Sponsored by Spectra Group
https://spectra-group.co.uk/
————————————————————————
01 Jul 22. Lithuanian state and private websites were targeted on Monday by Russian hackers who claimed the attack was retaliation for Vilnius’s decision to cease the transit of some goods under European Union sanctions to Russia’s Kaliningrad exclave. Yesterday, it was also reported that some of the country’s most important websites and online services were rendered inaccessible due to distributed denial of service (DDoS) attacks by a criminal pro-Russian group. More information: https://www.reuters.com/technology/lithuania-hit-by-cyber-attack-government-agency-2022-06-27/; https://www.bleepingcomputer.com/news/security/russian-hacktivists-take-down-norway-govt-sites-in-ddos-attacks/
In response to this, John Davies, International Cyber Expo Advisory Council Member* has offered the following comment:
“On Monday, Reuters reported a denial-of-service attack on institutions in Lithuania and Al Jazeera reported that a Russian hacking group called Killnet had claimed responsibility. Yesterday, the same group launched attacks on institutions in Norway. In fact, this same group has been linked to attacks on Moldova, the Czech Republic and Romania over the past few months. In each case, the attacks were attributed to punishing these nations for proactively supporting the Ukrainian defence efforts and/or enforcing international sanctions against Russia. Are these news bulletins simply highlighting heinous acts being carried out in support of an illegal and immoral war or is there another reason for bringing our attention to this continuous stream of offensive nation-state cyber activity by Russia?
The answer can be summed up in just two words – “Not Petya”. This 2017 attack is still thought by many to have been a ransomware attack. This misconception was prompted by early attribution attempts jumping the gun and falling for the smokescreen of dressing this malware up to look like a variant of the Petya ransomware used the year before.
In reality, the code was irreversible and contained kill-disk capability. This was not ransomware, it was the first cyber weapon of mass destruction. It was launched, rather innocuously, through an update from a Ukrainian tax calculating software product that was known to be in use by the Ukrainian government entities as well as power companies, airports and banks. However, in much the same way that a rock dropped into a pool sends waves billowing outwards, this powerful exploit, stolen from the NSA’s secret stash of zero-day attacks, was able to crack open vulnerable Microsoft systems and then scrape passwords from the machine’s memory and use them to penetrate connected machines. It spread like wildfire, from Ukrainian systems to the rest of the world, turning machines into lumps of plastic no more useful than a household brick, in giants like Saint-Gobain, DLA Piper, Merck Pharmaceuticals, DHL and Maersk Shipping causing more than $10bn of damage along the way. This was described as being “the most destructive and costly cyber-attack in history” and it all began as an indiscriminate nation-state attack by Russia on one of its neighbours.
Wind the clock forward to 2022. When the Russians invaded the Ukraine, the UK National Cyber Security Centre (NCSC) sent out a public warning telling organisations to enhance their cyber protection. Really? Tanks cross the border in Eastern Europe and everyone is told to increase cyber security? However, this advice makes perfect sense in the context of Russian hybrid warfare methodologies. Having already proved themselves capable of unleashing global cyber weapons, any cyber attack must be treated as another potential multi-billion dollar international event. News bulletins such as the attack on Norway this morning and the attack on Lithuania earlier this week, should never be treated as just highlighting heinous acts in some far-flung place, they are an early-warning system for global cyber events – so take heed!”
*John is also Chair of Cyber Wales Group.
01 Jul 22. Airbus Protect: a new global player for cybersecurity, safety and sustainability services. Airbus Protect, a new Airbus subsidiary bringing together the Company’s expertise in cybersecurity, safety and sustainability-related services, is officially established. The aim of this new entity is to provide a unique global service offering to protect Airbus company-wide and meet the needs of external authorities and commercial customers, including in the field of critical infrastructures. The new organisation brings together more than 1,200 experts based in France, Germany, the UK, Spain and Belgium who will grow Airbus’ capabilities and leverage synergies to further develop its expertise in these key areas.
“We are proud to see Airbus Protect go live today to support Airbus’ ambition to develop an integrated offering in this critical business area,” said Thierry Racaud, Airbus Protect CEO. “Our teams are committed to meeting our customers’ needs and challenges ahead with an exceptional group of professionals and resources at all levels. The diversification of fields of application linked to the size of Airbus and its products will provide a fabulous playground for them and for the new talents that will join us in the future.”
Thierry Racaud has extensive international business management experience in the aerospace sector and has held multiple executive positions in IT and Services companies, both in France and abroad.
The combination of Airbus’ competences in services related to cybersecurity, safety and sustainability (notably the management of environmental, corporate responsibility, health and safety risks) will offer opportunities for external growth in different market segments, where the Company’s expertise in protecting highly sensitive and demanding systems will create strong value propositions.
