BATTLESPACE Updates

   +44 (0)77689 54766
   

C2, TACTICAL COMMUNICATIONS, AI, CYBER, EW, CLOUD COMPUTING AND HOMELAND SECURITY UPDATE

by

Sponsored by Spectra Group

 

https://spectra-group.co.uk/

————————————————————————

11 Aug 22. TurbineOne Announces Strategic Partnership with FEDDATA to Empower American Warfighters Serving at the Tactical Edge.

TurbineOne, the frontline perception company dedicated to empowering first responders and warfighters with the world’s best technology, today announced a new product partnership with FEDDATA to deliver AI to the comms-contested tactical edge. In today’s battlefield environment, cloud computing has not directly been available to America’s frontline warfighters. Information networks in dangerous environments are constantly constrained by denied, degraded and intermittent or limited (DDIL) bandwidth. Thankfully, major advances in edge computing now make it possible to deliver the power of the cloud and Artificial Intelligence (AI) to the tactical edge.

FEDDATA is the premier distributor of an edge computing powerhouse known as the “Prometheus BoxTM” which is an integrated Graphical Processor Unit (GPU) that is powered by Dell. The Prometheus Box was designed by cyber operations experts as a robust platform for cyber missions. It is highly mobile, flexible, and modular. As an analogy to personal computers that arrive with hardware, an operating system, and some applications pre-installed, this partnership between FEDDATA and TurbineOne makes available the hardware, operating system, and AI software easily available to hyper-enable warfighters to detect, categorize and respond to threats.

“TurbineOne is excited to partner with FEDDATA, a Dell Titanium Partner, to empower the American warfighter with greater situational awareness,” said Ian Kalin, CEO of TurbineOne. “Recent advances in edge computing, orchestration software, and AI have delivered transformative advances to the autonomous vehicle industry and those capabilities must also be leveraged to help our national security.”

With this new partnership, the Prometheus Box can now be supercharged by TurbineOne’s Frontline Perception System (FPS)TM to deliver the AI to the tactical edge and enhance situational awareness. The Prometheus Box already performs sensor fusion onboard an incredibly powerful edge computing platform, bringing together diverse video, radio, audio, and other signals. With the FPS, the Prometheus Box can now monitor these sensor feeds and alert Operators so that people don’t have to physically and constantly monitor those same feeds. This shift in operational change – being alerted by the computer instead of staring at screens – strengthens operational posture and accelerates mission accomplishment.

Additionally, the FPS delivers two transformative new features to Prometheus Box customers: AutoML and ML Interoperability. AutoML is the industry-practice of making new Machine Learning (ML) models without requiring Users to code and without the cumbersome need for extensive training data. As for the ML Interoperability feature, Operators will be able to load 3rd party algorithms into Prometheus Box with much greater ease, which helps to break down data silos.

“We are excited to work with the innovators at TurbineOne,” said Wayne Schmidt, EVP of Cyber Operations at FEDDATA. “Their Frontline Perception System is the AI platform every frontline operator wishes they had when trying to find dangerous things.”

About FEDDATA

FedData Systems (FDS) is focused on discovery and intelligence support operations in the digital environment. Its offerings include IT services, cyber intelligence analytics and operations, cyber tools, and consulting solutions.

FedData Technology Solutions (FDTS) is an IT value added reseller (VAR) and a Dell Titanium Partner.

About TurbineOne

TurbineOne is the frontline perception company. Founded by veterans from elite organizations within Silicon Valley (Source: BUSINESS WIRE)

 

11 Aug 22. Allen-Vanguard continues its work with industry partners to innovate and integrate ECM data into Army Tactical C2 Systems. Allen-Vanguard, the global leader in providing customized solutions for defeating Radio Frequency (RF) based terrorist and extremist threats, has been innovating with industry partners to integrate their latest ECM system (EQUINOX Next Generation) into Canadian Army Tactical Command and Control systems.

Allen-Vanguard is expanding on its existing experience of maximizing the capability and flexibility of their ECM assets by utilizing the ATAK ECM Plug-in. They are now innovating with General Dynamics Mission Systems–Canada (the current provider of the Canadian Army Tactical C2 capability) to ensure that these benefits could be delivered through in-service equipment and communications infrastructure, while preparing for future electronic warfare requirements and essential modernization programs.

The integration solution provides direct C2 to the EQUINOX (NG) ECM system facilitating operational mission fills and delivers real-time enhanced situational awareness to increase the response time for quick reaction forces and support decision makers to improve operational tempo. Using the existing Army C2 system and network minimizes the training burden and creates the possibility to remotely operate, exploit and reconfigure key ECM systems. This process simplifies their operation and maintenance, while reducing the size and weight of system management by removing the need for extra cables and controllers.

Steve Drover, Director Business Development said “Allen-Vanguard is committed to innovation in order to meet the challenges of the future battlespace. This exciting research and development program with General Dynamics Mission Systems–Canada is an excellent example where both companies are collaborating to maximize the capability, flexibility and operational data exploitation of existing in-service systems for the benefit of users and commanders.”

 

11 Aug 22. Raytheon Intelligence & Space’s Global ASNT Delivers Initial Operating Capability.

  • Modernized beyond line-of-sight communications systems to support Nuclear Command, Control and Communications and Joint All Domain Command and Control missions

Raytheon Intelligence & Space, a Raytheon Technologies business, recently delivered the Initial Operating Capability for the Global Aircrew Strategic Network Terminal system, or Global ASNT, to the U.S. Air Force.

