Sponsored by Spectra Group
04 Nov 22. Global: International cooperation against ransomware to increase amid surging costs and business disruptions. Representatives from 36 countries attending the second International Counter Ransomware Initiative (ICRI) Summit issued a joint statement reaffirming their cooperation against ransomware and their intention to crack down on the use of cryptocurrencies in finance ransomware operations. During the summit, a US representative stressed the ‘grave threat that ransomware poses’ and noted that ‘ransomware attacks [are] the most profitable scheme on the Internet’. In fact, according to the US Treasury Department, US financial institutions experienced 1,489 ransomware-related incidents and paid approximately USD 1.2 billion for ransomwares in 2021, an 188 percent increase from 2020. According to it, most ransomware operations were conducted by Russian threat actors and criminals. Ransomware, whether against retailers or enterprises, is expected to become increasingly complex in the foreseeable future, posing greater challenges and costs to its victims. Further, cybercriminals will likely continue taking political sides on domestic or international affairs, including the ongoing Russia-Ukraine war, and will likely target its adversaries. ICRI members agreed to continue and enhance their cooperation, including establishing an International Counter Ransomware Taskforce (ICRTF) to bolster cyber security collaboration between the public and private sectors, including information sharing and developing counter-ransomware tools, among others. In addition to causing financial and reputational damage, ransomware will continue to cause possible operational disruptions across all industry sectors. For example, on 4 November, Jeppesen, a subsidiary of Boeing, was hit by a cyberattack that disrupted access to its flight planning software, which consequently disrupted some flights. According to an unnamed source, the cyberattack was believed to be ransomware. (Source: Sibylline)
03 Nov 22. At Project Convergence 2022 (PC22), Northrop Grumman Corporation (NYSE: NOC) connected multi-service capabilities to enhance all-domain detection, tracking and engagement in the battlespace. With each successful experiment and rapid integration Northrop Grumman proved Joint All Domain Command and Control (JADC2) can be a reality, allowing the U.S. Joint Forces and Allies to act as one resilient force.
Northrop Grumman worked closely with the U.S. Army in successfully demonstrating the integration of network enabled offensive and defensive fires during the PC22 test and experimentation. The multiple successes at Project Convergence built on the company’s proven performance in connecting the battlespace across domains.
“Northrop Grumman is pioneering JADC2 by providing full battlespace connectivity,” said Christine Harbison, vice president and general manager, combat systems and mission readiness, Northrop Grumman. “At Project Convergence, our systems gave the warfighter mission advantage by enabling them to make a more informed and faster decision in both defensive and strike missions.”
The Northrop Grumman systems involved in Project Convergence included the Integrated Battle Command System (IBCS), Forward Area Air Defense Command and Control (FAAD C2) and Mission Training Complex Capabilities Support (MTCCS) III Corps.
At Camp Pendleton, California, through the integration of the Army’s Advanced Field Artillery Tactical Data System (AFATDS) and IBCS, the Army successfully demonstrated the capability for IBCS to provide data for offensive fires for the first time in support of long-range precision fires objectives. IBCS rapidly integrated a U.S. Marine Corps sensor, Marine Expeditionary Littoral Persistent Sensor (MELPS), allowing information to disseminate to the U.S. Navy’s Cooperative Engagement Capability (CEC) fire control network. Additionally, there was an airspace command and control (AC2) interface with the U.S. Air Force to provide increased situational awareness.
Another experiment demonstrated IBCS’ ability to integrate with a new interceptor uplink for communicating with a missile in flight, now adding another option where historically only the Patriot radar system was used. This new capacity provides the warfighter more flexibility in deploying sensors and effectors across the battlefield.
And in the desert of Arizona, at the Yuma Proving Ground, the FAAD C2 was able to show its battle-proven capabilities in a live fire exercise. FAAD C2 was used to track, clear airspace, and direct engagement to a lightweight Javelin command launch unit (CLU) firing Stinger missiles against air threats.