With Airbus Protect, the Company not only aims to consolidate its existing resources but to further grow them, creating attractive opportunities for digital talents and continuing the positive trend of hundreds of cybersecurity experts recruited over the recent years.
For more information on Airbus Protect: www.protect.airbus.com
29 June 22. CSIRO launches cyber security program for SMEs. Australia’s national science agency, CSIRO, is providing free research and development support to businesses working in the cyber security sector.
CSIRO’s Innovate to Grow: Cyber Security program, commences 26 July and is available for 20-25 Small and Medium Enterprises (SME). Applications close 11 July: Innovate to Grow: Cyber Security
Small and medium sized enterprises (SMEs) working on new cyber security solutions can join the free, 10-week online Innovate to Grow program, offered by CSIRO, to support their commercial idea with research and development expertise. Upon completion of the program, participants will be able to access facilitation support, through CSIRO, to connect to research expertise nationally, along with dollar-matched R&D funding.
CSIRO’s SME Collaboration Lead Dr George Feast said the COVID-19 pandemic had led to an increased risk of cyber security attacks.
“Just like many other parts of the world, Australia’s dependence on the internet saw a big increase during the pandemic, with many services moving online and more people working from home than ever before,” Dr Feast said.
According to the Australian Cyber Security Centre, there was an annual increase of 13 per cent of cybercrime reports in the 2020-21 financial year.
“To stay ahead of these cyber attacks, new solutions are required, and much of this is driven by SMEs developing new products and services through R&D,” he added.
“SMEs make up 99.8 per cent of all businesses in Australia. However, R&D can be an expensive undertaking for businesses and risky for those without the right guidance and support.”
“Participants will be given help to refine a new idea they want to explore and to better understand their idea’s business and scientific viability. They will also be exposed to industry knowledge, hear from innovation and industry experts, and work with an R&D mentor. Companies will also tap into CSIRO’s own cyber security expertise through Data61, CSIRO’s data and digital specialist arm ,” Dr Feast said.
“Even though collaboration is key in driving good R&D outcomes, research we released last year found that less than 15 per cent of Australian businesses engage universities or research institutions for their innovation activities – our goal through this program is to up that percentage.”
CSIRO’s Innovate to Grow: Cyber Security program, commences 26 July and is available for 20-25 Small and Medium Enterprises (SME). Applications close 11 July: Innovate to Grow: Cyber Security. (Source: Rumour Control)
30 June 22. Thales introduces S3NS in partnership with Google Cloud and unveils its offering in a first step towards the French Trusted Cloud label. Thales announced today the creation of S3NS, a French company designed to offer public and private organizations in France the power of Google Cloud, fully compliant with France’s “Trusted Cloud” label, in partnership with Google Cloud.
- Thales announced today the creation of S3NS, a Paris-based company under French law, fully controlled by the Group. The Chairman of S3NS is Walter Cappilati and its General Manager Cyprien Falque. S3NS’ creation follows the setting up of a strategic partnership with Google Cloud announced in initial October 2021.
- S3NS’ mission is to help public and private organizations in France benefit from the power of the Google Cloud Platform (GCP), while protecting their sensitive data in compliance with the criteria of France’s national Information Systems Security Agency (ANSSI).
- As of today, S3NS is commercialising “Local Controls with S3NS”, a solution that complements the standard high security and performance specifications of the Google Cloud Platform with guarantees on data location and localized support, and additional security, including encryption controlled data access operated by S3NS. This offering enables organizations to start their move to the French “Trusted Cloud” now.
- S3NS currently numbers several dozen employees and is accelerating its drive to recruit talent in order to meet the company’s goals. S3NS is already working with integrators and software partners to provide its customers with a broad range of services and solutions.
The new company, majority owned and controlled by Thales, is under French law and follows the October 2021 partnership announcement between Thales and Google Cloud to jointly develop a locally-compliant Trusted Cloud offering. Thales and Google Cloud are committed to helping companies and public institutions to innovate and accelerate their digital transformation in ways that afford autonomy, compliant sovereignty, and the greatest possible benefits for their customers and users.
Meeting the French “Trusted Cloud”
S3NS will offer from the second half of 2024 its “trusted cloud” offering that will ultimately combine full performance, services and applications of Google Cloud technology while allowing protection against extraterritorial foreign laws and in compliance with the requirements of the “Trusted Cloud” label of France’s Information Systems Security Agency (ANSSI) in the frame of the French State strategy. S3NS will directly operate three data centers to ensure data and workload localisation in France. Both data center availability and engineering assistance will be available this year already and the recruitment of engineers who will operate the “Trusted Cloud” will begin.