Global ASNT ensures robust communications to nuclear bomber, missile and support aircraft crews in austere environments. The Global ASNT capability will be critical to enable joint connectivity in the highly contested battlespace, supporting the U.S. Department of Defense’s vision for Nuclear Command, Control, and Communications, or NC3, and Joint All Domain Command and Control, also known as JADC2.

“Ensuring these critical protected communications capabilities support NC3 and longer-term JADC2 missions is critical to our national security,” said Denis Donohue, president, Surveillance and Network Systems at RI&S. “Our investments in the NC3 mission are delivering direct benefits to the troops and Global Strike Command. We’ve delivered and installed more than the four systems required for IOC and have provided training to support the customer’s IOC decision.”

The resilient communications capability brought by Global ASNT will enable the U.S. Air Force to operationalize joint warfighting by securely sharing data in highly contested environments. JADC2 is the DOD’s vision for a future command-and-control network that will connect the battlespace across every domain – sea, air, land, space, cyber and the electromagnetic spectrum. RI&S is contributing its multi-domain footprint of capabilities in space systems, resilient communications, sensors, AI/ML, and mission software to enable DOD’s JADC2 architecture.

RI&S has invested ms on infrastructure and capabilities to support the NC3 mission on Global ASNT by:

  • Building, testing, delivering, and installing both fixed and transportable Global ASNT terminals and spares sets.
  • Training more than 100 people, including operators and maintainers.
  • Establishing Contractor’s Inventory Control Point (C-ICP) to manage depot operations centrally during Interim Contractor Support (ICS) period.
  • Providing help desk support to fielded and deployed operators and maintainers.
  • Continuing to deliver and install terminals and offering training weekly.
  • Establishing classified labs and classroom spaces.

Primary work locations for this effort are in Florida and Massachusetts, with major suppliers in California, Pennsylvania and Texas. The balance of nearly 250 suppliers supporting the program are spread across the U.S.

(Source: ASD Network)

 

11 Aug 22. August Radio Roundup. Armada’s monthly roundup of all the latest news in the military communications product, programme and operational domains.

Products

Northrop Grumman and Airbus will collaborate on satellites supporting the US Department of Defence’s National Defence Space Architecture (NDSA), Janes reported on 7th July. The collaboration between the two companies could see the development of 42 communications satellites to support the NDSA. Airbus will build the spacecraft based on the company’s Arrow Low Earth Orbit (LEO) satellites. LEO satellites orbit at below 1,079 nautical miles/nm (2,000 kilometres/km) above Earth. In February, Lockheed Martin, Northrop Grumman and York Space Systems was awarded several contracts relating to the NDSA programme. The National Defence Space Architecture is discussed in more detail in our Space for Growth article.

Programmes

Staying in the Satellite Communications (SATCOM) domain in early July The Tribune reported that the Indian government has ordered the development of indigenous SATCOM terminals for Indian Navy vessels. The Indian Navy is looking for C-band (3.7GHz to 6.425GHz) and Ku-band (10.9GHz to 14GHz) terminals. These will carry traffic across India’s GSAT-7 military communications satellite. This provides coverage over the Indian Ocean.

In July Airbus announced it had completed the critical design review for the UK’s forthcoming Skynet-6A satellite scheduled for launch in 2025.

Looking toward the UK, Airbus has completed its critical design review of the Ministry of Defence’s (MOD) future Skynet-6A military communications satellite. The news follows the company’s completion of the preliminary design review in January 2021. The solitary Skynet-6A will join the UK’s fleet of four Skynet-5 spacecraft. Airbus operates the Skynet-5 constellation on the MOD’s behalf. Skynet-5 provides X-band (7.9-8.4GHz uplink/7.25-7.75GHz downlink) satellite communications. This is alongside Ka-band (26.5-40GHz uplink/18-20GHz downlink) and Ultra High Frequency (240MHz to 270MHz) links. Skynet-6A is planned for launch in 2025.

Inmarsat has won a contract worth $578.4m from the US Defence Information Systems Agency to provide commercial SATCOM services to ships in the US Navy’s Military Sealift Command. Reports say the provision will run from this July for ten years, provided all options are exercised. In total, the options cover seven years of service provision beyond the initial three-year base period. Inmarsat operates commercial services using L-band (1.3GHz to 1.7GHz), S-band (2.2GHz to 2.4GHz) and Ka-band links.

Kratos’ OpenSpace software will be acquired by the US Army to help manage its future SATCOM networks by turning elements of ground station hardware into software.

Kratos has been awarded a contract by the US Army’s Combat Capabilities Development Command to build a virtual SATCOM ground system, according to army-technology.com. The initiative will use the company’s OpenSpace platform. The platform takes elements of a SATCOM ground station and turns them into software. The company’s official literature says “almost every piece of the ground station can now be turned from hardware to software”. Kratos states the platform can be used to manage SATCOM networks, allocate data and network resources and integrate new applications. The OpenSpace platform should help configure future army SATCOM networks and infrastructure, the report continued. Specifically, it should help rapidly scale these capabilities to the tasks they need to support.

Recent exercises in Germany highlighted problems experienced by US Army Stryker combat vehicles which may be the fault of systems supporting the army’s CS-23 networking and communications package.

