Sponsored by Spectra Group
16 June 22. General Dynamics’ $11bn DOD ‘Fourth Estate’ IT protest denied. Barring more action, this lets Leidos proceed on its work for the 10-year Defense Enclave Services award and consolidate IT systems for 22 DOD agencies. General Dynamics has lost its protest for at least a second chance at a potential $11.5b in IT services contract with the Defense Information Systems Agency won by Leidos.
The Government Accountability Office denied General Dynamics IT’s challenge on Wednesday in a ruling that will be sealed until attorneys representing the companies and DISA agree on what will go in the publicly available decision.
Leidos won the potential 10-year Defense Enclave Services contract in February. General Dynamics IT filed its protest to GAO the following month.
Barring more action by GDIT, Leidos can now proceed on the massive undertaking to consolidate IT systems across the Defense Department’s “Fourth Estate” administrative and support agencies. Those 22 agencies are outside of the combat service branches.
“Our robust and continuous preparation has positioned us to start delivering benefits to the user base on or ahead of current planned schedule, and we look forward to leveraging our decades of technological expertise to support mission success,” Leidos’ defense group president Gerry Fasano said in a statement sent via a spokesman.
General Dynamics IT has the option of taking its protest to the Court of Federal Claims, which has more authority than GAO to enforce bid protest rulings. A GDIT spokesman declined our request comment.
DISA’s Enclave competition is only the latest in the series of such between both companies for single-award, multibillion-dollar IT contracts.
GDIT fended off Leidos earlier this year for a $4.5bn end-user IT contract at the National Geospatial-Intelligence Agency, while the roles were reversed for the Navy’s $7.7bn NGEN network services award finalized last year. (Source: washingtontechnology.com)
16 June 22. India: Government and businesses face growing threat of hacktivist attacks amid Prophet remarks controversy. On 15 June, industry reports claimed that the hacktivist group DragonForce Malaysia was targeting Indian websites to Distributed Denial-of-Service (DDoS) attacks. DragonForce Malaysia is a highly active cyber threat actor that gained notoriety in 2021 after it launched a series of cyber attacks against Israeli targets over actions taken in the Palestinian Territories (see Sibylline Cyber Daily Analytical Update – 31 August 2021). The group claimed that this latest campaign is in response to the comments that Nupur Sharma – ex-spokesperson of India’s ruling Bharatiya Janata Party (BJP) – made about the age of the Prophet Mohammed’s third wife. Thus far, businesses in finance, education and IT industries have been targeted in DDoS and data exfiltration attacks. With the controversial remarks inflaming tensions between India and serval Muslim countries (see Sibylline Alert – 10 June 2022), further DragonForce-led cyber attacks are highly likely to emerge in the coming weeks. Entities that are perceived to be either working closely with the Indian government and/or supporting Sharma’s comments will be at the highest risk of being targeted by such cyber activity. (Source: Sibylline)
15 June 22. A step forward for communications between European Armed Forces with the completion of ESSOR HDR waveform interoperability qualification tests.
The milestone marks a major new achievement for the ESSOR project, with the new a4ESSOR technology proven to facilitate safe and effective joint operations between European land forces
Paris, 14 – 06 – 2022 – The European a4ESSOR consortium has successfully performed interoperability tests using the new ESSOR High Data Rate (ESSOR HDRWF) waveform. These tests are part of the ESSOR (European Secure Software defined Radio) project, launched at the end of 2017 by a4ESSOR and OCCAR (Organization Conjointe de Coopération en matière d’Armement) on behalf of Finland, France, Germany, Italy, Spain and Poland.
The testing took place in Poland, with Software Defined Radios (SDRs) from a4ESSOR’s industry partners (Bittium, Indra, Leonardo, Radmor and Thales) equipped with the ESSOR HDRWF, all connected to an automated test environment. This made it possible to verify that the ESSOR HDRWF could handle a number of operational use scenarios, demonstrating full interoperability. The same environment was previously used to conduct testing and preliminary validation activities for participating nations’ SDR platforms.
The tests demonstrated ESSOR HDRWF’s excellent performance, including its networking (MANET – Mobile Adhoc Network), data transmission (IP), security, push-to-talk, radio silence mode and co-habitation (spectrum sharing) features.