A first milestone with an offering already available
S3NS’ first offering is “Local control with S3NS”, which will offer Google Cloud customers in France continued high public cloud performance, with added capabilities to localize clients’ data in France or in Europe, as needed or preferred. Customers will be able to restrict data access for administrative service and technical support solely to European Union locations. Cryptographic control of data access can be achieved with external encryption key management from S3NS. This first offering brings compliance with additional automation to simplify operations, along with additional auditability and transparency to increase customer confidence in cloud operations.
Committing partners already
To best support customers in this transition to the “Trusted Cloud”, S3NS is finalizing specific partnership agreements with various players in France’s growing digital ecosystem. Partners will be able to support S3NS customers in their cloud and digital sovereignty strategy, as they migrate and operate their workloads and applications securely, with the help of S3NS’ and other managed services.
“The S3NS offering is the best of both worlds: the agility and wide range of services of a cloud hyperscaler combined with the security and data protection of a cybersecurity leader. This step marks the beginning of a technological and industrial adventure which will engage all the French economic players attached to a trusted solution. As a leader in critical information systems, Thales is once again demonstrating its ability to be a driving force in disruptive technologies”. Marc Darmon, Executive Vice President, Secure Communications and Information Systems at Thales.
“The creation of S3NS, progress on the definition of our Trusted Cloud offeringand the availability of our “Local controls with S3NS ” is the result of many months of collaboration between Thales and the Google Cloudteams. This is a first step and a first milestone this year, before our future solution in compliance with the French “Trusted Cloud” criteria, which we are working on in parallel. Our objective is to be the first to make such an offering available for certification and based on hyperscale cloud technology. “Local Controls with S3NS” enables our customers to start their journey to the trusted cloud now”. Cyprien Falque, Managing director of S3NS.
“We are very proud to support our partner Thales and its subsidiary S3NS and its first offering in the French market. This collaboration between our teams reflects on the one hand an understanding of the expectations related to digital sovereignty, and on the other hand a real technological trajectory. We confirm the commitments made together in 2021 and will continue to support digital transformation with offers that combine security and sovereignty, without compromising on performance.” Thomas Kurian, CEO at Google Cloud.
30 June 22. Iran-Israel: Alleged targeting of UNIFIL heightens anxieties over Iranian cyber-attack capabilities. On 29 June, Israel’s defence minister, Benny Gantz, accused Iran-backed Hizballah and the Iranian government of attempting to launch a cyber-attack against the United Nations Interim Force in Lebanon (UNIFIL). The allegation comes days after a hacktivist group with alleged ties to Israel reportedly subjected three Iranian steel firms to disruptive cyber-attacks (see Sibylline Cyber Daily – 28 June 2022). This demonstrates the sustained risk of retaliatory attacks against critical sectors, including energy, infrastructure and healthcare, as Iran and Israel’s tit-for-tat ‘cyber conflict’ persists. Gantz reported that Iran aimed to “steal materials” and military intelligence for Hizballah as part of the recent attack. Whilst Tehran’s role in developing Hizballah’s cyber capabilities is not new, the alleged targeting of UNIFIL by proxy networks deepens regional insecurity anxieties. There is a heightened risk of retaliatory attacks against state-backed infrastructure in both Iran and Israel in the coming weeks, reflecting geopolitical escalations. (Source: Sibylline)
29 June 22. China-US: Beijing-directed disinformation campaigns will prolong the threat of unrest for Western firms as China continues to protect its supremacy in strategic industries. On 28 June, cyber security firm Mandiant claimed it observed an unsuccessful Beijing-directed disinformation campaign aimed at stoking domestic tension in the US and defending China’s dominance in the rare-metals market. This campaign reportedly promoted content on social media sites, such as Facebook, that criticised US President Joe Biden’s 31 March Defence Production Act, which linked the mining of critical minerals to the US national defence. Similarly, these social media posts also attempted to spark online and physical protests against the USD 120 m contract that Australian mining company Lynas Rare Earths signed with the US Department of Defense to mine in Texas claiming the deal would lead to “irreversible” environmental damage. The production of rare-earth minerals is a significant part of China’s economic output, with the country accounting for 60 percent of global production in 2021. As such, the US’ ongoing attempts to diversify its supply chain threaten Beijing’s supremacy in the market. With these concerns set to remain high on China’s influence policy agenda, further such disinformation campaigns are highly likely to emerge in the coming year. Such activity could spark instances of unrest against Western firms competing in industries of strategic interest to Beijing, such as mining, defence, or energy. (Source: Sibylline)
28 June 22. National Guardsmen may soon use personal electronics in deployments. National Guardsmen may soon be able to use their personal electronic devices for official functions during domestic deployments to help fill a resources gap and reduce mobilization time, according to the service’s chief information officer.
Speaking during a C4ISRNET webcast, National Guard CIO Kenneth McNeill said an initiative called “Bring Your Own Approved Device” would allow guardsmen to use personal mobile equipment to perform the same functions in the field that they would otherwise carry out at a desktop in their offices.