The US Army has identified problems associated with its General Dynamics M-1133 Stryker armoured fighting vehicles during exercises in Germany. The news was reported by c4isrnet.com in early July. The army’s forthcoming Capability Set-23 (CS-23) was being evaluated during the exercise. The US Army is rolling out modernisations to its communications and networking across the manoeuvre force through a series of capability sets. These are implemented every two years. CS-21 is currently being rolled out. Challenges observed during the exercise included the power levels the Strykers could provide during so-called ‘silent watch’. This is when the vehicle’s batteries are used to power systems rather than its engines. Investigations are now ongoing whether these problems were caused by the power demands of the CS-23 systems, the Strykers or both. Lessons learned from the tests in Germany will help inform CS-23 deployment decisions expected in early 2023.

Elsewhere in the US Army, the force has concluded its Network Modernisation Experiment (NETMODX) which was held recently at Joint Base McGuire-Dix-Lakehurst, New Jersey and involved several participants. According to a report by breakingdefense.com, the experiment helped evaluate protected communications for electromagnetically contested environments. Specifically, technologies relevant to the US Army’s Future Vertical Lift programme were examined. Other technologies included non-line-of-sight communications for uninhabited aerial vehicles. These communications architectures maybe relatively easy to scale up to inhabited platforms, the report added. Innovations evaluated during NETMOD could find their way into future US Army capability sets (see above). (Source: Armada)

 

11 Aug 22. Ionosphere Investigations – DARPA’s Ouija Programme Gets Underway. The ionosphere is the essential ingredient for skywave high frequency communications. DARPA’s Ouija programme will use satellites to help understand the behaviour of this atmospheric layer.

The US’ Defence Advanced Research Projects Agency’s Ouija programme will delve into the mysterious world of ionospheric high frequency communications.

Skywave HF (three to 30 megahertz) transmissions use the ionosphere to avoid the curvature of the planet. This layer of the atmosphere is between 26 nautical miles/nm (48 kilometres/km) and 521nm (965km) above Earth. HF waves cannot penetrate the ionosphere meaning they are reflected to Earth. If HF transmissions are projected at an angle towards the ionosphere, they will bounce off at an angle. This mimics how a snooker ball bounces off the cushion of the table. This attribute let HF traffic traverse intercontinental distances. However, the ionosphere is a capricious place. Space weather like the solar wind, the stream of charged particles released by the sun’s corona, greatly affects levels of ionisation. This impacts how efficiently HF communications are performed.

The Defence Advanced Research Projects Agency (DARPA) has launched a programme called Ouija to better understand the ionosphere. The programme was revealed in a press release published by DARPA in April. The document said that Ouija will use Low Earth Orbit (LEO) satellites to measure the ionosphere’s behaviour. LEO satellites orbit at below 1,079nm (2,000km) above Earth. These satellites will specifically take measurements from altitudes of between 108nm (200km) and 162nm (300km). Ionospheric electron density reaches its maximum at these altitudes, making them particularly suitable for HF communications. DARPA released its first solicitation for these satellites on 21st April.

Pathfinder Satellites

The Ouija satellites will “provide high fidelity in-situ ionospheric measurements that enable accurate predictions of regional ionosphere conditions,” according to the programme solicitation. This will allow the development of propagation models with “unprecedented resolution in space and time.” These models should help further refine HF use by improving the prediction of how the ionosphere may behave. Ouija is interesting as measuring ionospheric activity has traditionally depended on ground-based infrastructure. Taking ionospheric measurements from space is a new approach. Ouija’s measurements will be blended with those taken using ground-based equipment helping improve accuracy still further.

The key metric for ionospheric measurement is electron density in the ionosphere at any given time. The Ouija satellites will help calculate this through direct sampling and radio occultation. The latter detects changes in radio signals as they pass through the Earth’s atmosphere. “It is anticipated that the scientific payload will use or adapt commercial-off-the-shelf components” the solicitation said.

An initial Pathfinder satellite will be launched containing the mission payload as part of the programme’s Phase-1B. Phase-2 will see the launch of a further six satellites based on this design and lessons learned from the first spacecraft. The additional six spacecraft will help increase ionosphere measurement density. The solicitation expects the Pathfinder satellite to be launched in April/May 2024. The additional six satellites are expected to follow in November 2025. As Ouija is a research project, the satellites will have a relatively short lifespan of less than one year.

Military high frequency radio is experiencing a renaissance thanks to its practicality as an alternative to satellite communications. The Ouija programme will be an important step forward in helping improve the understanding of the ionosphere’s capricious nature. (Source: Armada)

 

10 Aug 22. North Korea: Pyongyang’s targeting of cryptocurrency exchanges and healthcare services with the Maui ransomware likely to fund its nuclear and ballistic missile programmes. On 9 August, cyber security firm Kaspersky claimed that they linked the Maui ransomware operation to the North Korean state-directed hacking group Andariel with a “high degree” of certainty. Andariel has been operating at least since 2015 and is known for targeting financial service providers, media firms, construction companies, government entities, and military-related organisations. This attribution follows the US government’s July advisory that North Korean cyber actors are using the Maui ransomware to encrypt healthcare service-related servers for financial gain. Such activity is indicative of the UN Security Council’s February report that North Korean hackers stole “ms of dollars” worth of cryptocurrency between 2020 and mid-2021 via cyber attacks (see Sibylline Cyber Daily Analytical Update – 8 February 2022). Such cyber attacks have provided Pyongyang with a way to generate critical revenue in the face of crippling international sanctions and Covid-related border closures that have severely limited the country’s economic capabilities. Further Pyongyang-sponsored cyber campaigns are highly likely to be launched in the coming months, especially as the cost of its strategic weapons programmes – estimated at 2 percent of its 2022 GDP so far – continues to be a significant drain on its finances. (Source: Sibylline)

 

09 Aug 22. Information Enterprise Modernization Is an Important DOD Priority, Official Says. Cloud adoption, software modernization, artificial intelligence and cybersecurity are paramount to all Defense Department missions, the acting deputy chief information officer for the Information Enterprise said.