“The successful completion of the HDRWF interoperability tests highlights the work done over the last four years. Four different SDRs from four different vendors of four different nations proved to be interoperable thanks to the ESSOR HDRWF and architecture. We are providing European nations with an excellent product that will enable land-based armed forces to operate jointly and in an increasingly integrated manner. This result underlines the importance of the European industrial collaboration implemented through a4ESSOR. It is our hope that NATO will adopt the ESSOR HDRWF as an interoperability standard, allowing for more integrated land communications across all Alliance members”, said Lino Laganà, President and General Manager of a4ESSOR.
14 June 22. Raytheon Intelligence & Space Conducts Successful Troposcatter Communications Demo for the US Army.
- 5-week demonstration provides optimized beyond-line-of-sight communications system to support Joint All Domain Command and Control
Raytheon Intelligence & Space, a Raytheon Technologies business, successfully demonstrated the next-generation, transportable beyond-line-of-sight, or BLOS, Troposcatter communications system establishing high bandwidth, high stability communication links for the U.S. Army.
The wireless, point-to-point communications system delivers voice and command and control information to decision makers when tactical satellite communications are denied, degraded or unavailable – a critical communications capability that supports the Department of Defense’s Joint All Domain Command and Control vision to connect the battlespace across every domain.
“The modernized Troposcatter system delivers more capability with increased throughput performance and low latency at a significantly lower cost,” said Denis Donohue, president, Communications & Airspace Management Systems, RI&S. “The solid-state power amplifier technology reduces overall size and weight, while increasing performance. With our enhancements, this system is a force multiplier, delivering key links over vast distances, much greater than any line-of-sight communications system available to our soldiers today.”
As the program of record for the U.S. Army, the AN/TRC-244(V)1 Troposcatter system is designed for broadband communications at long range BLOS links. The system can be configured with a single antenna, or additional antennas for diversity, combining to extend system performance. The system is automated for self-alignment of the antenna and will achieve link connectivity in less than 40 minutes, once emplaced.
The Troposcatter system uses radio-scattering effects in the lowest part of the atmosphere, allowing for BLOS communication, eliminating the need for multiple, expensive line-of-sight relays and limited satellite resources, to cover the range of a single Troposcatter link. The Troposcatter system offers a lower latency, cost-efficient solution compared to satellite communications. The small, portable system is designed to be set up quickly in order to set up a communications link– furthering transport capacity of the military’s tactical network.
The RI&S team tested several Troposcatter systems in multiple operational environments at 7 different locations across various distances, including some in mountainous terrain at distances approaching 120 miles. The results were successful, and transmissions were received at all locations with low latency. This testing will support U.S. Army fielding decisions for the initial lot of 19 systems and is the first step of an iterative test series.
With more than a half century of experience with Troposcatter technology, the RI&S team continues our support to the U.S. Army with innovative BLOS communications to ensure U.S. warfighters are provided resilient communications to address evolving threats. (Source: ASD Network)
16 June 22. Lookout Discovers Android Spyware Deployed in Kazakhstan. Sophisticated malware tooling designed to provide surveillance capabilities to nation states. Lookout, Inc., a leading provider of endpoint and cloud security solutions, today announced the discovery of an enterprise-grade Android surveillanceware currently used by the government of Kazakhstan within its borders. Lookout researchers also found evidence of deployment of the spyware – which Lookout researchers have named “Hermit” – in Italy and in northeastern Syria.
Hermit is likely developed by Italian spyware vendor RCS Lab S.p.A. and Tykelab Srl, a telecommunications solutions company that may be operating as a front company. RCS Lab, a known developer that has past dealings with countries such as Syria, operates in the same market as Pegasus developer NSO Group Technologies and Gamma Group, which created FinFisher. This discovery appears to mark the first time that a current client of RCS Lab’s mobile spyware has been publicly identified.
Hermit is a modular surveillanceware that hides its malicious capabilities in packages downloaded after it has been deployed. Researchers were able to obtain and analyse 16 of the 25 known modules. The modules, along with the core malware’s permissions, enable Hermit to exploit a rooted device, record audio and make and redirect phone calls, as well as collect data such as call logs, contacts, photos, device location and SMS messages.