“In a typical state, all of our guardsmen, unfortunately, they may not have government furnished devices — mobile cellphones, iPads,” McNeill said. “It cuts down on time when we’re planning for a mobilization.”
The initiative, which is a in collaboration with the Department of the Army and the Pentagon’s cybersecurity office, is in a phase III pilot program consisting of a year-long trial with the largest sample size to date. After this trial, if deemed successful, the initiative will be enacted, McNeill said.
Work began on the initiative before the pandemic hit and motivated a transition to remote work. The realities of the situation forced the guard to accelerate the progress.
“This is another tool in the toolkit that will give us an opportunity to allow our workforce, even after the pandemic, to continue to telework and remote work that is critical in the National Guard,” McNeill said. “I don’t think we’re going back … everyone in the office. I think this is the future of how we’re going to operate here in the in the government and in the Department of Defense.”
While deployed to the streets of Washington, D.C., following the Jan. 6 insurrection, the National Guard employed a similar capability called Commercial Virtual Remote to carry out the mission that was limited in scope and time.
“Now we will have a capability that really links our force, even before they are called up for deployment,” he said. “This will be a game changer.”
JADC2
McNeill also discussed an addition to the Joint All-Domain Command and Control concept being implemented by the DoD that would focus on the needs of the National Guard’s mission set. Called “Project Homeland,” the initiative would apply the same capabilities of JADC2 to the domestic front.
JADC2 is a project by the Department of Defense to connect all the sensors from the individual services and compile data collected into a single information network. Previously, each service had their own tactical networks that were unable to interface with each other.
“JADC2 is a warfighting necessity to keep pace with the volume and complexity of data in modern warfare and to defeat adversaries decisively,” the department said in a statement. “JADC2 enables the Joint Force to ‘sense,’ ‘make sense,’ and ‘act’ on information across the battle-space quickly using automation, artificial intelligence (AI), predictive analytics, and machine learning to deliver informed solutions via a resilient and robust network environment.”
Project Homeland would apply those same capabilities during domestic deployments across the 54 states and territories National Guard units and their civilian interagency partners as opposed to the military services and their coalition forces.
McNeill spoke to the challenges the National Guard faced during their humanitarian relief operations post Hurricane Katrina. On the ground, the guard was unable to talk with the local first responders because they did not have cross-banding communication systems.
“We learned from that experience that we’ve got to think out of the box,” McNeill said. “We’ve got to look at capabilities that can talk to first responders and focus on what we do in the homeland.” (Source: C4ISR & Networks)
29 June 22. US Army pushes cloud expansion to regional commands. US Army officials are preparing to move out on a plan to expand the ground service’s burgeoning cloud computing capabilities beyond the continental United States (CONUS), with service leaders anticipating integration of those capabilities into the regional commands, beginning with the Asia-Pacific region. The plan is part of the army’s plan to rapidly transition from legacy combat networking strategies to a mix of commercial and military cloud capabilities, as outlined under the service’s Unified Network strategy issued in October 2021. Service-led efforts to adopt this commercial-military hybrid cloud strategy has shown early promise, Army Chief Information Officer Raj Ayer said in June. Most recently, army officials were able to migrate 50 service-specific applications from the Defense Information Systems Agency (DISA)-hosted military cloud service provider to the army variant – known as the cArmy cloud – within 100 days, according to Ayer. (Source: Janes)
28 June 22. Raytheon Intelligence & Space demonstrates critical Joint All Domain Command and Control capability for U.S. military. Demonstration during Valiant Shield 22 proves ability to collect, process and distribute targeting data across military units. During the Defense Department’s Valiant Shield 22 exercise this month, Raytheon Intelligence & Space, a Raytheon Technologies (NYSE: RTX) business, successfully demonstrated the ability to collect data on a simulated sea-based threat and then share targeting solutions with distributed defense systems across the Western Pacific Ocean — a key test of the company’s Joint All Domain Command and Control infrastructure.
Raytheon’s Multi-Program Testbed, or RMT — a converted Boeing 727 — used a combination of radar and electronic intelligence sensors to characterize the simulated threat. Onboard processors then synthesized the data in seconds to create a comprehensive targeting solution that was passed to tactical platforms.
“In the multi-domain fight, seconds could mean the difference between victory and defeat,” said Eric Ditmars, president of Secure Sensor Solutions at RI&S. “This experiment shows we can deliver synthesized, multi-source data to commanders faster than ever, giving them a decisive battlefield advantage.”
Raytheon’s RMT, along with a KC-135 aircraft, four U.S. Navy F/A-18 fighters and, a command-and-control station on the U.S. mainland shared data rapidly in the simulated, highly contested environment. This scenario demonstrates Raytheon’s ability to provide successful machine-to-machine communications capabilities to share information securely across multiple sensors and defense systems.