Lily Zeleke spoke today at a Worldwide Technology and Intel-hosted event.

“Our ability to deliver information at resilience and speed, as well as secure information to our people, is paramount to staying ahead of adversaries,” she said.

Funding these technologies within the appropriated budget is a balance between cost efficiency and mission effectiveness, Zeleke said.

“We’re working for the public and for the country. I emphasize that resources and costs are critical, but the mission is just as critical, so it is a balance between cost effectiveness and mission effectiveness for us,” she said.

Zeleke also said that zero trust is a big factor in making the movement to the cloud a success.

“Zero trust is sort of like assuming that the adversary might already be in ,” she said.

Therefore, zero trust is about protecting the data at all levels and giving the right persons at the right security levels access to the data they need for mission success, she said.

DOD has a massive amount of data, she noted. “It’s really how we analyze it, process it, make sense of it, and deliver it to our warfighters and components in a way that it’s usable.”

Each of the services and the department are now working to converge, streamline and implement information enterprise modernization, as laid out in DOD’s 2022 Software Modernization Strategy, she said.

“It is not simple, because our processes are ingrained and we have a big organization, but it’s not impossible,” she said. “Technology’s the easy part. … But people are complicated. Processes are complicated.

“We need all hands-on deck,” she said, referring to DOD’s need to partner with allies, industry and academia. (Source: US DoD)

 

09 Aug 22. SimSpace Launches SimSpace Partner Network™.  SimSpace, the leading cybersecurity risk management platform company, today announced the formal launch of the global SimSpace Partner Network aimed at giving channel resellers, service providers, and technology alliance partners the toolset they need to accelerate sales and capitalize on new revenue opportunities.

“Partners are critical to our growth and goal to create the most comprehensive cybersecurity ecosystem for assessing and building confidence in security talent and technology,” said Mike Heumann, CRO, SimSpace. “Our program not only drives market opportunities for our partners and helps them accelerate sales and capitalize on new revenue stream opportunities, it helps to secure organizations worldwide against the growing global threat landscape.”

The SimSpace Partner Network is designed to foster collaboration and enable partners worldwide to leverage the full value of the SimSpace Cyber Range platform to best serve their customers and drive more business wins. The program establishes the most comprehensive cybersecurity ecosystem in the industry, giving partners access to a variety of technologies and vendors, including breach and attack simulation, training institutes, threat intelligence and incident response, endpoint and network security providers, security information and event management (SIEM) vendors and security orchestration, and automation and response (SOAR) solutions. Organizations including Mandiant, Cymulate, CyCognito, ADEO, and IDNet have already taken full advantage of the program.

“The SimSpace platform and partner program provides a valuable tool for us to deliver and demonstrate the capabilities of our attack surface management and protection solutions without compromising production systems,” says Josh Hogle, Director of Technology Alliances, CyCognito. “This program allows us to continue expanding our business worldwide, and through our integrated solution, we can also deliver continuous red team vs. blue team exercises within a high-fidelity simulation of our customers’ production environments.”

Embracing a partner-first approach, the new program supports all partner efforts to serve their customers and differentiate themselves in a competitive market. With aggressive margins and deal production, as well as rich sales enablement and joint marketing support, members of the SimSpace Partner Network can increase revenue and add value to customers, including:

  • Elevate Customer Training Programs — Help clients gain hands-on experience defending against advanced threats using simulated attacks on a digital twin of their production environment, using the highest fidelity cyber range platform. Customers and partners are also encouraged to take advantage of the SimSpace Certified Range Engineer training program.
  • Help Customers Maintain Compliance — With regular live action events and reporting frameworks, customers can provide evidence of compliance with reports aligned with leading cybersecurity frameworks, associations and industry-specific or regulatory requirements.
  • Deliver Confidence in the Cyber Range — With industry-leading fidelity and scalability with real cyber tools and environments, partners can help their customers feel confident in their cyber defenses. The SimSpace Cyber Range Platform allows partners to differentiate their capabilities to help customers optimize teams and technologies for success. Hence, they always have the edge when it comes time to defend against advanced threat actors.
  • Collaborate with multiple partner types — To expand joint business opportunities across a broad set of companies and market segments, SimSpace invites MSSPs, MSPs, VARs, distributors, cybersecurity associations and cybersecurity solution vendors to participate. SimSpace ensures that partner integrations are bespoke and customized to specific use cases.

“We are delighted to partner with SimSpace and help boost cyber readiness in our region,” says Paul Zhdanovych, Managing director, SOFTPROM Distribution Gmbh. “As we work together to improve our mutual customers’ cybersecurity journeys, the SimSpace Partner Network delivers a clear and rewarding program which drives business growth for our reseller network.”

“ADEO is delighted to partner with SimSpace and help boost cyber readiness in the Turkish market,” says Halil Ozturkci, CSO, ADEO. “As we work together to improve our mutual customers’ cybersecurity journeys, the SimSpace Partner Network enhances our ability to deliver the world’s best cyber readiness platforms.”

The SimSpace Cyber Range platform is trusted by organizations worldwide, including the US Department of Defense Persistent Cyber Training Environment (PCTE), the Department of Homeland Security, five of the 15 largest financial institutions in North America, and several of the world’s largest retailers.