“This discovery gives us an in-depth look into a spyware vendor’s activities and how sophisticated app-based spyware operates,” said Justin Albrecht, Threat Intelligence researcher at Lookout. “Based on how customisable Hermit is, including its anti-analysis capabilities and even the way it carefully handles data, it’s clear that this is well-developed tooling designed to provide surveillance capabilities to nation-state customers. What’s also interesting is that we were able to confirm Kazakhstan as a probable current customer of RCS Lab. It’s not often that you are able to identify a spyware vendor’s clientele.”
Lookout researchers theorise that the spyware is distributed via SMS messages pretending to come from a legitimate source. The malware samples analysed impersonated the applications of telecommunications companies or smartphone manufacturers. Hermit tricks users by serving up the legitimate webpages of the brands it impersonates as it kickstarts malicious activities in the background.
To learn more about Hermit read the Lookout research blog or visit the Lookout Threat Lab.
Lookout is a leading provider of endpoint and cloud security solutions. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by ms of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, VMware, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit www.lookout.com and follow Lookout on its blog, LinkedIn, and Twitter.
15 June 22. Future of UK Defence Artificial Intelligence Launched.
Plans for the future of cutting-edge UK Artificial Intelligence (AI) defence technology have been unveiled in a new strategy published today.
- New Defence AI Strategy launched at London Tech Week AI Summit to drive forwards innovation
- New approach to the Ambitious, Sustainable and Responsible use of AI.
- New jobs, research, development, and experimentation to modernise the UK Armed Forces
Plans for the future of cutting-edge UK Artificial Intelligence (AI) defence technology have been unveiled in a new strategy published today at London Tech Week AI Summit. The strategy and accompanying policy on the ‘Ambitious, Safe and Responsible’ use of AI underpin a new Defence AI
Centre (DAIC), which will offer a visionary hub to champion, enable and innovate these technologies across the UK Armed Forces with pace and ambition.
In the face of ever-evolving threats to global security, the Defence AI Strategy outlines how the UK will prioritise research, development, and experimentation to revolutionise our Armed Forces capabilities through new concepts and cutting-edge technology to deliver the latest equipment to the battlefield through effective, efficient, trusted pathways. Concepts include AI-enabled autonomous combat vehicles and resupply systems to deliver supplies without putting people in danger, or soldiers on the front-line guided by smart systems drawing on hours of detailed footage captured by a series of small drones.
We also publish today our policy on the ‘Ambitious, Safe and Responsible’ use of AI, developed through partnership with the Centre for Data Ethics and Innovation (CDEI), including new ethical principles for the use of AI in Defence. These will make sure that Defence makes the best and responsible use of the technology, both to retain the confidence of the public and our partners and to hold others to account for irresponsible behaviours.
Defence Procurement Minister, Jeremy Quin, said: “Future conflicts may be won or lost on the speed and efficacy of AI technology, and our approach to AI must be rapid, ambitious and comprehensive.
Our new Defence AI Centre (DAIC) and AI strategy will create a focused hub to champion these technologies, working ethically hand in hand with human judgements to maintain the UK’s position at the forefront of global security and responsible innovation.”
Further to this, Defence Science and Technology Laboratory (Dstl) have awarded a £7 m contract to Northern Ireland based company Kainos, partnering with AI specialist Faculty Science Ltd and defence experts Actica, to deliver world-class artificial intelligence experimentation. The contract will support up to 20 highly skilled data science jobs across the UK as well as developing new specialist roles to reinforce safe, ethical, and operational AI.
Dr Paul Kealey, Head of Dstl’s Cyber and Information Systems Division said: “Dstl is delivering the most ambitious programme in its 20-year history – and we can only deliver on this by working with diverse talent from across industry and academia.
AI has the potential to provide significant benefits across Defence from the back-office to the Front Line and I’m delighted we are working with Kainos – a brand new supplier who will bring specialist expertise and experience as a leader in the civil world into defence.”
Brendan Mooney, Kainos CEO, said: “We are delighted to have been selected to be AI Agile Delivery Partner for Dstl. We share the Ministry of Defence’s belief that when utilised effectively and responsibly, data and AI offers unparalleled opportunities for the future of defence.