MTCCS III Corps provided the network connection from Fort Hood that enabled Project Convergence 22 and its simulations. It also provided technical support on simulations to the experiment participants, helping to strengthen the overall outcomes of the exercise.
Northrop Grumman is a technology company, focused on global security and human discovery. Our pioneering solutions equip our customers with capabilities they need to connect, advance and protect the U.S. and its allies. Driven by a shared purpose to solve our customers’ toughest problems, our 90,000 employees define possible every day.
03 Nov 22. Raytheon Technologies collaborates with Microsoft to accelerate key business priorities through cloud adoption.
Raytheon Technologies is deepening its collaboration with Microsoft Corp. (Nasdaq: MSFT) to equip the aerospace and defense company’s employees with cloud-based tools, technologies, and platforms to enhance collaboration, optimize operations and unlock intelligent insights that drive greater value for customers.
The effort includes co-development of capabilities, as well as Raytheon Technologies’ use of existing or modified versions of popular Microsoft solutions such as Microsoft Teams. It is part of the company’s strategy to optimize operations and give employees access to standardized digital tools globally.
“At Raytheon Technologies, our employees and customers are at the heart of everything we do,” said Vince Campisi, Raytheon Technologies’ chief digital officer and senior vice president for Enterprise Services. “Strategic partnerships such as this one act as an accelerant toward our goal of leveraging the power of digital transformation to support business growth, drive operational excellence, and equip our employees with the tools they need to be productive wherever they work.”
Using the cloud to drive collaboration, efficiency and speed to market
Moving to Microsoft 365 has helped Raytheon Technologies reduce its landscape of mail and communication platforms by more than 90%, making it easier for employees to work effectively in a variety of settings including on-site and remote workplaces in 40 countries. The extensible capabilities of Microsoft 365 will help Raytheon Technologies address it’s unique needs as a large, international company in a highly regulated industry.
The collaboration will support Raytheon Technologies’ ongoing efforts to reduce the footprint of its data centers by 60%, resulting in faster speed-to-market for products, continuous automation for applications, and greater efficiency, data security and scalability overall.
Creating data-driven insights to deliver new forms of customer value
Raytheon Technologies is leveraging Microsoft Azure to enhance data-driven insights to deliver new forms of customer value through predictive analytics, helping customers stay ahead of potential challenges before they arise.
“The cloud is a huge enabler for Raytheon Technologies’ strategy to drive innovation and growth combined with operational excellence,” said Deb Cupp, president, Microsoft US. “We are excited to partner with them on the move to Azure and Microsoft 365 for seamless, secure collaboration; integrated data platform insights; data center consolidation; and faster time to market for products and services. Through our joint operating model, we remain committed to helping Raytheon execute their digital transformation.”
About Raytheon Technologies
Raytheon Technologies Corporation is an aerospace and defense company that provides advanced systems and services for commercial, military and government customers worldwide. With four industry-leading businesses ― Collins Aerospace, Pratt & Whitney, Raytheon Intelligence & Space and Raytheon Missiles & Defense ― the company delivers solutions that push the boundaries in avionics, cybersecurity, directed energy, electric propulsion, hypersonics, and quantum physics. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, Virginia. (Source: PR Newswire)
02 Nov 22. November Spectrum SitRep.
Boule de Protection
The SPART counter-improvised explosive device jammer and NEROD Counter-Uninhabited Aerial Vehicle (CUAV) system are now in service with the French armed forces, MC2 Technologies told Armada. Speaking at this year’s Euronaval exhibition, company officials revealed that both their products are helping protect personnel. They added that NEROD provided CUAV production for France’s annual Bastille Day commemorations in Paris on 14th July.