About SimSpace

SimSpace delivers the most comprehensive cybersecurity risk management platform, instilling confidence in an organization’s cybersecurity talent and technologies. With SimSpace, security teams, operational processes, and environments are continuously tested, readily available, and optimally tuned to defend against advanced adversaries. SimSpace: Secure with Confidence. For more information, visit www.simspace.com.

(Source: BUSINESS WIRE)

 

09 Aug 22. US Navy receives first AN/ALQ-249 NGJ-MB production representative pod. The NGJ-MB is part of a larger system that will replace ALQ-99 tactical jamming system. The US Navy has received its first set of AN/ALQ-249 next generation jammer mid-band (NGJ-MB) production representative pods from Raytheon Intelligence & Space.

The fleet representative test pods, which makes one NGJ-MB shipset, arrived at Naval Air Warfare Center Aircraft Division (NAWCAD), Patuxent River in Maryland on 7 July.

The pods were handed over to the Airborne Electronic Attack (AEA) Systems Programme Office (PMA-234) pod shop.

This shop will be responsible for using the test articles to complete the developmental test (DT) programme.

Following the completion of DT, PMA-234 will begin operational test (OT) that requires operationally representative hardware and software.

NAWCAD Air Test and Evaluation Squadron (VX) 23 AEA project officer lieutenant Alexander Belbin said: “We will test pods for everything we expect to encounter in fleet.

“For example, power they generate, frequency range they operate in, and effects we can achieve against expected targets across spectrum.”

The remaining DT will be carried out by VX-23 and VX-31 at NAWCWD, China Lake in California, while OT will be performed by VX-9 at Naval Air Weapons Station, China Lake. (Source: naval-technology.com)

 

09 Aug 22. US: Organisations and individuals associated with US political campaigns will be at heightened risk of follow-up cyber attacks in the weeks leading up to the US Midterms. On 8 August, industry reports claimed that the cloud communication firm Twilio was subjected to a cyber attack that resulted in some of its customers’ data being compromised. This incident reportedly occurred after unknown attackers targeted several of Twilio’s employees with SMS phishing attacks and gained access to the firm’s internal systems. Twilio declined to provide further information about this incident, including how many customers were impacted, making it difficult to forecast based on strategic intent. Nevertheless, Twilio’s platform is highly popular amongst US-based political campaigns and government agencies, increasing the likelihood that information related to politicians and/or individuals involved in campaigning for the November US Midterm elections was compromised. While Twilio claimed that the compromised employee accounts have been revoked and the attackers’ access blocked, there remains a realistic possibility that these threat actors will utilise the compromised information, such as phone numbers, to engage in follow-up cyber activity. Such campaigns are likely to take the form of phishing and intelligence-gathering operations and be targeted against political campaigns and their volunteers, donors, and party affiliates. (Source: Sibylline)

 

09 Aug 22. Global: Organisations operating in high-risk investment regions will remain a primary target of Beijing-linked espionage campaigns. On 8 August, industry reports claimed that industrial plants, research institutes, government agencies and ministries in Belarus, Russia, Ukraine, and Afghanistan were targeted by Chinese state-linked cyber espionage campaigns. These hackers – tracked as TA428 – utilised spear phishing emails to gain access to their targets’ systems and deploy a malware payload, including CotSam, which allowed the hackers to exfiltrate system information and files. While the aim of these campaigns is unclear, the Chinese government is historically known to launch espionage-related activity in regions where it has strategic interests to gather intelligence on political, economic, and/or security threats that could impact its investments in those regions. Given its targeting of Russia, Belarus, and Ukraine-based organisations, there is a realistic probability that one of these campaigns’ goals is to track developments in the Ukraine conflict. Further such cyber espionage campaigns are highly likely to be launched in the coming six months, especially as tensions over growing geopolitical considerations, such as the Taliban government in Afghanistan and Russia’s invasion of Ukraine, sustain these regions’ uncertain investment climate for the foreseeable future. (Source: Sibylline)

 

08 Aug 22. LM’s NGI Achieves Communications Testing Milestone, Proves Ability to Operate in Harsh Environments. Lockheed Martin recently validated prototype communications radio technology for the Next Generation Interceptor (NGI) during a recent test milestone. The NGI’s mission is to protect the U.S. homeland from increasing and evolving intercontinental ballistic missile threats. Critically, the interceptor and its components must be able to receive and share data from the ground and throughout the mission across vast distances, at tremendous speed through harsh environments.

Through early prototype testing at Lockheed Martin’s facility in Sunnyvale, California, the company demonstrated that the interceptor’s communications system can operate through harsh and adversarial environments it may encounter during flight. This communication technology is important because it provides in-flight situational awareness enabling elements of the interceptor to effectively respond to complex threats.

“Early demonstrations like this allow us to learn as we go and manage risk,” said Sarah Reeves, vice president and program manager of the Next Generation Interceptor program at Lockheed Martin. “This milestone continues the NGI team’s successful early and often testing cadence of critical technologies within our digital system design as it matures in alignment with our Developmental Evaluation Framework.”

Lockheed Martin’s NGI program was born digital, using all-digital tools prior to contract award through the design and development phase. Through Agile development, the NGI team was able to rapidly create and prototype the communications capability through a focused approach on development, security, and operations (DevSecOps), reducing risk early.

The NGI team incorporated rapid prototyping, in connection with Austin, Texas, small business X-Microwave, a Quantic Company, delivering hardware platforms for software-defined radio development in weeks, rather than months, allowing for faster design evolution.