Alongside our partners, Faculty and Actica, we are excited by the opportunity to extend this relationship with this long-term engagement with Dstl.”
Defence’s commitment to strengthen security and modernise our armed forces was outlined in the Integrated Review, and the use of AI is a key to achieving that objective. The AI Strategy highlights how the MOD will be transformed into an ‘AI ready’ organisation and in doing so, will support the government’s wider ambitions for the UK to become a Science and Technology Superpower by 2030.
The announcements took place during London Tech Week, and the minister made clear at the AI Summit that AI-enabled military capabilities will always be in line with UK ethical values, standards, and legal obligations, and that there remain instances where human judgement will always be necessary.
Building on the Integrated Review and Defence Command Paper – which was backed by an additional £24 bn for Defence over 4 years – the Defence AI Strategy will form a key element of the National AI Strategy and reinforces Defence’s place at the heart of the Government’s drive for strategic advantage through science and technology. (Source: U.K. MoD)
14 June 22. Barrett Expands Range of Transportable Systems. Stackable, transportable and field deployable, Barrett’s range of Rapid Field Deployment Systems (RFDS) are field proven across the globe. In addition to the 4050 RFDS system (P/N BC405801) that offers HF and UHF/VHF crossgate operations, Barrett now offers tactical Hf and VHF transceiver and amplifier systems ready mounted in 19” 5RU rugged cases.
The HF solution – the PRC-4090 HF Rapid Field Deployment System (RFDS) (P/N 4090-08-01) – includes the Barrett PRC-4090 base station system, complete with its innovative and market-leading touchscreen handset and can be powered via an on-board SLA or LiFePO4 battery or AC mains power.
For added transmit power – requiring mains power connection – the entire unit can be stacked with the PRC-4075 Tactical 500W HF Amplifier (P/N 4090-08-05) to create a base station system capable of transmitting at 500W. This 500W system is available as a complete transportable base solution with the PRC-4090 RFDS (PRC-4075 Tactical 500W HF Transmitter (P/N 4090-08-10)) or singularly for use with the commercial 4050 RFDS option (P/N BC405801).
Like the HF solution, the VHF solution – PRC-2080+ VHF Rapid Field Deployment System (RFDS) (P/N 2089-08-01) – negates the time-consuming process of unpacking and configuring a base communications system in the field. Simply attach an appropriate antenna and the system is transmit ready. The PRC-2080+ VHF RFDS contains Barrett’s tactical, low-band VHF transceiver in base station configuration as well as supporting an on-board SLA or LiFePO4 battery.
incorporate a 2064 Radio Voice Bridge (P/N 2064-10-10) bridging the connected HF and VHF networks.
13 June 22. US Army to double cyber corps strength as focus shifts from counterinsurgency.
The U.S. Army will double the size of its active-duty cyber forces by the end of the decade as the Pentagon shifts its focus from counterinsurgency and prepares for future fights with technologically savvy opponents, officials said.
Growth in Cyber Mission Force teams and electronic warfare companies and platoons will boost the strength of the cyber corps from around 3,000 personnel to “just over” 6,000, an Army spokesperson said June 13. Across active duty, reserves and National Guard, the cyber branch will expand to more than 7,000 people, up from 5,000.
“You will continue to see the growth of our cyber branch, as we proliferate cyber-electromagnetic activities, capabilities,” Army Lt. Gen. John Morrison, deputy chief of staff, G-6, said in a discussion with reporters June 9. “Think cyber and electronic warfare, integrated together, throughout all of our tactical formations.”
Morrison is the principal military adviser to the service’s chief of staff, in charge of planning and implementing command, control, communications, cyber operations and networks for Army operations worldwide.
The expected growth comes as the Army grapples with multi-domain operations, across land, air, sea, space and cyber, and gleans valuable adversary information from the bloody battles in Ukraine.
The U.S. reinforced networks in Eastern Europe, both before and after Russia’s invasion, and recently began training Ukrainian troops on Western electronic jamming gear.
“Quite frankly, over the course of the 20 years of conflict, fighting a counterinsurgency, we had divested a significant amount of our electronic warfare capabilities, everything from sensing the environment to electronic protection, and certainly on the electronic attack component of it,” Morrison said. “All you have to do is read open-source news, and you can see that it is a critical component of what is happening over in Europe right now.”