Both SPART and NEROD use the same technology. NEROD can jam UAV Radio Frequency (RF) links at ranges of “several kilometres” according to MC2 Technologies’ official literature. It covers jamming wavebands of 400 megahertz/MHz, 800MHz, 900MHz, 2.4 gigahertz/GHz and 5.8GHz. This encompasses the lion’s share of RF links used by UAVs connecting them to their pilot on the ground. NEROD also attacks Global Navigation Satellite System (GNSS) signals used by UAVs for navigation. These signals are typically in wavebands of 1.1GHz to 1.6GHz. NEROD can also jam swarms of UAVs provided they are within the device’s jamming emissions cone.
SPART, meanwhile, covers frequencies of 100MHz up to 7.125GHz, according to M2C Technologies’ literature. It reacts immediately to threats without impeding radios or other RF-dependent systems carried by the user. Omnidirectional smart jamming provides a ball of protection at distances of between ten and 20 metres (33 and 66 feet).
Hit me with those Laser Beams!
Elsewhere at Euronaval, officials from Saab revealed they are working on a new Naval Laser Warning System. The product is intended to equip large surface combatants and can be connected to hard-kill capabilities like close-in weapons systems. The officials said the product is currently at Technology Readiness Level-7 (TRL-7). According to European Union stipulations, TRL-7 denotes that a system prototype has been demonstrated in an operational environment. Saab expects to complete development of the system within the next 18 months after which it will be offered to market.
Rafael Advanced Defence Systems’ C-GEM active Radio Frequency (RF) decoy will equip the Israeli Navy’s new ‘Sa’ar-6’ class corvettes. All four vessels have been commissioned into the fleet. Although not revealed by the company, C-GEM is thought to cover a 500 megahertz/MHz to 40 gigahertz waveband. This allows it to engage most radar seekers used by current Anti-Ship Missiles (AShMs) and future AShMs expected to enter the naval domain in the coming years. The decoy is likely to include a Digital RF Memory (DRFM). DRFMs sample a target’s incoming radar transmissions, modify them in such a way as to confuse or seduce the opposing radar and retransmit them back to the target. C-GEM is currently fired from a fixed launcher equipping the corvettes. However, company officials told Armada at Euronaval that plans are afoot to deploy the decoy from a trainable launcher. The latter is being developed by Elbit Systems and should be available for installation on the ‘Sa’ar-6’ class by early 2023.
Hensoldt’s new RES-9000 Radar Electronic Support Measure (RESM) is expected to complete development by 2024, the company told Armada. The product was launched in late September. It detects, identifies and locates radar targets transmitting in wavebands of 500 megahertz/MHz to 40 gigahertz. In a written statement, the company said the product is currently at Technology Readiness Level-6 (TRL-6). According to European Union definitions TRL-6 denotes the product’s technology has been demonstrated in a relevant environment. Hensoldt expects the RES-9000 to be available for acquisition from 2024. The RESM is intended for the land domain although Hensoldt says that a naval variant will be announce soon. Regarding customers “while we cannot disclose sensitive information about sales … we have interest from several international customers and deliveries to some of those customers are expected to commence from 2024 onwards”.
In late September the US National Reconnaissance Office (NRO) issued study contracts to several commercial space companies. The resulting work will explore the feasibility of using private sector space assets to support NRO Signals Intelligence (SIGINT) collection efforts, reports noted. Aurora Insight, Kleos Space, PredaSAR, Spire Global and Umbra Lab were the contract recipients. Each contract is worth $300,000 and will run for six months. Contract value could increase if the scope of the work expands with the six-month provision extendable by two years.
Key to the work is exploring ways the NRO could utilise commercial SIGINT collected by these companies. It is possible that space assets owned by them could be used to collect run-of-the-mill everyday SIGINT. This would free up capacity on NRO-owned assets like the US Orion SIGINT satellite constellation. Such a capability could be valuable if these latter assets are suddenly needed to perform a detailed SIGINT ‘soak’ of a particular region or country. Intelligence collected via this commercial route could also be shared with US allies: “The unclassified, shareable nature of commercial remote sensing data, including RF, makes it a valuable source for situational awareness and intelligence sharing among US allies and partners”.