“Bringing these capabilities to the field gives us the highest degree of confidence in their real-world applicability,” said Ditmars. “It allows us to stress test them in operational environments and accelerate their maturity.”
Valiant Shield 22 is a U.S.-only, biennial field training that builds real-world proficiency in sustaining U.S. forces through detecting, locating, tracking, and engaging units at sea, in the air, on land, and in cyberspace in response to a range of mission areas.
27 June 22. The multi-cloud multiverse: How the Pentagon can achieve AI success. The GSA Data Center and Cloud Optimization Initiative Program Management Office recently released a Multi-Cloud and Hybrid Cloud Guide to help agencies make better decisions about cloud architecture.
As hundreds of AI initiatives and programs are underway across the Department of Defense, many are facing new and diverse challenges when it comes to operationalization. Selecting a solution and putting it into practice are certainly not the same task, creating challenges that span both organizational and data facades.
For example, the rise of hybrid and multi-cloud architectures present data integration, access and management challenges for many as agencies seek to leverage data assets that span across both on-premise and hosted solutions.
This may be why the GSA Data Center and Cloud Optimization Initiative Program Management Office recently released a Multi-Cloud and Hybrid Cloud Guide to help agencies make better decisions about cloud architecture. Further complicating matters is that the DoD is facing a groundbreaking December award of the Joint Warfighting Cloud Capability procurement.
Pentagon Chief Information Officer John Sherman describes the JWCC as a “multi-cloud effort that will provide enterprise cloud capabilities for the Defense Department at all three security classifications: unclassified, secret, and top secret all the way from the continental United States out to the tactical edge.” At the conclusion of this possible five-year procurement, the DOD plans to launch a full and open competition for a future multi-cloud acquisitions. Until then, DoD data scientists may be forced to work in silos because connecting to live data may not always be possible.
How Technology Can Help
Many government agencies are overcoming these challenges using technologies such as data virtualization to implement a logical data fabric approach capable of ensuring trusted data access and sharing. Data virtualization is a modern data integration technique that integrates data in real-time without having to physically replicate it.
Data virtualization can seamlessly combine views of data from different sources and feed AI/ML engines with data from a common data services layer. Using data virtualization, AI teams can work more efficiently and collaborate more effectively, because the technology provides views of data rather than replicating it.
This not only saves access and storage costs because it provides a unified data-access layer, it also enables stakeholders to implement governance controls from a single point across the department. Creating this “single source of truth” is one of the most valuable characteristics of unifying enterprise data through use the of data virtualization.
This combination of enterprise AI, multi-cloud architecture, and data virtualization is being leveraged by many government organizations to leverage data more effectively and take advantage of the cost savings of the cloud. Together, these technologies underscore the fact that digital transformation is not just about technology, but about using technology in the most intelligent way and providing enhanced value to data science teams and internal and external data consumers.
Also, with the competition for market share between the major Cloud Service Providers (CSP) promising both better value for government and access to a vast array of AL/ML tools to drive better, mission-specific results, there may be conflicting narratives on which CSP — and which AI/ML technology — is best for a given mission.
In this environment, a logical data fabric is rapidly emerging as the technologically elegant solution to the chaos of multi-cloud computing as it simultaneously makes the best features of each CSP available to users.
Defined by Gartner as a design concept that serves as an integrated layer (fabric) of data and connecting processes, a data fabric utilizes continuous analytics over existing, discoverable and inferenced metadata assets to support the design, deployment and utilization of integrated and reusable data across all environments, including hybrid and multi-cloud platforms. This pure play data fabric enables the best of all commercial CSP offerings without vendor lock-in and, in many instances, is proving to be the government’s best answer to overcome these challenges.
Addressing the DoD’s pervasive siloed data, standardizing and improving its quality and access, should be a precondition to having the data necessary to train algorithms for many defense uses. A logical data fabric approach that incorporates data virtualization promises to be a means for quickly collecting, processing, and using information from the DoD’s disparate data sources. It also ensures that a developed AI/ML model in a silo is still relevant to live data and can accelerate better data flow and data access across the entire AI operationalization cycle.
The more data AI/ML models receive, the more they learn creating better and more accurate predictions the DoD requires for mission critical decision-making. However, extracting data from multiple sources and then replicating it to a central repository is an old and inefficient way of getting data access. The process is still prevalent across the federal government and often results in the majority of the project time being spent on data acquisition and preparation tasks.
