systems, satellite communications, cyber security/warfare, microwave electronics, missile defense, hypersonic systems, training, combat systems and next generation turbo jet and turbo fan engine development. For more information go to www.KratosDefense.com.
07 Feb 22. DOD Focused on Protecting the Defense Industrial Base From Cyber Threats. The Defense Department relies on the entrepreneurial companies and their innovative, hard-working employees in the defense industrial base, or DIB, to create capabilities for warfighters.
Through procurements from private-sector sources, the department leverages the best technologies and innovations to give service members the battlefield advantages they need to win decisively, Deputy Defense Secretary Kathleen H. Hicks said.
“DIB cybersecurity is and will remain an expanding priority for the U.S. Department of Defense. More than 220,000 companies provide value to the department’s force development, and the DIB is now facing increasingly sophisticated and well-resourced cyber-attacks that must be stopped,” she said, referring to the defense industrial base.
These cyber-attacks threaten the U.S. and the rules-based order on which the global economy relies, Hicks said. Markets cannot function effectively in an environment where adversarial countries are leveraging their national power to steal intellectual property, to sabotage commercial activity, and to threaten supply chains.
Recent examples of malicious cyber activity, such as the Colonial Pipeline ransomware attack and the SolarWinds espionage campaign, have shown that adversaries continue evolving their exploitation of cyberspace to steal sensitive information and disrupt systems, she said.
DOD has made protecting the defense industrial base from these threats a priority, David McKeown, deputy chief information officer for cybersecurity said.
Addressing the DIB, McKeown said that ”whether your company bends metal, develops capabilities, provides services or whatever its relationship with DOD, you should remain vigilant and prepare your company to defend and recover from cyber events.”
Ensuring a company can defend itself against cyberattacks starts by implementing essential cybersecurity practices, he said. ”The following 10 cybersecurity practices can go a long way to making your company cyber resilient:”
- Keep up-to-date architecture diagrams with inventories of all hardware and software to be able to respond to threats quickly.
- Patch and configure security settings on all devices and software.
- Employ active defenses for known attack vectors and stay ahead of attackers with the latest intelligence and response actions.
- Monitor network and device activity logs and look for anomalous behaviors.
- Employ multi-factor authentication because username and passwords are easily hacked.
- Employ email and browser defenses and prevention for two of the most prevalent attack vectors.
- Employ malware protection on the networks.
- Encrypt data at rest and in transit.
- Train staff to avoid and respond to suspicious events.
- Have contingency plans and exercise them. Employ backup and recovery, alternative services, emergency response/notification and other similar processes to ensure the organization can successfully respond to a cyber event.
“No two companies are alike or operate in the same way. However, these essential cybersecurity practices are a great start for any company to strengthen its cybersecurity posture,” McKeown said.
All DIB companies will be required to complete a Cybersecurity Maturity Model Certification (CMMC) (https://www.acq.osd.mil/cmmc/) which aligns with the cybersecurity requirements defined in NIST 800-171.
DOD has voluntary programs that the defense industrial base can leverage to bolster their cybersecurity posture with more rollouts planned in the future.
For more information about DOD’s threat information sharing program, the DIB CS Program, please contact or visit https://dibnet.dod.mil. (Source: US DoD)
04 Feb 22. Juniper Networks announced the newest addition to its Secure Access Service Edge (SASE) architecture, Juniper Secure Edge. The new solution delivers firewall-as-a-service (FWaaS) as a single-stack software architecture, managed by Security Director Cloud, to empower organisations to secure workforces, wherever they are. With the rise of distributed workforces, organisations are experiencing a paradigm shift in the way the network edge is secured, paving the path to brand-new, cloud-based architectures at accelerated rates. Extending security to every point of connection is crucial as these new architectures emerge and the transition begins. Juniper Secure Edge aims to provide users with fast, reliable and secure access to the applications and resources they need, ensuring a seamless end-user experience that encompasses the following key benefits:
- Unified policy management from a single UI for all security use cases. Create policies once and apply these anywhere and everywhere with unified policy management, including user- and application-based access, IPS, anti-malware and secure web access within a single policy. Unified policy from the edge through the data centre means fewer policy gaps, elimination of human error and a consistently secure environment.
