Sponsored by Spectra Group
28 Jul 22. US-North Korea: Washington’s higher bounty reflects rising threat of Pyongyang’s financially motivated attacks. On 26 July, US State Department raised rewards for anyone providing information to help disrupt North Korea’s malicious cyber activity to up to USD 10 m. This new figure doubled the amount Washington pledged in March 2022 for information on North Korean hackers targeting global cryptocurrency exchanges and financial institutions. The official announcement, communicated via Twitter, highlighted several Pyongyang-linked threat actors, such as Andariel, Bluenoroff, Guardians of Peace, Kimsuky, and the Lazarus group. Pyongyang-backed hackers have increased their attacks targeting Western countries’ critical infrastructure and blockchain companies. In July, the US Justice Department announced the seizure of USD 500,000 worth of Bitcoin from a North Korean-linked ransomware attack; Washington also accused the Lazarus group of stealing USD 620 m worth of cryptocurrency (see Sibylline Cyber Daily Analytical Update – 9 May 2022). The US government hopes the significantly higher bounty will help on collecting intelligence about North Korean hackers, though the rewards will not be an effective deterrence against the state-sponsored activity. With North Korea’s deteriorating socio-economic health owing to sanction and the Covid-19 pandemic, malicious cyber operations provide an important revenue stream for the reclusive regime. Western businesses, especially those in banking, blockchain economy, energy and utilities, are at greater risk of Pyongyang-linked cyber attacks. (Source: Sibylline)
27 Jul 22. US Army sets timeline for demo of new, hard-to-detect mobile command post. A burgeoning U.S. Army effort to ensure command posts are suited for fights teeming with sensors and combatants using advanced technology could soon be ready for a demonstration.
While the Mobile And Survivable Command Post project is still in the early stages of development, those closely involved are already eyeing a “significant, fully integrated” exhibition in the fiscal 2026-27 timeframe, possibly as part of the annual Project Convergence exercises.
“Project Convergence is probably in our future,” Tyler Barton, a computer scientist and MASCP project lead with the C5ISR Center, said during a July 21 roundtable with reporters. “Probably not next year.”
Project Convergence is the Army’s capstone test of cutting-edge kit and inter-service communications in furtherance of the Pentagon’s Joint All-Domain Command and Control vision for seamless and speedy information sharing on the battlefield. This year’s event, referred to as PC 22, will for the first time directly involve allies, Australia and the U.K. included.
MASCP is one of several Army ventures meant to modernize command posts, which can be cumbersome to move and produce noticeable amounts of heat, noise and electronic artifacts, making them targetable.
The mobile-and-survivable project digs into the science and technology realms to find solutions. They include remote antenna systems, resilient data storage, enhanced camouflage techniques and materials, and self-sufficient power generation and banking. Considerations must also be made for distance and connectivity; all the speed in the world does not matter if communications and data sharing go bust.
“We really saw how the aerial tier could extend our network, but we wanted to do some further evaluations,” said Army Brig. Gen. Jeth Rey, the director of the Network Cross-Functional Team.
“The more mobile and survivable the posture of your command post, the more challenging being effective is, both from a technology and systems standpoint, and just from a human standpoint of being dispersed from the staff you’re used to working with closely,” Barton said.
“The problem we’re seeking to get after is redesigning our command posts to survive competitive threats. That’s the bottom line,” he added. “We have a good understanding now of threat capabilities, how that maps to the vulnerabilities of command posts today.”
Scientists, engineers and other experts tested several preliminary MASCP capabilities this summer at the Network Modernization Experiment, or NetModX, at Joint Base McGuire-Dix-Lakehurst in New Jersey.
Much attention was paid to signature management and mobility. Barton said the testing at NetModX, assisted by industry, “very much benefitted our program.” MASCP will return to the weekslong experiment next year.
“They have resources up there that would be incredibly challenging for us to do without that being set up ahead of time,” he said. “The ranges, the frequency availabilty, the infrastructure, like towers for us to elevate our emitters, spectrum sensors on hand for us to utilize, the integration teams they have up there are all great.” (Source: C4ISR & Networks)
27 Jul 22. Cyber Co-operation with Germany Strengthens. Lieutenant General Tom Copinger-Symes, Deputy Commander Strategic Command, has visited the German Cyber and Information Domain Service (CIDS) as part of a co-operation programme between the two organisations. An updated bilateral arrangement, signed in an official ceremony during the visit, brings benefits to both countries. These are implemented through work strands set up to further hone cyber skills and capabilities, share information and experience, and draw on the relative strengths within each organisation.
As part of the visit, discussions were held on the CIDS approach to Cyber Operations and Cyber Career Management, and the establishment of an eighth ‘Cyber Componency’ work strand.