With the DoD touting their growing capabilities in artificial intelligence and machine learning technologies, integrating data to nourish disparate AI/ML models with their expanding data science teams is still a significant undertaking. Enterprise AI, leveraging a logical data fabric layer, overcomes these challenges. It can act as a central hub for data science teams between different AI/ML systems, reducing the need for data duplication enabling highly sophisticated AI/ML initiatives with enhanced operationalization and accelerated timetables for quicker time-to-production. (Source: C4ISR & Networks)
28 June 22. Iran-Israel: Tel Aviv-linked hacktivists targeting of Iranian firms will heighten the risk of retaliatory cyber attacks against Israel’s critical sectors. On 27 June, Gonjeshke Darande – a hacktivist group with alleged ties to Israel – claimed it carried out disruptive attacks against three Iranian steel firms. The group shared a video via the social media site Twitter and its private Telegram channel of equipment in Khuzestan Steel – one of Iran’s largest steel companies – allegedly combusting into flames due to its cyber attacks. If officially confirmed, this would be the group’s most notable attack against Iran-based entities since it targeted Iran’s energy-related governmental departments with defacement activity in October 2021 and displayed anti-Tehran messages on gas pumps across the country. Gonjeshke claimed that these latest cyber disruptions were in response to “the aggressions of the Islamic Republic” and to “expose the inhumane treatment of prisoners” in Iran. With tensions over such issues unlikely to abate, further politically motivated cyber attacks will highly likely take place over the coming six months. Such activity will maintain Iran-Israel’s tit-for-tat cyber conflict and heighten the risk of Tehran-backed hackers launching retaliatory cyber attacks against Israel’s critical infrastructure operators, such as energy, finance, or healthcare. (Source: Sibylline)
27 June 22. USAF completes first IRIS aerial demonstration on B-52 aircraft. The IRIS system will replace the Global Iridium Bomber Set (GLIBS), which has been in service since 2017. The US Air Force (USAF) has completed the first aerial demonstration of the beyond-line-of-sight (BLOS) communication system, IRIS.
The test was executed by the 49th Test and Evaluation Squadron (TES) on a B-52 Stratofortress at Barksdale Air Force Base (AFB) on 22 June.
It was supported by the 608th Air Operations Centre’s (AOC) combat operations team, which provided command-and-control (C2) functions.
The team also analysed the voice and data transfer capabilities, observed from the B-52 aircraft for the transmission of real-time images and videos.
IRIS system provides complete global coverage by leveraging the Low Earth Orbit (LEO) Iridium NEXT satellite constellation.
Instead of using Iridium’s existing 2.4kbps bandwidth capacity, the IRIS system used the much-improved L-Band speeds of the Iridium Certus terminal, which is a broadband service with a bandwidth capacity of up to 704kbps.
49th TES conventional test flight commander captain Richard Brown said: “The IRIS system is one of the many datalink solutions that we need in order to equip the warfighter for today’s fight.”
The IRIS is an Air Force Global Strike Command’s (AFGSC) solution for integrating the B-52 fleet into the greater Joint All-Domain Command and Control problem set.
Leveraging an AFWERX Small Business Innovation Research (SBIR) Phase II contract, AFGSC tested the possibility of using a commercial off-the-shelf (COTS) outer link global solution for the B-52 satellite to enable uninterrupted coverage.
After this successful demonstration, the AFGSC will continue to attain an SBIR Strategic Finance contract to support IRIS, allowing permanent bomber integration and coordination across geographic air operation centres.
The new IRIS system will replace the existing Global Iridium Bomber Set (GLIBS), which has been in use since 2017. (Source: airforce-technology.com)
27 June 22. Assac Networks and Gilat Telecom have signed a cooperation agreement for the supply of ShieldiT – an integrated, all-in-one smartphone security solution, that enables secured, managed communication over a satellite connection.
The additional satellite capability will enable military, security and strategic organizations to keep their sensitive communications confidential, even in remote and rural areas.
Assac Networks – a company specializing in cyber solutions for the complete protection of mobile devices for government agencies, defense and commercial organizations, which recently completed an investment round led by ASPIS Cyber Technologies, Inc., with ICARO as its marketing partner – has signed a cooperation agreement with Gilat Telecom’s Government Division. The two companies will provide a complete protection solution for mobile devices, in all types of communication – satellite, Wi-Fi and cellular, in a new combined solution that adds a controlled layer of secure communication over existing infrastructure.
Military, security and strategic organizations are typically engaged in sensitive communications involving confidential data which must be protected. However, their personnel’s Bring-Your-Own-Device (BYOD) smartphones rely on public and private networks that are easily hackable; they may be operating in an area where there is no GSM reception, or a risk of GSM jamming; or there may be low bandwidth or lack of data connection – all of which put critical communications with headquarters and other team-members at risk. In such cases, a redundant and available means of secure communication is required.
The new ShieldiT with satellite capability provides secure mobile communication in mission-critical activities that involve the exchange of sensitive, and confidential information – such as between government agencies and remote operations at strategic sites in rural areas – even where the only available communication is via satellite.