The Army requested $16.6bn in cyber and IT funding for fiscal 2023. The bulk, roughly $9.8bn, is flagged for the Army network, a modernization priority spearheaded by the Network Cross-Functional Team and the Program Executive Office for Command, Control and Communications-Tactical. Some $2bn is devoted to offensive and defensive cyber operations and cybersecurity research and development.
The service’s overall $178 bn budget blueprint also supports a third multi-domain task force, a flexible, theater-specific unit capable of executing cyber and electronic assignments. Five task forces are ultimately expected.
China is considered the most pressing international threat, ahead of Russia, according to a public summary of the classified 2022 National Defense Strategy. Both powers have invested heavily in cyberspace.
Army CIO Raj Iyer on Thursday told reporters that 2023 is a “year of inflection” when it comes to digital transformation, a time when the service must move past old and comfortable and into new and advantageous.
“We need to make sure that the investments that we have are appropriately aligned to the Army’s priorities,” he said, “and to the DoD’s priorities, quite honestly, through the release of the national defense strategy.”
(Source: Army Times)
New HF and SINCGARS Communications Antenna New from PPM Systems, the ARA-252-201 antenna is a dual-port, multiband, omnidirectional, vehicular mounted antenna. The antenna consists of three collocated apertures to provide maximum performance and minimal footprint once installed. The two upper bands are diplexed together while the low band is provided on a separate channel. High and Low-Band Ports The antenna high-band port has been designed for optimum gain from 225 to 450 MHz, 1350 to 2600 MHz and is perfect for UHF and WNW Software Defined Radio (SDR) applications. The low-band port adds 30 to 88 MHz operation intended for HF and SINCGARS communications. The gain has been tuned for -10° to +10° in elevation while providing full 360° in azimuth with less than 1.5 dB or variance. The antenna is rated for 125 Watts of CW power over both bands. Commercial Off the Shelf This antenna is intended to be bolted to a standard Universal Antenna Mount or a NATO standard 4.5-inch bolt circle found on most military vehicles. The two N-Female connectors are located at the base of the antenna in the center of the mount. This antenna is an environmentally qualified and Commercial Off the Shelf (COTS). The rugged construction is designed to pass the operational “Oak Beam” test at 25 mph. Neil Seager, from PPM Systems, commented: “Stacked antennas from Antenna Research Associations provide significant benefits in the field due to their rugged design, their ability to pass the “Oak Beam” test, and reduction of real estate on the vehicle platform.”
10 June 22. U.S., U.K. Working to Build Seamless Command and Control Network. The United States has an unparalleled network of allies, and that’s a huge advantage in warfare.
But it isn’t that effective if allies can’t talk together, said Jenniffer F. Minks, a division chief with the Joint Staff working to make U.S. and United Kingdom command and control systems work together seamlessly.
The goal is called fully networked command, control and communication, or FNC3; it’s a “pathfinder” capability. The expectation is that FNC3 will allow the United States military to work even more efficiently with its closest ally.
If successful, the program can be scaled to include other nations.
The United States and the United Kingdom have been working for years to improve command and control efforts. In the U.S., this has become Joint All-Domain Command and Control — JADC2. In Britain, it’s the Multi-domain Integration Change Program, with the acronym MDI CP. Again, both nations worked in tandem on their systems.
“For us the question has been how do we make JADC2 work with our partners?” Minks said during an interview from her office in Suffolk, Virginia.
The United Kingdom and the United States also are capitalizing on other initiatives. Both nations are cooperating on building the coalition information-sharing capability called mission partner environment. “We’re just using the same standards and specifications, so it ensures interoperability from the beginning,” she said.
Speed is important for both nations. “We don’t want to slow the roll,” she said. “We’re moving out at speed, and we’re addressing things in both nations that … we haven’t done before in strategy — like zero trust architecture; how are we going to do artificial intelligence in the cloud with coalition partners and things like that. We’re doing it together.”
Zero trust is a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.
Once the two nations have command and control interoperability, they’ll work with other nations to participate. Minks said Australia has already approached the nations with questions and proposals.