Lockheed Martin is moving with a sense of urgency, focused on continually maturing, testing and demonstrating the NGI system’s components to validate system performance. The first Lockheed Martin NGI is forecast for delivery in FY2027. (Source: ASD Network)

 

08 Aug 22. North Korea: Pyongyang’s targeting of Fintech, Western governments, and think tanks will persist amid growing cost of strategic weapons programmes. On 7 August, industry reports claimed that a North Korean state-linked actor is targeting fintech industry employees with social engineering-enabled cyber attacks. These hackers, known as Lazarus Group, are approaching fintech industry employees on LinkedIn as an alleged “representative” of cryptocurrency exchange Coinbase with a job opportunity in PDF format that when opened executes malicious macros that allow the hacking group to perform several actions, including reconnaissance. This is the latest North Korea-linked campaign since another threat actor, Kimsuky, began utilising malicious extensions on Chromium-based web browsers to engage in cyber espionage earlier this year (see Sibylline Cyber Daily Analytical Update – 1 August 2022). There is a realistic probability that these latest campaigns are aimed at providing Pyongyang with either intelligence on foreign governments’ policies towards North Korea and/or exfiltrating funds given their focus on government entities, think tanks, and fintech firms. Pyongyang-backed financially motivated and intelligence-focused cyber attacks are highly likely to be launched in the coming six months, especially given that the cost of North Korea’s strategic weapons programmes, which are estimated are 2 percent of its GDP in 2022, continue to present a significant drain on its dwindling revenue streams. (Source: Sibylline)

 

08 Aug 22. United Kingdom: The intensity of cyber attacks against healthcare and pharmaceutical entities will continue due to their storage and maintenance of highly sensitive and exploitable information. On 5 August, British managed service provider (MSP) Advanced announced that its client patient management solution has been disrupted by a cyber attack. This solution is reportedly used by “85 percent of NHS 111 services” and the Local Health Boards to refer patients to out-of-hours GP providers. Advanced’s Chief Operating Officer Simon Short claimed that the cyber attack has been contained to 2 percent of their Health and Care infrastructure. While Short declined to provide further information about this incident, the description of the cyber attack lends itself to either a ransomware and/or data extortion attack. If officially confirmed, this incident would reflect cyber security firm Sophos’ findings that nearly 66 percent of healthcare organisations were subjected to a ransomware attack in 2021. Healthcare organisations remain a high-priority target for cyber criminals given they store large volumes of highly sensitive and exploitable information, such as patient records. With this trend set to persist, further such cyber attacks are highly likely to emerge in the coming months against healthcare entities such as hospitals and pharmaceutical firms and the MSPs supporting their operations. (Source: Sibylline)

 

05 Aug 22. Operation Cyber Dragon turning US Navy reservists into digital defenders. On the borderlands of Fort Meade, the U.S. Navy is taking a tandem approach to cyber defense and talent development.

Inside an unassuming office building, a few floors up and tucked into a spread of austere rooms, is Operation Cyber Dragon. The brainchild of Chief Warrant Officer Scott Bryson, the hands-on endeavor authorized by U.S. Fleet Cyber Command aims to fix virtual vulnerabilities — shoring up systems bit by bit — while also fostering a new wave of cybersecurity expertise.

“We’re doing it so that we can continue to mitigate and fortify our attack vectors and secure our networks even better,” Bryson told reporters July 22, while standing among computers, cubicles and colleagues.

Cyber Dragon kicked off in March, with the second phase of the program now underway. In its current form, the operation is focused on fortifying unclassified networks and rooting out common, widespread digital weaknesses: lax security settings, easily guessed credentials, unpatched software and more.

Doing so, officials said, makes its more difficult for hackers to break in and wreak havoc. According to the Navy, some 14,500 issues were initially identified on service networks as in need of addressing. Each could be a foothold for an adversary, especially at a time of heightened cyber conflict. Deputy Chief of Naval Operations for Information Warfare Vice Adm. Jeffrey Trussler in a February memo warned sailors that “cyberattacks against businesses and U.S. infrastructure are increasing in frequency and complexity.”

To tackle such a large and evolving workload, manpower was needed. So Bryson turned to the reserves, including to people not necessarily cyber fluent.

“I went to the reserve forces that we have at 10th Fleet, and I requested some bodies, and I came up with a training plan. And I said, ‘Well, if you give me X amount of sailors for X amount of days, I think that we can get after a percentage of our vulnerabilities, patching and scanning.’ The reserve force came through with the manning, they came through with the space,” Bryson said.

“When we did the posting, it wasn’t limited,” he added. “I said I’ll take anybody.”

Among the dozens of participants were, by day, a long-haul truck driver, a banker and a small-business owner. The operation offers reservists the chance to fulfill annual training requirements while also making a tangible difference.

Cyber Dragon teams have thus far identified and remediated thousands of issues — everything from several “high-profile exposures” to default usernames and passwords to discovering “data where we didn’t want data to be,” according to officials involved with the effort.

“A default username and password means that anybody could could log in and execute on here, on these particular machines. Now, they weren’t national security-related. There was no major issue directly to national security,” said Rear Adm. Steve Donald, the deputy commander of Fleet Cyber Command/U.S. 10th Fleet. “But in some cases, it could have caused harm to individuals, identity theft or something of that nature. We were able to shut that down.”

Teams have also zeroed in on potential spoofing certificates, risky software use and cloud management hiccups. Some 50 sailors have been trained on state-of-the-art attack surface management software, used to discover, classify and assess the security of an organization’s assets, with 100 more expected to undergo the same education in the coming months.

Lt. Blake Blaze, a reservist with a cyber and tech background, said the operation has improved both his understanding of the field and the cybersecurity of the Navy.