“Assac Networks’ ShieldiT is the only solution with a unified, managed anti-hacking and anti-tapping capability for Bring-Your-Own-Device smartphones, which fully integrates with existing voice and IT systems,” says Shimon Zigdon, CEO of Assac Networks. “ The company has decades of experience in providing smartphone security and mobile communication encryption solutions that are tailor made to meet the strictest security requirements and operational needs of any government agency or other strategically-important unit. With this new cooperation agreement with Gilat Telecom, we are proud to now enhance both companies’ offerings and provide our customers with integrated, all-in-one smartphone security, with a unique satellite connection capability.”
“We are delighted with our collaboration with Assac Networks, which expands Gilat’s offering,” says Ami Schneider, VP Government Solutions Division of Gilat Telecom. “As a company that has been operating in the security and homeland defense market for decades, we identified the need for full protection of mobile devices for satellite communications users, whether to support a mission, or in remote areas. This integrated solution addresses this need, and we have already seen a great deal of interest in it from our customers.”
ShieldiT works on BYOD smartphones, whether iOS and Android, and offers three layers of security: (a) threat management – robust and AI-powered, with a user-friendly dashboard; (b) anti-hacking – for detection and prevention of cyberattacks, data theft and malware; and (c) anti-tapping – point-to-point, military-grade voice and text message encryption and eavesdropping prevention. All ShieldiT features are controlled centrally via the unified ManageiT management dashboard, enabling incident response to be conducted from the management console. The integration of ShieldiT with a satellite modem empowers its users to have on-demand communications for tactical networks on the move, in a solution that is easily integrated on vehicles, naval vessels, and aircraft, and offers high-performance tracking.
28 June 22. HENSOLDT jamming system proves effectiveness against radars of various types. AI enables classification of unknown threats and Big Data analysis. Sensor solution provider HENSOLDT has completed extensive ground and field tests with its “Kalaetron Attack” jamming system, confirming its effectiveness against enemy air defence radars of various types. Measurements in various operationally relevant scenarios show that “Kalaetron Attack” can detect even the latest air defence radars and interfere with them by means of precisely directed jamming signals. The effectiveness and responsiveness of the system is also based on artificial intelligence (AI) techniques, which enable the classification of unknown threats in the field and the rapid evaluation of large amounts of data. In doing so, the many years of in-depth experience in the development of jamming approaches against radars were profitably combined with the latest approaches of the Edge AI approach.
“Control of the electromagnetic spectrum is an essential prerequisite for information superiority, and thus the success of military missions and the protection of one’s own soldiers,” says Celia Pelaz, Chief Strategy Officer and Head of the Spectrum Dominance Division at HENSOLDT. “Kalaetron Attack also makes it possible to deny the enemy the use of this spectrum – for air defence, for example.”
The jamming system is part of HENSOLDT’s fully digital ‘Kalaetron’ product family, which is used in self-protection and signal reconnaissance systems in the German armed forces, among others. In addition to cognitive software elements, the core elements are a fully digitised, broadband sensor and an electronically controllable jammer. Metallic 3D printing enabled a condensed design of the electronic components so that the jammer can be easily integrated into pod formats commonly used worldwide or directly into various flying platforms. Kalaetron Attack, as an escort jammer for the Eurofighter, therefore provides the Luftwaffe with the timely capability transfer of the ECR Tornado and, at the same time, expands the capabilities of the Eurofighter by the urgently required component of electronic warfare (escort jamming) in modern operational scenarios. Due to its scalability, the system can also be used in land- or ship-based applications.
27 June 22. QinetiQ and RUSI Release New Paper on Trust in AI.
- A new paper by RUSI and QinetiQ explores the latest trends and thinking about the growing use of AI in military decision-making.
Last week, the Defence Artificial Intelligence Strategy was published, setting out how the UK will ‘adopt and exploit AI at pace and scale’ to transform ‘Defence into an ‘AI ready’ organisation and deliver cutting-edge capability.
This new paper aims to trigger a broader debate about the cultural and organisational changes required within the UK defence enterprise to become genuinely ‘AI ready’. It considers this in the context of AI-enabled decision-support, and its impact on the role of command and commanders.
Trust in AI: Rethinking Future Command builds on the premise that trust at all levels (operators, commanders, political leaders and the public) is essential to the effective adoption of AI for military decision-making and explores key related questions such as: Representation and Reasoning), and by End-Use (Land, Sea, Air)
Published: January 2018 – Pages: 193 pages
- What does trust in AI actually entail?
- How can it be built and sustained in support of military decision-making?
- What changes are needed for a symbiotic relationship between human and machine members of future command teams?
The paper follows an earlier report produced by QinetiQ, which looked at trust as a fundamental component of military capability and an essential requirement for military adaptability, and is theoretical but with practical application.