“So far, the nations that have approached us are all members of the Federated Mission Networking framework — an international organization that has agreed upon standards and specifications for connecting our mission networks with each other,” she said. “The U.S. and U.K. just happen to be a little bit further ahead on actually building an enterprise-wide capability.”
Right now, the other nations are at the tactical level, while the United States and United Kingdom are addressing the operational and strategic levels. “The other countries that want to participate would need to follow the same standards and specifications to ensure interoperability,” Minks said.
The program is moving quickly. Minks said she believes that initial operational capability for the international network will be in time for Bold Quest 2024. The system that will be in place will not be a test or assessment network, but an operational network, Minks said.
Bold Quest is a multinational training demonstration to test a joint capability to link sensors to shooters across air, land, sea, space and cyberspace.
“What it means is when a user gets on a mission network and are working with partners, they will have access to all the information that they need, and it will be seamless to them,” Minks said.
Minks’ whole career has been dedicated to enhancing command and control. She remembers how hard it was for operators crafting an air-tasking order for Operation Odyssey Dawn in 2011. Odyssey Dawn was to support a United Nations Security Council Resolution to establish a no-fly zone over Libya. A number of nations were involved in the effort.
The air-tasking order obviously included other nations, but the command-and-control computers couldn’t speak to each other.
“Operation Odyssey Dawn was when it hit home to me just how important this is,” she said. “When you’re trying to build an air-tasking order with your partners, and you can’t share the basics of building an , it’s horrible. We had to try and figure out how to just get data from one network to another. All this is happening when you have an operational mission ongoing with live fire always a possibility. It’s beyond frustrating.” (Source: US DoD)
13 June 22. DEVERYWARE, the european expert in investigative technologies and services for global security, with its subsidiary TRACIP (France’s leading digital investigation private laboratory), presented its expertise and mobile digital investigation and DNA analysis laboratories at Eurosatory, the world’s leading defense and security exhibition, from June 13 to 17, 2022 in Paris Nord Villepinte.
The group presented on its stand (Hall 5B – stand n° B 310) its products and expertise dedicated to:
- Forensics analysis and training
- Mobile laboratories for digital investigation and genetic identification
- Language analysis
- Telephone data analysis
- Real time judicial geolocation
- Data recovery
The mobil’DNA, mobile DNA analysis laboratory (developed with the IRCGN – Criminal Research Investigation Institute of the French National Gendarmerie) offers genetic identification resources that can be deployed in the field. Effective in the fight against terrorism, border control, territorial defense or civil security, it allows the identification of victims and assailants in complete autonomy, without the need for a fixed laboratory.
Thanks to this innovation, it takes only 2 hours to obtain the genetic profiles of the first 21 DNA analysis samples, which is an invaluable time-saving feat.
The mobil’DNA has been deployed in particular during the following events: Alex storm (Alpes-Maritimes – 2020), Nice terrorist attack (south of France – 2016), or German Wings crash (Alpes du Sud – 2015).
It will be displayed at Eurosatory, Hall 5B, near door R7.
In terms of digital investigation, the mobil’IT, mobile laboratory developed by TRACIP, allows massive data processing in open source (OSINT) and the search for weak signals for the benefit of analysts.
Mobile and quickly deployable, it is particularly operational and adapted to the “field” context.
I stay at your disposal if you have any question or if you would like to meet our team.