“My biggest motivation for staying in the reserves was I wanted to be close to the fight in case things get interesting with some of our near-peer adversaries,” Blaze said. “We’re not directly engaging with the enemy, so to speak, but we are trying to prevent their avenues of access to our networks.”

Both Bryson and Donald said they foresee a bright future for Cyber Dragon. As long as there are bugs to fix and the will to fix them, they said, the operation is viable. And Cyber Dragon’s format makes it mobile and replicable, appealing to workspaces and workforces of all sizes across the U.S.

All that’s really needed is floor space, network connectivity and a few tools from third-party vendors.

“The interesting thing in the IT world or the network world is what’s patched and 100% compliant today might not be patched tomorrow, because vulnerabilities ebb and flow,” Bryson said. “So do I think that this has legs to continue on? Absolutely.” (Source: Defense News)

 

05 Aug 22. USAF conducts demonstration of STITCHES and Missionware capabilities. The demonstration validated USAF’s ability to generate new electronic warfare effects. The US Air Force (USAF) has successfully demonstrated a new system-of-systems technology integration toolchain for heterogeneous electronic systems (STITCHES) and Missionware capabilities.

The demonstration was carried out at Davis-Monthan Air Force Base in Arizona during a flight verification test in July.

It was performed by members of the 350th Spectrum Warfare Wing (SWW) in collaboration with the US Department of Defense (DoD) and its government and industry partners. Conducted under the Project 212, STITCHES and Missionware aims to connect, protect and allow the warfighters to maintain a technological edge against various threats. This project started last year during autumn.

350th SWW first commander colonel William Young said: “STITCHES connects the force in a crucial way while saving the USAF time and money.

“We can rapidly disseminate information to warfighters regardless of location.”

The in-flight verification test validated the USAF’s ability to generate new electronic warfare (EW) effects with STITCHES and Missionware.

The team used STITCHES to provide access to applications for operational users.

This was followed by the distribution of Missionware files from a cloud-based web application.

STITCHES Warfighter Application team lead Dr Jimmy Jones said: “STITCHES is an effect chain creator.

“We were able to create a new EW capability using existing systems without needing to change original standards of each system’s original design.”

The use of STITCHES and Missionware with software-defined components to respond to ever-changing conditions further allows the USAF’s existing electromagnetic spectrum reprogramming enterprise to fulfil the objectives specified in the 2018 National Defense Strategy (NDS).

STITCHES programme manager major Duc Bui said: “The energy and drive from our dedicated agile team was critical to the success of Project 212 and meeting objectives of 2018 NSD.” (Source: airforce-technology.com)

 

05 Aug 22. Multiple new radio products from Sat-Com. In response to customers requests, Namibia’s Sat-Com has developed an intercom system for armoured vehicles and tanks, adding to its growing range of radios and amplifiers that now includes a small handheld VHF radio and a mesh networking radio.

According to Sat-Com’s Managing Director David Brown, the company’s customers requested a design for a new vehicle intercom system. Sat-Com complied and recently completed the design of the analogue intercom system, and aims to supply the first units in the coming weeks.

This was not something Sat-Com particularly wanted to do, but some of its customers had ordered intercoms from companies that could not deliver due to the Ukraine conflict, creating a “happy accident” product for the company, which will be supplying a new digital intercom next year.

Another new product Sat-Com is working on is its small handheld VHF Lynx radio, which is being built to military specifications. This came about from customers looking for ‘walkie-talkie’ two-way radios but which offer secure transmitting and receiving capabilities. Although there is a fair amount of competition in this segment, Brown believes Sat-Com could receive many orders for such a widely used and versatile product. Development may be concluded next year.

Sat-Com is also making progress on its Hornet1 handheld wireless mesh networking (MANET) radio. In a mesh network, every node in a network can communicate with every other node, efficiently routing data without the need for a central master node that could act as a point of failure. Wireless mesh networks enable connectivity to be spread across an extensive range: each node functions as an independent yet connected transmitter, creating a robust network that provides flexible communications.

Sat-Com hopes to have a couple of Hornet prototypes on display at the September 2022 Africa Aerospace and Defence (AAD) exhibition outside Pretoria. Brown is bullish about the future of mesh radios, which will have radio infrastructure provided on the fly either by unmanned aerial vehicles (UAVs) or aircraft or by temporary base stations.

Sat-Com’s main focus is on its military software defined multiband radios: the Leopard1 HF/VHF/UHF manpack, base station and vehicle radio; Cheetah3 VHF/UHF tactical manpack radio; Hornet1 UHF handheld mesh radio (in development); Badger, Shark and Hawk radio family; and Lynx1 VHF handheld radio (in development).

At present, Sat-Com is fulfilling lots of small orders from its customers as it waits on some large contracts. With the war in Ukraine, customers are looking at a wide range of products, from mesh radios to ground-to-air, naval and manpack radios. Brown told defenceWeb the Ukraine conflict is causing countries around the world, including Africa, to take a good look at their inventory and think about replacing it. “It was shocking to realise the Russians are having problems communicating. They do not have enough comsec/transec equipment or it’s too cumbersome to operate and radio amateurs were listening in. All of this has made countries realise they need to take stock of what they’ve got.”

In addition to Africa, Sat-Com is also talking to a couple of NATO countries on supplying radios, to NATO specifications. It is also pursuing the transfer of technology on a radio production facility for a foreign client as Sat-Com offers the ability to establish indigenous manufacturing capabilities and has built a semi-knock down (SKD) factory in West Africa.