The paper considers the concepts of AI and trust, the role of human agency, and AI’s impact on humans’ cognitive capacity to make choices and decisions. It proposes a five-dimensional framework for developing trust in AI-enabled military decision-making and examines the implications of AI on people and institutional structures that have traditionally underpinned the exercise of authority and direction of armed forces.
In seeking to answer how trust affects the evolving human–AI relationship in military decision-making, this paper exposes several key issues requiring further research including:
- How to build the trust necessary to reconfigure the organisation of command headquarters, their size, structure, location and composition, at tactical, operational and strategic levels.
- How to adapt military education to better prepare commanders for the age of AI.
- How to optimise and transform collective training across all domains to improve command involving greater collaboration with artificial agents.
- How to operationalise the concept of ‘Whole Force’ to make better use of the extensive talent within society, industry and technology.
- How to understand the needs of AI and humans within human–machine teams.
Paul O’Neill, RUSI Director of Military Sciences, said: “Much of the discussion about the use of AI focuses on the technology. What our report seeks to do is balance the discussion to take account of the human and organisational impacts and implications of the technology. This is a symbiotic relationship in which the greatest value derives from considering the needs of the whole, human/machine, team.”
Christina Balis, QinetiQ Campaign Director for Training and Mission Rehearsal, said: “The growing military use of AI for operations and missions support will transform the character of warfare. This is not just a question of adapting our armed forces’ tactics; we need to fundamentally rethink the role of humans in future military decision-making across the spectrum of ‘operate’ and ‘warfight’ and reform the institutions and teams within which they operate. It requires that we rethink the notion of trust in human-machine decision-making.” (Source: ASD Network/
24 June 22. US Air Force mints program to hone command and control. The U.S. Air Force launched a program it says will sharpen its command and control and battle management abilities as it prepares for potential war against a major adversary.
The weapons system evaluation program, dubbed Combat Axe, is designed give leaders a look at how the Air Force’s command and control systems perform against technologically savvy opponents and real-world threats, including contested or degraded communications and radar.
This scenario is becoming increasingly important as the U.S. military pivots away from counterinsurgency and smaller-scale operations toward preparations for a larger fight against a world power, such as China or Russia.
The Air Force rolled out the predecessor to Combat Axe, then known as Combat Sentry, in July 2020.
Combat Axe training and analysis was conducted during the Combat Archer 22.08 and Checkered Flag 22-2 exercises, among the largest combined air-to-air tests in the U.S. Squadrons from the Air Force, Navy and Royal Australian Air Force participated.
The Air Force on June 22 said “various unique sensors from each weapon system,” data links and lines of communication meshed during the drills to create a common operational picture, increasing confidence in threat identification and speeding the distribution of information to fighter aircraft.
Lt. Col. Steve Wyatt, 81st Air Control Squadron commander, in a statement said such training is critical to “countering strategic competitors” and also provides an opportunity to collect data that will inform the modernization of weapons and tactics.
“In order to fight as joint and coalition forces,” he said, “we need to understand each other’s capabilities and limitations, and how each entity operates and communicates.”
Seamless information sharing — regardless of service or national affiliation — is one of the Department of Defense’s marquee efforts. The Air Force’s preeminent contribution is known as the Advanced Battle Management System, a next-generation form of command and control.
The 53rd Wing at Tyndall Air Force Base, Florida, regularly holds weapons system evaluation program events to test aircraft, weapons and other systems. For example, the F-15EX Eagle II fired a weapon for the first time in January at Combat Archer, an air-to-air evaluation program, when it tracked a drone and then launched a missile at it. That test verified the new fighter’s weapons system worked, the Air Force said, allowing it to move to more complex missile shots at future tests. (Source: C4ISR & Networks)
24 June 22. China’s deployment of ransomware will pose a growing threat as Beijing continues to seek technological superiority for Chinese firms. On 23 June, industry reports claimed that two Chinese state-linked hacking groups were targeting Japanese and western firms with cyber espionage activity. These two groups – tracked as APT 41 and APT 10 – are engaging in the novel technique of deploying ransomware onto their victims’ devices to disguise their cyber espionage activities and complicate cyber security experts’ attribution efforts. APT 41 and APT 10 are both highly sophisticated cyber threat actors that are known to engage in cyber campaigns at the behest of the Chinese government. Given that industries such as pharmaceutical, aerospace, defence, and manufacturing were targeted during the campaign, such activity is highly likely aimed at helping Beijing achieve its strategic goals. In this sense, China will likely attempt to reach the objectives set out in the 14th Five-Year Plan and Vision for 2030 by engaging in corporate espionage and intellectual property theft. This initiative’s aspirations for Chinese firms to gain technological superiority in several strategic sectors will remain at the forefront of China’s cyber policy agenda indefinitely. As such, China-linked cyber threat actors will launch further attacks against industries of strategic value to Beijing over the coming months. (Source: Sibylline)
————————————————————————-
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.
————————————————————————-