This new strand focuses on pooling cyber lessons from exercises and operational activity to improve how the UK and Germany operate in the Cyber Domain.
Speaking on the partnership, Lt Gen Copinger-Symes said; “With conflict on our doorstep, close cooperation with like-minded partners has never been more important. That’s why our partnership with CIDS is so exciting. It brings significant opportunities to learn from each other, pool resources and work together to strengthen the whole of NATO in this developing area of business.”
This sentiment was echoed by Vice Admiral Dr Thomas Daum, Commander and Chief of CIDS, who said; “Our bilateral work in the cyber domain will help to ensure the safety of both countries, and our allies, in cyberspace. By sharing our skills and experience we can develop a greater understanding of how we can best integrate cyber into our defence operations to offer the competitive edge required.”
The visit follows on from a productive workshop hosted in Northwood earlier this year led by Major General James Roddis, Director Strategy Strategic Command, and Brigadier General Peter Richert, Head CIDS Operations. Plans are in place to hold a second workshop later in the year, to complement the regular meetings at work strand level to ensure progress continues. (Source: https://www.gov.uk/)
26 Jul 22. Airbus successfully tests firefighting kit on A400M. Airbus has successfully tested a removable firefighting demonstrator kit on the A400M new generation airlifter during a flight test campaign in Spain.
The test campaign took place in daylight conditions with a minimum operating height of 150ft, flight speeds as low as 125 knots and drops involving up to 20 tonnes of water from the current tank in less than 10 seconds. The main objective of the campaign is to validate the drop water quantity and time as well as the ability of the A400M to carry out this new role with the kit. The development of this prototype and the tests have been carried out in close collaboration with the 43rd Group of the Spanish Air Force, as well as European authorities in Firefighting operations and the Ministry for Ecological Transition and Demographic Challenge (MITECO).
“The development of this firefighting kit is an intrinsic part of our journey towards helping to create a more sustainable and safer world, not only by our actions but also through our products. We strongly believe the A400M can play a vital role in the fight against the ever increasing threat posed by wildfires and support the restoration of social and environmental systems,” said Mike Schoellhorn, CEO of Airbus Defence and Space.
The Airbus firefighting solution created for the A400M is a roll-on/roll-off (RORO) kit that requires no modification to the aircraft and therefore is interchangeable to any aircraft in the A400M fleet. The water is stored in a fixed tank in the cargo hold, and retained by two independent doors. These doors are connected to two flood pipes, so when the discharge is triggered, the water is expelled through two sections at the end of the ramp. The introduction of this RORO solution allows a rapid reaction to unforeseen fires and reconfiguration of the aircraft to any of its other roles.
Due to its low level flight capability and maneuverability at low speeds, the A400M can accurately drop payloads of water at very low heights, down to 150ft. In the future, in addition to the development of the production version of this kit, Airbus will analyze this operation also in night time conditions, reinforcing the efficiency and effectiveness of the mission.
25 Jul 22. Australia unveils biotech security framework. Industry and academia have joined forces in a bid to strengthen biotech awareness across the defence and national security sectors.
The Safeguarding Australia through Biotechnology Response and Engagement (SABRE) alliance was recently launched at the inaugural Australian Defence Science Technology and Research (ADSTAR) summit.
SABRE aims to bolster biotech collaboration between Australian universities, research institutes and SMEs to inform projects across the Defence and national security spaces.
The three initial themes to be explored by SABRE include:
- human performance and decision making;
- genomics, bioinformatics and synthetic biology; and
- agriculture and biosecurity.
According to Defence Chief Scientist Professor Tanya Monro AC, the new framework would ensure defence and national security stakeholders have access to the latest biotech capabilities.
“SABRE will lead to the right questions being asked by the right people under the right framework,” Professor Monro said.
“This will ensure that defence and the national security sector capitalise on new opportunities arising from biotech research and development conducted within Australia’s research and industry sectors.
“SABRE, with its national focus, will draw together the right capabilities and capacities which currently exist in the biotech sector and support new horizon research into tangible outcomes.”
The launch of SABRE comes just a week after Professor Monro announced the round two recipients of the National Intelligence and Security Discovery Research Grants (NISDRG) program, aimed at addressing emerging threats in a changing national security environment.
The grants are expected to fund further research into:
- addressing vulnerabilities in artificial intelligence (AI) systems;
- investigating supply chain risks;
- new explosive detection methods;
- the development of sensing technology;
- secure computing; and
- machine learning for miniature satellites and electromagnetic shielding.