An NRO spokesperson told Armada that “this study contract will help the NRO better understand the capabilities of multiple commercial RF providers to address new intelligence challenges”. They added that it is “another example of the NRO’s long-standing strategy to ‘buy what we can and only build what we must’ to maximise the use of commercial capabilities”. The contracts will help inform how the NRO could better employ commercial space-based SIGINT capacity over the longer term: “(T)he NRO will work with our mission partners to determine the appropriate way forward for commercial RF”.
Rafael Advanced Defence Systems and Hensoldt will collaborate to offer a podded escort jammer to the Luftwaffe (German Air Force). The service has a requirement for an electronic attack pod to equip 15 new Eurofighter Typhoon-ECR electronic warfare aircraft. The Typhoon-ECR jets will replace the circa 20 Panavia Tornado-ECR planes the air force currently flies.
According to a joint press release announcing the news, the Luftwaffe wishes to declare an initial operational capability for the pod in 2028. The press release continued that Hensoldt will include its Kalaetron electronic warfare technology in the pod’s architecture. Rafael will employ similar interfaces to those used on the company’s Litening targeting pod to connect the system to the aircraft. It will also use technology it has developed for its Sky Shield electronic attack system.
Rafael representatives told Armada that the Luftwaffe is expected to initially deploy one pod per jet. This could increase to two pods per aircraft in the future. Each could be tasked with detecting, locating and attacking radar threats over specific frequencies. The representatives did not disclose the frequencies their jointly-developed pod will cover. Nonetheless, it is reasonable to assume that these probably encompass wavebands of at least two gigahertz/GHz to 18GHz. (Source: Armada)
02 Nov 22. Programme Focus: KORA-40 for Germany’s New Frigates. Development is moving ahead on the electronic warfare system destined to equip new frigates for the German Navy.
The Deutsche Marine (German Navy) will receive new frigates from circa 2028. Up to six ‘F-126’ class ships could replace the fleet’s existing ‘F-125/Baden-Württemberg’ class frigates. The new ships will include the latest iteration of Rohde & Schwarz’ KORA naval electronic warfare system.
The company was awarded the contract in late September 2021 to provide the KORA-40 combined Electronic Support Measure/Electronic Countermeasure (ESM/ECM) for the new frigates. KORA-40 is an evolution of the KORA-18 system equipping the F-125 ships. The ‘40’ suffix refers to the system’s 40GHz upper frequency limit.
Armada recently visited Rohde & Schwarz’ facilities in Munich, southern Germany, and was briefed on the KORA-40 and its capabilities. Company officials discussed the system’s overall design philosophy. Automation is key and officials said that diminishing naval crew sizes are emphasising this trend. As a means of comparison, open sources say the F-125 frigates have a complement of circa 190. This reduces to 110 for the new ships.
The emphasis on automation dovetails with similar emphases on fast reaction times and high probabilities of signal interception. The advent of hypersonic missiles like Russia’s 3M22 Zircon (NATO reporting name SS-N-33) is instructive. The 3M22 may reach speeds of at least Mach-5, the standard definition for hypersonic velocities. This translates into speeds of 3,333 knots (6,174 kilometres-per-hour). An ESM antenna mounted 40-metres (131-feet) above the waterline would detect such a missile following a sea-skimming trajectory at a range of circa 14 nautical miles (26 kilometres). The time between detection and impact would be around 15 seconds. During this time the ship would need to recognise, confirm and track the threat, and initiate soft- and hard-kill countermeasures.
Moreover, AShMs increasingly employ Millimetric Wave (MMW) radar seekers. Using frequencies above 30GHz, MMW radars produce exceptionally sharp pictures of their target. This improves the missile’s accuracy compared to radar seekers using X-band (8.5GHz to 10.68GHz). Encompassing wavebands up to 40GHz will ensure the KORA-40 detects such threats.