Development continues on Sat-Com’s amplifier side. The Afracal1-VU VHF/UHF only radio frequency power amplifier (RF PA) is completed and in production – this resulted from a customer that wanted a simple, compact amplifier for vehicle applications. It took Sat-Com just eight months to develop the concept and put it into production – the first unit was shipped in April this year. Meanwhile, development of the HF RF PA Afracal1-H is ongoing.

The RF amplifier range covers the Afracal2 H-U 125W dual tri-band RF power amplifier; Afracal1 H 125W HF RF power amplifier; Afracal1 VU 100W VHF/UHF RF power amplifier; and Afracal 1K 1000W HF power amplifier.

Sat-Com has many new projects on its plate but is eyeing other promising areas, such as high power base station and naval amplifiers, a higher powered HF manpack, low power and light weight handheld military software defined radios, antenna tuners for mobile and naval applications, and technology transfer for international customers. (Source: https://www.defenceweb.co.za/)

 

05 Aug 22. Germany: Increasing ransomware activity poses a long-term concern to Europe-based organisations amid their low cyber hygiene standards. On 4 August, industry reports claimed that a cyber attack hit the Association of German Chambers of Industry and Commerce (DIHK), forcing it to shut down its IT systems. While the DIHK did not disclose certain details of the incident, including tactics, techniques, and procedures (TTP), the level of disruption caused by this incident heightens the likelihood of it being a ransomware attack. If this is confirmed, the incident would be indicative of cyber threat actors’ intensifying attacks against Europe-based organisations in recent months. The attack would represent the latest such ransomware campaign since the BlackCat gang targeted natural gas pipeline and electricity network operator Creos Luxembourg S.A and its parent company Encevo in July-August (see Sibylline Cyber Daily Analytical Update – 2 August 2022). Further ransomware attacks are highly likely to occur over the next six months, targeting entities of interest, such as government and energy operators. Businesses’ inadequate cyber hygiene standards and extensive use of third-party technologies continue to provide hackers with vulnerabilities to engage in malicious cyber activities. (Source: Sibylline)

 

05 Aug 22. Beijing’s targeting of the Taiwanese government with DDoS activity prior to Nancy Pelosi’s visit does not indicate a shift in its cyber policy.

  • Industry reports have claimed that unknown hackers carried out a Distributed Denial-of-Service (DDoS) attack against the official website of the administration of Taiwan’s President Tsai Ing-wen. This attack reportedly hit the site with 200-times its regular incoming traffic. While Taiwan has not formally attributed this incident, the cyber attack took place hours before Nancy Pelosi, the Speaker of the House of Representatives, was set to arrive in Taiwan. Pelosi is the highest-ranking US official to visit Taiwan in 25 years and has spiked tensions with Beijing, which considers the island a Chinese province. Given this timing, there is a realistic probability that this campaign was launched by a Beijing-backed cyber actor.
  • Despite Pelosi’s visit constituting a significant escalation in regional tensions between the US, Taiwan and China, this cyber attack is consistent with Beijing’s long-standing cyber policy towards Taipei. Indeed, Taiwan’s Cybersecurity Department Director Chien Hung-wei disclosed in November 2021 that the island is subjected to around “five m [cyber] attacks and scans a day”, with nearly half of them believed to be conducted by the Chinese government. As such, this latest campaign, while aimed at expressing Beijing’s political grievances with Pelosi’s visit, does not constitute a notable escalation of Beijing’s cyber targeting and policy towards Taiwan.
  • The Chinese government began conducting military exercises around Taiwan between 4 and 7 August. Given Beijing’s notable cyber capabilities, there is a realistic probability that it will launch follow-up disruptive cyber attacks against Taiwan’s critical infrastructure such as government agencies, telecommunications, or media outlets. These cyber attacks will be aimed at further expressing Beijing’s political grievance over Washington’s encroachment on its sovereignty claims over Taiwan. However, Beijing will seek to avoid provocation that could spark more direct conflict with the US or its allies.

Pro-Russian and Kyiv hacktivist groups’ growing tit-for-tat cyber conflict will present a long-term concern for Europe-based organisations

  • While publicly-disclosed pro-Russian and pro-Ukraine hacking campaigns notably declined during the last couple of weeks, the tit-for-tat cyber conflict between Russian-aligned and Ukraine-aligned hacktivists – such as Killnet and Anonymous respectively – has persisted. Indeed, both sides have pledged “cyber warfare” against each other for engaging in disruptive and/or destructive cyber attacks against organisations supporting their sides’ government, business, and/or military operations.
  • Despite this declaration of “cyber warfare”, neither side possesses physical assets that can be targeted during a cyber attack. As a result, these limitations have seen these threat actors target their cyber activity against the countries – such as Italy, Norway, or Estonia – and critical infrastructure – such as energy or telecommunications – that are providing either financial or military support to Ukraine and/or Russia.
  • Further of these attacks are highly likely to be launched in the coming weeks. While the frequency and intensity of these cyber attacks will likely cause sporadic disruptions to the operations of the targeted organisations, they are unlikely to cause long-term issues. Neither side has demonstrated the ability to launch attacks more sophisticated than Distributed Denial-of-Service (DDoS) attacks. While future attacks are likely to remain on this rudimentary level given both sides’ apparent lack of time, funding, and technical skill, there remains a latent risk of these actors developing more destructive capabilities – such as ransomware or data-wipers – in the coming months. (Source: Sibylline)

————————————————————————-

Spectra Group Plc

 

Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.

Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.

With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.

Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.

In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.

Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.

Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.

————————————————————————-