Sponsored by Spectra Group
05 May 22. China: Fresh revelation of state-backed cyber espionage reaffirms heightened IP theft threat to foreign technology. On 4 May, cyber security firm Cybereason published two reports revealing a sophisticated cyber espionage campaign by Chinese state-linked advanced persistent threat (APT) group Winnit (also known as APT41, Bronze Atlas) targeting companies in Europe, North America and East Asia. Researchers from the Boston-based company reported that the campaign, dubbed Operation CuckooBees, had been active since at least 2019. The operation exfiltrated hundreds of gigabytes of proprietary data and sensitive information from businesses in sectors such as manufacturing, defence, technology and pharmaceutical. Cybereason’s investigation highlighted APT41’s use of a multi-phased infection chain, which involves “the exploitation of internet-facing servers to deploy a web shell with the goal of conducting reconnaissance, lateral movement, and data exfiltration activities.” The threat actor has also been able to explore various vulnerabilities to infiltrate the target’s system, underscoring Winnit’s advanced capabilities. Such attacks often consist in collecting information, such as network architecture, employee emails and customer data, that can be used for future exploitation. This campaign fits the trend of Chinese cyber espionage activity whereby state-linked hackers target industries of strategic importance to Beijing, in a bid to help Chinese companies gain a competitive edge over foreign counterparts. Businesses in technology, defence and advanced manufacturing will therefore remain among the primary targets for Chinese state-linked APTs. (Source: Sibylline)
05 May 22. Dutch Fuchs Bows Out. The Koninklijke Landmacht (Dutch Army) is to acquire new Electronic Warfare (EW) vehicles, the country’s defence ministry has announced.
The plans revealed in late April call for the army’s Daimler-Benz Fuch-1A1/2 Eloka Electronic Warfare (EW) platforms to be replaced with a new system housed on the ARTEC Boxer wheeled armoured fighting vehicle. The Dutch Army has taken delivery of 200 Boxer examples.
The new EW vehicles will be destined for the army’s 102nd EW Company. This forms part of the force’s Joint Intelligence, Surveillance, Target Acquisition and Reconnaissance command. The 102nd EW Company supports the army’s 13th Light Brigade and 43rd Mechanised Brigade manoeuvre units. As Armada detailed in a previous report the Eloka vehicles entered Dutch Army service in 1991.
The 102nd EW Company has two platoons. Each has four Fuchs-1A1 vehicles. These collect Communications Intelligence (COMINT). Two Fuchs-1A2 platforms perform electronic attack. Precise specifications on both systems remain undisclosed. It is reasonable to assume that the Fuchs-1A1 detects and locates Very/Ultra High Frequency (V/UHF – 30 megahertz/MHz to three gigahertz) emitters. The Fuchs-1A2 vehicles are thought to perform electronic attack on V/UHF wavebands. These latter platforms may have a jamming range of circa 17 kilometres/km (eleven miles) against ground-based targets.
Joint Electronic Attack
The Eloka replacement is known as the Joint Electronic Attack project. It is worth between $108 million and $270 million according to reports. These continued that the EW-configured Boxers will be delivered between 2027 and 2028. According to Armada’s figures, a Boxer’s unit cost is circa $20 million. Our figures also note that the average price of a vehicle-mounted combined electronic support measure and electronic countermeasure is circa $4 million. This would give an approximate unit price of around $24 million per EW-configured Boxer.
Given projected budgets for the acquisition, this would allow the procurement of between four and twelve vehicles, equating to between two and six per EW platoon. In 2020 the Dutch Army acquired twelve Thales Bushmaster EW vehicles. Therefore, the future strength of the EW platoons could be six Bushmasters apiece, and between two and six Boxers.
The Bushmasters are thought capable of detecting and locating High Frequency (HF: three megahertz to 30MHz) emitters. This is alongside V/UHF targets. Moreover, they appear to possess a set of antennas to counter drones and Unmanned Aerial Vehicles (UAVs). These antennas are probably used to locate the aircraft and jam the radio frequency links connecting a UAV to its ground control station. UAVs use 2.4GHz and 5.8GHz frequencies for these links. Both the counter-drone/UAV system, and the vehicle’s HF and V/UHF antennas are mounted on extendable masts. The detection and jamming range of the Bushmasters maybe similar to the Fuchs-1A2 against ground-based emitters. The Dutch MOD has said that the new Boxer-based vehicles will perform EW at the operational level and be capable of performing cyberattack.