Rohde & Schwarz officials continued that development of the 40GHz capability for the KORA-40 is “more or less complete”. The company is planning to offer KORA-40 for export, although it will be given a different name and will include some unspecified differences. These almost certainly relate to aspects of the systems’ performance or architecture unique to German Navy requirements.
Furthermore, customers will be able to choose from between one and three modules for their system, each of which provides differing levels of capability and performance. Two ESM modules cover a 500 megahertz/MHz to 40GHz waveband. Another covers a two gigahertz to 18GHz waveband. Customers can opt for a single module or procure all three. Officials continued that they are also looking at adding a communications ESM function to cover high frequency (three megahertz/MHz to 30MHz) wavebands.
As the KORA-40 gathers both communications and electronic intelligence, track data on both can be fused and depicted by the ship’s combat management system. The KORA-40’s sensitivity makes it possible to discriminate between platforms separated by very short distances, officials added.
Rohde & Schwarz already has an evolution plan in place for the KORA-40. Officials divulged that this could see capabilities added to help declutter heavily congested electromagnetic environments. These will be increasingly found in littoral areas as fifth-generation (5G) wireless protocols are rolled out globally. The profusion of devices and subscribers heralded by 5G will increasingly congest areas like coastlines where signal of interests from a naval radar or radio could hide. Likewise, the company “is looking at cognitive approaches for naval ESMs”. However, it does “not consider these market-ready at the moment”. (Source: Armada)
02 Nov 22. It’s Not Easy in the DMZ. Norm Wade’s new book on the DPRK military is a treasure trove of easily-digestible information. It is a must for anyone interested in the military dimension of the world’s most opaque country. A new book sheds much-needed light on the electronic warfare posture and doctrine of the North Korean Army.
Back in January Armada sat down with Norm Wade, owner of The Lightning Press, for a chat about his Cyberpsace and Electronic Warfare book as part of our Electronic Warfare podcast series. Mr. Wade is a busy man. Not only is he owner of The Lightning Press, he is also the author of its works, and Armada was delighted to receive a review copy of his recent work on the North Korean Military. The Democratic People’s Republic of Korea (DPRK) is arguably the world’s most opaque country. The Hermit Kingdom’s military is likewise shrouded in mystery. Nonetheless, the ambitions and caprices of its leader Kim Yong-Un remain a strategic threat to its southern Republic of Korea neighbour. Japan, the US and allied powers in the Asia-Pacific region and wider world are also in Mr. Kim’s sights.
Recently published in September, Mr. Wade’s book handily collates all the open-source information publicly available about the DPRK’s armed forces in an easy-to-read reference work. This is the kind of book you will have on your shelf or computer that you will keep coming back to time and again.
Lifting the Shroud
What does Mr. Wade’s book tell us about how the Korean People’s Army (KPA) may use Electronic Warfare (EW)? Writ large, the DPRK sees EW as vital for countering the sophistication of Western materiel and capabilities. The North Korean armed forces are particularly concerned by Western prowess in precision-guided munitions and telecommunications. Targeting systems, sensors and navigation capabilities are similar concerns. It is noteworthy that the KPA has deployed Global Navigation Satellite System (GNSS) jammers near its border with the Republic of Korea. This has caused interference to the GNSS systems equipping some commercial aircraft flying south of the Demiliarised Zone (DMZ). The DMZ marks the de facto border between the two countries.
Few will be surprised that the DPRK sees the US as its principle, and most likely, foe in conjunction with the ROK. To understand the place of EW in the KPA one must understand the DPRK’s strategic posture. As Mr. Wade articulates, the DPRK does not necessarily intend to defeat the US on the battlefield. Instead, the plan is to exact sufficient damage on the US and her allies to cause collapse through loss of resolve. This translates at the operational level into battlefield and theatre interdiction attacks against a range of targets. These would include missile and radar sites, logistics facilities, communications relays, electricity generation sites, POL (Petrol, Oil, Lubricants) facilities, nuclear sites, bridges and transport hubs.