You’ll find our press release attached and the link to our press kit in french version: https://web.tresorit.com/l/2Ror9#qm_n3lRmIWzrT4TVPuca_Q
10 June 22. Asia Pacific: Discovery of Chinese APT highlights cyber espionage threat linked to Beijing’s political objectives. On 9 June, threat analysts at SentinelLabs, the research unit of cyber security firm SentinelOne, released an investigation on a previously unknown Chinese-speaking advanced persistent threat (APT) group called Aoqin Dragon, which has been active at least since 2013. The threat actor primarily conducts cyber espionage operations targeting organisations in the Asia-Pacific region. In particular, this APT targets governments, academic institutions and telecommunications entities, in Australia, Cambodia, Hong Kong, Singapore and Vietnam. Over the years, Aoqin Dragon’s techniques have evolved, helping it to stay undetected. However, some of its tactics and methods share similarities to those used by other Chinese-backed APTs, such as Naikon (see Sibylline Cyber Daily Analytical Update – 3 May 2022). Aoqin Dragon seeks to access targets’ devices mainly through document exploits and spear phishing. The hackers then deploy an encrypted backdoor on compromised systems, including the Mongall backdoor and a modified Heyoka backdoor. Although it is unclear whether the APT is affiliated with the Chinese government, its methods and targets point to strong links to Beijing. Aoqin Dragon’s targets and areas of operation reflect Beijing’s pursuit of technological superiority in critical industries. The group will therefore continue in cyber espionage operations, though it is likely to change techniques or tactics following SentinelLabs’ exposure. (Source: Sibylline)
09 June 22. Pentagon’s Hicks expects real results from artificial intelligence office. Deputy Secretary of Defense Kathleen Hicks said she has high hopes for the Pentagon’s new all-things-digital office and will rely on it for some of the military’s most challenging projects, including Joint All-Domain Command and Control.
The Chief Digital and Artificial Intelligence Office, fully operational this month, needs to produce results and be seen as a “go-to place for talent and technical expertise,” Hicks said June 8 at the Department of Defense’s virtual Digital and AI Symposium.
“What we want to be able to do is make sure we are leveraging the state of the art in order to increase accuracy, increase speed of decision making, increase the quality of our ability to deliver effect,” she said.
JADC2 is the Pentagon’s vision for rapid response and seamless information sharing across land, air, sea, cyber and space. It relies on artificial intelligence and other cutting-edge systems to provide an advantage over a technologically savvy opponent.
“What I will say is that we have to be able to deliver,” Hicks said. “We have to advance, and advance quickly, on the challenge set that the warfighter faces.”
The CDAO will play a key role in making JADC2 a reality, according to John Sherman, who helped flesh out the office and serves as the Pentagon’s chief information officer.
The office was established to improve all things AI, data and analytics across the Defense Department. It subsumed the Joint Artificial Intelligence Center, the Defense Digital Service, the Advana platform and the chief data officer role.
Craig Martell, the former head of LyftML, ride-hailing company Lyft’s machine-learning division, serves as the chief digital and AI officer. He described at a separate symposium panel the experience so far as “a fire hose.”
“Apart from being really overwhelming, it’s been extremely exciting,” he said. “The constituent teams that make up CDAO have really great missions. They are delivering, they are executing, they are bringing real value to the DoD.”
Other CDAO executives were named June 1, coinciding with the office’s operational milestone. Full administrative alignment of personnel and resources is expected in October.
Providing the CDAO some breathing room as it comes into its own and grapples with its workload is important, Hicks said. (Source: C4ISR & Networks)
15 June 22. A standardised cyber resilience framework has been established to help facilitate work opportunities for SMEs in the defence space. Saab Australia and BAE Systems Australia have jointly formed the Cyber Framework for the Defence Industry (CFDI) — a new mechanism aimed at bolstering the cyber resilience of local SMEs exploring work opportunities in the defence industry.
The CFDI — developed in collaboration with the Centre for Defence Industry Capability and the Australian Cyber Security Centre — provides a standardised approach to cyber maturity assessment, while also offering guidance for strengthening cyber security practices.
The framework has reportedly been adopted by 12 prime contractors.
According to Saab Australia managing director Andy Keough, the new framework would help improve access to the defence supply chain for local businesses.
“Currently SMEs face a different and complex security assessment process each time they work with a different defence prime,” Keough said.
“In developing this framework, we have reduced red tape, making it easier for SMEs to secure opportunities in the defence sector.
“By the very nature of their size, many SMEs do not have the resources or expertise to upskill in information handling or cyber protection to meet defence requirements. This framework gives them a clear roadmap to gaining the required levels of cyber maturity.”
BAE Systems Australia chief information and digital officer Michael Salas noted the importance of broadening work opportunities for SMEs.
“The Cyber Framework is a great start for SMEs wanting to self-assess their level of cyber risk,” he said.
“They can undertake a quick assessment of their cyber maturity which then leads to the identification of key areas to invest and improve a company’s defences.
“This leads to improving the cyber maturity of our defence supply chain and better outcomes for our client.” (Source: https://www.cybersecurityconnect.com.au/)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.