The grants are administered by the Australian Research Council (ARC), tasked with enabling national intelligence and security communities to systematically engage with Australian researchers. (Source: Defence Connect)
25 Jul 22. Scanning the skies: USAF transferring Compass Call to Gulfstream G550. The EC-130H Hercules aircraft has been in US Air Force (USAF) service since 1982. It is no ordinary C-130. The EC-130H is configured with the Compass Call electronic warfare (EW) system that employs a broad range of techniques to engage the electromagnetic spectrum (EMS) to disrupt enemy command-and-control and limit an adversary’s ability to manage and co-ordinate its forces. BAE Systems said its advanced mission system manipulates enemy communications, sensors, networks, and collaboration so US and allied forces retain full usage of and access to the EMS. During the Cold War, the type’s tasking was focused on jamming radio communications of the then Soviet Union-integrated air-defence networks. In the decades following the end of the Cold War, the Compass Call mission set evolved and now includes jamming tactical communications, air-surveillance radars, and jamming and detonating improvised explosive devices. (Source: Janes)
25 Jul 22. US Army tests aerial tier communications in Jersey Devil’s stomping ground. The Jersey Devil, a legendary creature believed by some to inhabit the remote Pine Barrens in southern New Jersey, is said to communicate using a high-pitched, blood-curdling scream.
This summer, scientists and engineers descended on the area, not to hunt for the mythical beast, but to experiment with communication technologies meant to reinforce U.S. Army capabilities in difficult terrain.
Officials said weeks of testing at the fourth annual Network Modernization Experiment, or NetModX, at Joint Base McGuire-Dix-Lakehurst brought the service’s aerial tier network one step closer to reality, where it could be used to bounce battlefield information across valleys, neighborhoods and other isolated areas.
“We really saw how the aerial tier could extend our network, but we wanted to do some further evaluations,” Army Brig. Gen. Jeth Rey, director of the Network Cross-Functional Team, told reporters July 21. “NetModX and EDGE were really able to help us in that, and now we’re going to introduce it back into Project Convergence 22, which will allow us to potentially take it further and get it into the hands of our soldiers.”
Aerial tier networking — one of dozens of focuses at the experiment — ensures connectivity by using airborne assets such as drones to overcome large, signal-impeding obstacles including mountains and buildings. Unlike satellites, which take time to arrange and can be jammed or destroyed, aerial tier gear can be deployed quickly overhead when and where soldiers need it, providing a critical link to friendly forces.
The Army is investing in the aerial tier network as the U.S. postures itself for larger-scale fights with world powers, the sort of conflicts that spread troops out and demand rapid information sharing. To that end, the Army has identified network modernization as one of six pressing priorities; others include long-range precision fires, air-and-missile defense and next-generation combat vehicles.
The location of NetModX, amid countless trees and other challenging landscapes, provided real-world conditions that the research community and industry leveraged. Realistic data and insights, officials said, are paramount to developing technologies best suited for a future fight.
“I’ve told my team that we don’t need to test where everything’s wide open and flat because we need to test operationally, where we think we might be,” said James Tucker Swindell, chief of the radio frequency communications division at the C5ISR Center. “If you pull up your Google Maps and you look around the world, there are a lot of trees, a lot of foliage, and that can be very temperamental when it comes to specific frequencies in the RF spectrum.”
Among the C5ISR Center’s interests at NetModX was the Relay for Aerial to Non-line-of-sight Ground Environment, or RANGE, a science-and-technology program aimed at creating a “transformative tactical radio relay capability,” according to Swindell.
“We’re pushing for high throughput non-line-of-sight tactical comms, providing resilient options for communications-denied environments, all while incorporating the modular form factor for” unmanned aircraft systems, he said. “The reason why we’re doing that is if we build it for a UAS, when you need to scale it up for manned aircraft, it’s a lot easier to go that direction than the reverse.”
The RANGE team is working intimately with the Future Vertical Lift Cross-Functional Team to study and connect unmanned and other aerial systems to boots on ground.
At last year’s Project Convergence, a comprehensive exercise that contributes to Joint All-Domain Command and Control, a small drone was used to pass on communications and maintain contact. The Army hailed it as a success.