This effort would include what the DPRK armed forces refer to as Electronic Intelligence Warfare (EIW). Mr. Wade says that EIW works to identify and understand decisions taken by the red force and how these affect the strategic, operational and tactical goals of the DPRK’s armed forces. EIW will attempt to annul and/or influence these, and future, red force decisions using electronic warfare. EW will be used alongside cyber/information warfare, kinetic attacks, deception and reconnaissance in this effort. A heavy emphasis is placed on performing EIW in such a way that it is ideally imperceptible to the enemy.
The book includes a wealth of information on the place of electronic warfare within the Korean People’s Army. This graphic details how KPA manoeuvre forces would use EW defensively.
The KPA will use EW to “disrupt, deny and degrade the enemy’s use of the electromagnetic spectrum”. Targets include red force Command and Control (C2), reconnaissance, intelligence, surveillance and target acquisition capabilities. As noted above, GNSS jammers have been a favourite electronic attack vector of the KPA. However, electronic attack capabilities will be reinforced with kinetic attacks in wartime against red force C2 centres, communications nodes and sensors in support of the wider EIW battle. It is hoped such actions will prevent red forces using similar capabilities against the KPA.
A robust Signals Intelligence (SIGINT) effort will be performed to discover these targets and exploit any relevant intelligence. In the latter case, these targets are left alone so as not to interrupt the intelligence flow. SIGINT collection will also focus on the hostile force’s forward air controllers and logistics command posts together with artillery and close air support communications networks. Jamming is then directed against these targets. Mr. Wade surmises this will take the form of conventional wideband barrage and distributive jamming. The latter involves the use of multitudes of small jammers spread across the battlefield. These will be networked using DPRK or local cellphone networks or conventional battlefield communications. Such distributed electronic attack systems will comprise artillery-delivered expendable jammers. Small jammers will also be deployed around potential targets to attack radio-frequency activated ordnance proximity fuses.
A further function of KPA EW units is to generate fake communications traffic and RF signals to support deception. This could focus on the creation of non-existent, or partially constituted, KPA formations or actions. Once again, this supports wider strategic and operational doctrines focused on penetrating and influencing red force decision-making.
The KPA’s manoeuvre force draws its electronic warfare assets from the EW Jamming Regiment, based in Pyongyang. The regiment possesses three subordinate battalions believed to be located in Kaesong, Haeja and Kumgang all in the southern DPRK. Each battalion can be allocated to the KPA’s four corps. At the divisional level, KPA units may have an allocated EW battalion, or a similar company-sized formation. In terms of materiel, little is known regarding the army’s dedicated EW equipment. Nonetheless, Mr. Wade assesses that “the primary deficiency with the KPA EW systems, like most of its equipment, is its age and technology level. The KPA is still using equipment several generations behind its likely enemies”.
Much about the KPA’s EW capabilities remains unknown. Nonetheless, Mr. Wade has made a valiant attempt in helping us understand how the army sees EW and how it fits into wider doctrine. This will help us contextualise future developments in the North Korean EW domain. News on such developments is likely to be sporadic, but still valuable, in the years to come. (Source: Armada)
03 Nov 22. Lumen starts on $1.5bn Indo-Pacific network contract after protest ends. Lumen Technologies, a provider of fiber network, cloud and cybersecurity services, will proceed with work on a U.S. Department of Defense networking and communications contract worth as much as $1.5 bn, after rival Verizon pulled its protest of the award.
The Pentagon’s Defense Information Systems Agency first announced the award of the contract, known as Indo-Pacific Transport Services, to Lumen in August. A protest of the decision was withdrawn the following month, Government Accountability Office records show. The GAO rules on federal bid protests, appropriations law and other legal matters.