- Secure user access from anywhere. Secure Edge supports the remote workforce whether employees are in the office, at home or on the road with secure user access to the applications and resources needed to do their job effectively. Security policies follow the user wherever they go, protecting the user, device and applications without having to copy over or recreate rule sets.
- Dynamic zero trust segmentation. Maintain the security of data around identity- and risk-driven policies. Secure Edge delivers consistent security policy framework with policies that automatically adapt based on new risk and attack vectors and follow the user wherever they go, providing automated access controls to employees and third-party contractors through granular policy control.
- Investment protection. Secure Edge allows organisations to leverage existing investments and seamlessly transition to a full SASE architecture at a chosen pace and provides a simpler operational experience. Juniper customers can use the physical, virtual, containerised – and now cloud-delivered – SRX firewall, completely managed by Security Director Cloud with a single-policy framework, allowing for full visibility and consistent security across both the edge and the data centre from one UI.
- Integration with any identity provider. Secure Edge allows customers to use the identity provider that works for them by integrating with leading identity providers, such as Azure AD, Okta and others, through SAML 2.0 support.
- Validated security effectiveness. Juniper provides cyber attack protection that has been validated by objective, third-party testing to be highly effective against client- and server-side exploits, malware and C2 traffic, regardless of where the users and applications are located. This includes achieving the highest security efficacy rating at 99.5 per cent from CyberRatings.org compared to leading security vendors for Enterprise Firewall, and 100 per cent effectiveness with zero false positives in ICSA Labs’ Advanced Threat Defence test in Q4 of 2021. Secure Edge delivers policies from the cloud, as a service, empowered with these proven threat prevention technologies, ensuring consistent security enforcement.
“We’re excited to take the next big leap in the SASE market with Juniper Secure Edge,” said Samantha Madrid, VP of security business and strategy at Juniper Networks.
“First, we empowered our customers to manage security anywhere, all within a single UI with Security Director Cloud.
“Now, with the introduction of Juniper Secure Edge, Juniper is enabling its customers to seamlessly secure remote workforces with consistent security policies that follow users wherever they go, all while leveraging existing investments as they transition to a cloud-delivered architecture. Secure Edge makes it easy for customers to deploy effective threat protection without breaking visibility,” Madrid said.
Moving to a SASE architecture is a journey and requires every organisation to take a thoughtful approach to this transition to remain secure. Juniper provides the strategy that meets customers on their SASE journey and enables a seamless and secure transition to a SASE architecture. Secure Edge builds upon Juniper’s Connected Security strategy while successfully converging networking and security, effectively enabling a threat-aware network from client to application both on-premises and in the cloud.
While remote workforces continue to become the norm, it’s essential to give users the most secure experience possible.
John Grady, senior analyst at Enterprise Strategy Group, explains that organisations must leverage zero trust principles to give workers secure access to the data and applications needed to do their job from anywhere.
“Juniper understands this imperative and provides organisations with the tools they need to make this a seamless migration
“With Juniper Secure Edge, IT teams can simplify their transition to a SASE architecture by leveraging the benefits of a single stack security solution with unified policy management in a single UI.
“Now, organisations really can take advantage of the operational efficiencies that a SASE architecture promises.”
Jeff Rathmann, CEO of Silo City IT, added that as workforces have become more distributed, customers demand increased scalability and consistent security without breaking the bank.
“Juniper Secure Edge managed by Security Director Cloud, allows us to meet those demands by providing best-of-breed network security, delivered from the cloud, via a consolidated solution with a single UI.
“We can more easily manage customer networks both at the edge and for the data centre and do it more effectively.”
“Our customers are happy, and we’re happy we can provide them with a great user experience,” Rathmann concluded. (Source: https://www.cybersecurityconnect.com.au/)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.