The Dutch Defence Materiel Organisation, responsible for procurement, will collaborate with its German equivalent on the EW Boxer acquisition. Armada has identified a future Heer (German Army) requirement to replace its Fuchs-1 Eloka EW vehicles in the coming five years. The force is thought to operate 87 Elokas in various configurations spread across its 911th and 931st EW Battalions.
The German Army has received over 400 Boxer variants which would be ideal platforms to replace the Fuchs-1 EW vehicles used by the Heer. Harmonising the Dutch and German Eloka replacement would make sense. Both countries already operate similar EW systems by virtue of using Eloka platforms. Both would benefit from economies of scale by performing a bilateral procurement of EW-configured Boxers.
The two armies share a manoeuvre unit in the form of the 1st German/Netherlands Corps, itself part of the North Atlantic Treaty Organisation’s (NATO’s) Response Force. Having the two armies use similar EW platforms to support their land forces would help deepen interoperability writ large.
The UK is also receiving new Boxer-mounted EW systems. Therefore, might any bilateral EW Boxer procurement eventually become trilateral programme including British participation? This could help further deepen NATO land forces EW interoperability and help foster financial reductions for all concerned. (Source: Armada)
03 May 22. South Asia: Beijing will continue conducting cyber espionage to assess risks to Chinese interests amid region’s declining socio-economic stability. On 29 April, industry reports claimed that the Chinese state-linked hacking group Naikon is targeting South Asian government institutions in an ongoing cyber espionage campaign. These attacks are reportedly being used to “deliver a beacon of a Red Team framework known as viper” to its victims. Naikon is a hacking group that specialises in cyber espionage and has been known to operate on behalf of the Chinese government at least since 2005. In one notable example, Naikon engaged in a two-year-long espionage campaign against Southeast Asian governments and military organisations to assess their policies towards the South China Sea dispute (see Sibylline Cyber Daily Analytical Update – 29 April 2021). The aim of this latest campaign is unclear. However, the targeting of South Asian countries indicates Naikon is likely seeking to gain insights into similar strategic issues, such as how these countries’ declining socio-economic stability could impact Chinese business interests in the region. With concerns related to these issues unlikely to abate, further such cyber espionage activity will likely be launched in the coming months, with government-linked organisations, such as telecom firms, remaining the most at-risk for these operations. (Source: Sibylline)
24 Apr 22. Microsoft, SES + Nokia Demo Satellite + 5G Integration For Australian Defence. As Defence organizations continue to respond to new threats and changing strategic circumstances, it’s crucial that they have access to the best possible technology for modernized military capabilities and high-performance operations. One of the biggest challenges is the ability to access and share increasingly large volumes of data from remote locations quickly and securely, and then analyze the data to inform real-time decision-making.
To help meet these demanding requirements, Microsoft, SES and Nokia have successfully demonstrated secure access to the Azure cloud platform over private 5G and SATCOM networks, enabling the use of cloud services anytime and anywhere, including remote and austere environments.
Through the integration of SATCOM, 5G, and cloud computing, the demonstration established a reference architecture to deliver remote access to enterprise systems, remote access to data as well as the ability to conduct analysis simultaneously in the field and in the hyper-scale cloud. For this demonstration, military vehicle data was streamed over private 5G, viewed and analyzed in the field, and then delivered in real-time to an enterprise maintenance system in Azure over SATCOM.
Nokia established a secure, private 5G network using the Nokia Digital Automation Cloud solution. This streamlined, plug-and-play connectivity provides rapid access to ultra-low latency, high-capacity networking.
During the demonstration, users accessed an SAP maintenance environment hosted in Microsoft Azure, using laptops connected to the private 5G network. This proof of concept shows the ability for Defense personnel in the field to access and update an enterprise resource planning (ERP) solution without waiting to return to a primary facility or base. Data from vehicles can also be accessed and analyzed in the field, with results synced to the ERP platform.
Through real-time ERP updates in the field, logisticians and commanders located at headquarter sites can make decisions based on the most up-to-date tactical data on vehicle fleets.
Both raw and processed data can be sent from vehicles in the field to enterprise systems over SATCOM when the operational situation allows, increasing commanders’ awareness of deployed assets. Improved access to data also opens opportunities for automation and optimization of back-end processes, such as predictive maintenance, stock management, fleet management and operational budget forecasting.