Under the 10-year indefinite delivery, indefinite quantity arrangement, Lumen will furnish high capacity, end-to-end communications services, including internet, ethernet and wavelengths, in the Indo-Pacific, home to U.S. Indo-Pacific Command and some of the world’s largest militaries and ports.
IDIQ contracts provide for a number of products or services over the course of a predetermined timeframe. They are frequently used by the federal government, as they are thought to streamline the procurement process.
Zain Ahmed, Lumen’s senior vice president for public sector, said he and his team will provide “essential mission services that help protect and defend U.S. territory” and interests.
“We’re delivering the always-on network infrastructure so the U.S. Department of Defense can focus on its mission to enhance the stability of the Asia Pacific region, promote security cooperation with our allies and partners, respond to emerging situations, deter aggression and if necessary, fight to win,” he said in a Nov. 1 statement.
Louisiana-based Lumen is the world’s 94th largest defense contractor by revenue, with $687 m in 2021, according to Defense News annual rankings.
Three proposals were submitted for the transport services contract, which also covers Alaska.
Interest in the Indo-Pacific has skyrocketed in recent years, as the U.S. and other nations try to thwart China’s global ambitions. The Pentagon considers China its No. 1 security threat. Russia, which invaded Ukraine in February, is a close second, according to the National Defense Strategy.
Indo-Pacific communications will be key to Joint All-Domain Command and Control, the Defense Department’s vision for seamless and rapid information flows across land, air, sea, space and cyber. The region’s geography presents unique challenges, including a dearth of NATO infrastructure to plug into and vast distances that strain connectivity.
(Source: Defense News)
02 Nov 22. Singapore unveils new cyber-focused military service.
Singapore has officially inaugurated its fourth military branch as it seeks to combat modern threats in the digital domain, as well as leverage emerging technologies in this domain.
The new Digital and Intelligence Service, or DIS, was unveiled in an Oct. 28 ceremony attended by President Halimah Yacob and Defence Minister Ng Eng Hen. The government announcement in March that it would create the new service.
Its first commanding officer is Brig. Gen. Lee Yi-Jin, who has held command appointments with infantry and artillery units and was previously the director of military intelligence for Singapore’s command, control, communications, computers and intelligence community.
The DIS will more tightly integrate the Singaporean military’s capabilities to deal with a range of security threats, including those from the digital domain. It includes a service headquarters, a joint intelligence directorate, a joint digital and C4 organization, and cyber staff departments.
The intel directorate will support Singaporean military decision-making and operations through research and analysis, doctrines, standards, and best practices as well as the integration of intelligence and operations. The combined digital and C4 unit is tasked with steering Singapore’s military into the digital age by developing a digital strategy, master plan and resource governance.
Meanwhile, the cyber staff will lead and coordinate cybersecurity across Singapore’s defense sector, developing cyber defense strategies and policies as well as orchestrating capability development.
The DIS will also have four separate commands, plus a digital operations technology center. The four commands are tasked with joint intelligence, C4 cybersecurity, digital defense and training. The center is aimed at providing several capabilities to the entire military, equipping the country with a quick-response force to meet needs in the digital domain and developing a core of personnel skilled in data science and artificial intelligence.
The Defence Ministry said in an earlier news release that the DIS will focus on realizing the full potential of emerging digital technology in areas like cloud computing, data science and AI.
The country also plans to establish a dedicated cyber range to train personnel on simulated “cyber terrain,” which includes enterprise information systems and critical infrastructure systems. The range is also expected to host bilateral and multilateral exercises, bringing together militaries, businesses and academia “to share best practices, insights and knowledge.”
Defense News asked for funding information and procurement plans related to DIS, but the government decline to comment.
The Southeast Asian island of Singapore is a regional commercial and financial hub. Its local governments and businesses having been the targets of cyberattacks.
Benjamin Ang, a senior fellow at Singapore’s S. Rajaratnam School of International Studies, said digital threats to the nation include data breaches, cyberespionage, denial-of-service attacks, ransomware and data wiping disguised as ransomware, and hostile information campaigns.