“That aerial tier will thicken and extend our network, our communications,” Rey said, “and improve the range and resilience of our network across the board.” (Source: Defense News)
25 Jul 22. US: Growing cyber attacks targeting Los Angeles seaport increases threats to socio-economic health. On 23 July, authorities at the Port of Los Angeles revealed that the number of cyber attacks targeting the facility has increased significantly since the start of the Covid-19 pandemic. According to the port’s executive director, Gene Seroka, the number of attacks has doubled since the start of the pandemic to around 40 m per month. Seroka said intelligence shows the attacks primarily originate from Russia and Europe; and that their likely aim is to disrupt port operations and harm the US economy. Los Angeles is the US’s busiest seaport and is still dealing with freight backlogs caused by the pandemic that have affected national supply chains. The increased targeting of the facility is likely part of Russian state-sponsored efforts to retaliate against US economic sanctions imposed on Russia over its invasion of Ukraine. It increases the threat of further major disruption to US supply chains that will exacerbate current economic challenges. (Source: Sibylline)
25 Jul 22. Defense supply chains most targeted and vulnerable point of access for cyberattacks, says GlobalData. Cybersecurity has become a key issue to consider for all sectors in the wake of the growing connectivity between physical and digital systems. The sensitive nature of defense data and the consequential national security concerns elevate the importance of data security for defense manufacturers. Suppliers in the chain often work with multiple companies. This makes several companies in the supply chain more vulnerable to just one fatal cyberattack, says GlobalData, a leading data and analytics company.
GlobalData’s latest report, ‘Cybersecurity in Defense – Thematic Research’, reveals that small companies are often seen as sitting ducks for hackers, working as gateways to access the larger companies and defense companies are aware of the increasing threat landscape.
The number of mentions of cybersecurity by defense companies in their filings almost tripled between 2016 and 2021 to over 30,000, reveals GlobalData’s Company Filing Analytics.
Emma Taylor, Associate Analyst at GlobalData, comments: “Cybersecurity is of great importance for every sector. However, the sensitive nature of defense data and consequential national security concerns elevate the importance of data security for defense manufacturers. Defense companies, although aware of the cybersecurity threat, need to be aware of the weakest link of their cybersecurity defenses. Unfortunately, that is often outside their own company.”
Smaller companies often do not have sufficient bandwidth to effectively monitor, correlate and respond to breaches in a cyber secure fashion. Limited resources and a severe industry-wide shortage of trained cybersecurity experts only add to this pressure.
Taylor continues: “To counteract the threat of cyberattacks seeking sensitive defense data, companies are becoming increasingly collaborative in their approach, sharing information about attacks and breaches. They are also adopting a zero-trust security model that eliminates the concept of trust from an organization’s network architecture.”
Cyberattacks can severely disrupt supply chains. If operating systems (which any company in the supply chain is using) are compromised by cyberattacks, it will delay processes significantly.
Taylor concludes: “Supply chain disruption causes a knock-on effect that creates serious issues for both companies and militaries. More and more technologies used in defense need semiconductors to operate, including some missiles. This demand has outstripped supply, hitting the defense industry hard.”
25 Jul 22. Europe: Latest North Korea data exfiltration campaign highlights sustained threat to government institutions. On 23 July, industry reports revealed that North Korean state-linked hackers launched a malware campaign targeting “high value organisations” in several European countries, including Poland and Czech Republic. Threat analysts at the cyber security firm Securonix concluded that the spear-phishing data exfiltration campaign used a remote access trojan (RAT) known as Konni. The tactics and methods deployed in the attack match the Pyongyang-backed advanced persistent threat group APT 37, which has conducted similar campaigns against foreign political and commercial establishments (see Sibylline Cyber Daily Analytical Update – 26 April 2022). According to Securonix’s analysis, the attack consists of a phishing email containing a malware-infected Word document and a Windows Shortcut file shown as a report from a Russian war correspondent. Once the victim opens a file, the Konni RAT is installed, allowing the hackers to gain access and control to the system, capture screenshots and extract data and saved credentials. While Securonix did not disclose the targets, previous similar attacks targeted government entities such as foreign ministries and diplomatic posts, suggesting that the latest campaign is attempting to further Pyongyang’s strategic and geopolitical objectives. To this end, Pyongyang-sponsored groups will continue to target European and US government institutions, especially given the low prospects of a resumption of diplomatic dialogue in the near future. (Source: Sibylline)
22 Jul 22. UAE: Three-fold increase in cyberattacks highlights vulnerability of businesses with outdated cybersecurity infrastructure. The deputy head of the Sharjah Police, Brigadier General Abdullah Mubarak bin Amir, launched an interactive public initiative on 21 July to combat cybercrime. The “Be Aware: Stop, Think, Protect” campaign comes after police data revealed that cyberattacks have increased by at least 70 percent since 2020. Perpetrators are utilising phishing and ransomware techniques to target victims. The Dubai Electric and Water Authority distributed a warning to its customers in May over an increase in phishing attempts. Recent statistics largely mirror the global increase in cyberattacks since the start of the Covid-19 pandemic. This comes amid an increase in lockdown-related online activity and the digitalisation of workspaces. While the police campaign primarily applies to local residents, businesses are at greater risk, particularly those with outdated cybersecurity infrastructure. Threat actors will likely target corporate vulnerabilities, seeking to infiltrate systems, heightening regulatory risks for all sectors. (Source: Sibylline)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.