For the demonstration, SES – an Azure Orbital Ground Station as a Service partner – showcased the potential for high-volume data transfers by accessing its O3b satellite constellation via transportable terminal antennas. Orbiting at approximately 8,000 km. above Earth’s surface in MEO, the O3b system delivers low latency, high-performance connectivity. SES’s upcoming second-generation MEO system – O3b mPOWER – represents a step change in capabilities for satellite-based networking.
The system can provision throughputs up to multiple gigabits per second per service, providing resilient cloud and edge connectivity. In this demonstration, download and upload speeds reached 348 Mbps and 67 Mbps, respectively. With O3b mPOWER, the bandwidth can be scaled from 100 Mbps to a Gigabit, depending on the requirements of the mission.
Azure services can be used to display live position and analytical data on a dashboard in the field. During the demonstration, the Microsoft Azure Stack Edge Mini R – an ultra-portable, rugged edge computing device – was used for computing and analysis onsite, enabling advanced cloud analytics and visualization in connected and disconnected environments.
Azure Stack Edge Mini R physical device – An ultra portable, rugged, compute and storage device supplied by Microsoft. The device has an onboard battery and weighs less than 7 lbs.
Using 5G and SATCOM connectivity, data analysis can also take place in the Azure hyper-scale cloud compute platform. For instance, predictive maintenance analysis could be used to automatically send alerts and notifications and feed relevant data to ERP maintenance modules, which would enable maintenance orders to be scheduled, stock inventory to be checked and personnel requirements to be automated.
By unlocking the power of SATCOM, 5G and cloud computing, Defense organizations can remain connected in remote locations, share data quickly and securely to enhance strategic awareness, and perform deep analysis of data to improve decision-making.
The reference architecture established by this Defence demonstration is readily transferred to other sectors where remote connectivity and data analysis is required, including agriculture, healthcare, mining and resources, transport, and logistics. (Source: Satnews)
29 Apr 22. New CMOSS, metadata prototypes sought for US Army combat network. US Army programme officials working on research and development of the service’s newest iteration of the Integrated Tactical Network (ITN) are seeking prototypes of Common Modular Open Suite of Standards (CMOSS) as part of an ongoing network modernisation effort. Officials from US Army Futures Command’s Network Cross-Functional Team (N-CFT) and Program Executive Office for Command, Control, and Communications-Tactical (PEO C3T) issued three draft White Paper solicitations in April, requesting information on advanced information technology (IT) hardware and software in support of ITN initiatives tied to Capability Set 25 (CS25). The service is rolling out ITN iterations in two-year intervals with Capability Set 21 (CS21) in 2021, Capability Set 23 (CS23) in 2023, and CS25 in 2025. (Source: Janes)
29 Apr 22. Naval Group opens new counter-mine warfare, cyber labs in Brussels. Naval Group Belgium inaugurated two new research-and-development laboratories in Brussels this week, focusing on novel mine countermeasures and cybersecurity, the company announced Thursday.
Officials from across the Belgian Ministry of Defence joined senior Naval Group leaders at the company’s headquarters in the capital to formally launch the MCM Lab and the Cyber Lab. The two collaborative R&D centers are meant to bring together government, industry, and academic partners working on innovative solutions in the two capability areas, Naval Group said in a press release.
The labs will be the “central point” for Naval Group’s research-and-development work in mine countermeasures and cybersecurity, said Eric Papin, the company’s executive vice president and chief technical and innovation officer. The MCM lab, for instance, could help coordinate and reinforce the Belgian and European mine countermeasures ecosystem, and ultimately become a “European reference center” for mine warfare solutions.
Notably, the MCM Lab was derived as part of an industrial cooperation plan linked to the Belgian-Dutch mine countermeasure replacement program (rMCM), which was awarded in 2019 to Belgium Naval and Robotics, a consortium made up of Naval Group and European robotics company ECA Group. The rMCM program will supply the Belgian and Royal Netherlands navies with 12 minehunter vessels and around 100 unmanned systems, according to the company.
Meanwhile, the Cyber Lab will focus on developing cybersecurity technologies for ships and unmanned naval systems, as well as shore-based infrastructure, per Naval Group. It will also contribute solutions specifically to benefit the rMCM program, and the company added it expects the future Belgian Cyber Command of Defence to follow its developments, “in order to integrate the technologies where possible.”
The Brussels Times reported in January that Belgium plans to invest €61 m ($64 m) in cyber capabilities following a December 2021 cyber attack. Meanwhile, Cybersec Europe reported late last year that Brussels would stand up its own cyber command by the end of 2022. (Source: Defense News)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.