In an email to Defense News, he also flagged potential threats to the local supply chain by disrupting hardware, software or services, which “can come from different sources, ranging from rogue nations who use cybercrime to fund their states, and organized crime groups, to hostile nonstate groups and extremists.” (Source: Defense News)
02 Nov 22. Global: Software vulnerability exploits are expected to increase over the upcoming months. According to cybersecurity firm Deep Instinct, cybersecurity threats are likely to increase between late 2022 and early 2023 as threat actors continue exploiting vulnerabilities discovered throughout 2022. Among these are the Microsoft Exchange vulnerabilities including ‘Follina’, ‘Dogwalk’ – which affect Microsoft Support Diagnostics Tool (MSDT) – and the ‘ProxyNotShell’. Despite Microsoft’s release of patches for 96 vulnerabilities in early October, some of these remain unpatched and will likely continue to be exploited by threat actors, whether criminal or state-linked (see Sibylline Cyber Daily Analytical Update – 4 October 2022). Other major vulnerabilities affecting Windows include ‘SpoolFool’ and ‘Dirty Pipe’. According to Deep Instinct, insiders and affiliate programmers, such as BlackCat, are expected to increasingly become popular as cybersecurity defences improve. These attacks are expected to occur in third-world countries with international corporate presence. Separately, supply chain attacks are also expected to increase and the Russia-Ukraine war will likely sustain cybersecurity risks posed by protestware. (Source: Sibylline)
02 Nov 22. Fuse Conducts Successful Live-Flight Demo of Tactical Edge Networking Capability for the Office of Naval Research . Fuse Integration, a warfighter-focused engineering and design firm, today announced another successful live-flight demonstration of its Tactical Edge Networking capability in support of a Technical Concept Experiment hosted by the Office of Naval Research. In the joint multi-domain exercise, which replicated expeditionary operations in a contested littoral environment, Fuse enabled the interconnecting of distributed nodes and provided persistent sea-to-shore networked communications via text, voice and live video feeds.
“Today’s warfighters are routinely operating in multi-domain joint operational environments that rely on dependable and secure connections and communications,” said Rebecca Unetic, Director of Strategy at Fuse. “Fuse capabilities are built for operational relevance and this Navy-Marine Corps exercise further demonstrates the readiness and applicability of our products and technologies on board ships and aircraft today.”
Throughout the multi-day exercise, held along Camp Pendleton’s Red Beach training area in California, Fuse engineers and technical personnel effectively integrated user data from various technologies into the overall event network architecture. The team provided data linkages over disparate mesh and CDL networks in a highly terrain-challenged environment; securely connected beyond-line-of-sight command posts and tactical units; extended the range of communications to enable joint amphibious operations and naval mine countermeasures; and facilitated text and live video across the multi-domain, multi-link network with cyber-secure IP and TDL gateways.
As with previous Navy-Marine Corps exercises, the Fuse TEN architecture demonstrated persistent, secure and resilient networked communications from sea to shore in a constructive command and control/denied and degraded environment. The TEN architecture is designed to accelerate the sensor-decider-shooter cycle and enhance data-informed decision-making critical in the modern battlespace, enabling the U.S. Defense Department’s JADC2 initiative. It also facilitates rapid prototyping with joint networks and “speed to fleet” deployment across multi-domain platforms.
About Fuse Integration
Fuse is a warfighter-focused engineering and design firm providing innovative communications, networking and computing solutions for defense customers. The company’s virtualized network systems, tactical edge virtual network and airborne networking gateway products improve the sharing of information, video, text and voice among warfighters throughout airborne, maritime and ground environments. Founded in 2010, Fuse is a service-disabled veteran-owned small business with headquarters in San Diego and a corporate office in Washington, D.C. www.fuseintegration.com
01 Nov 22. North Korean state-linked hackers will remain persistent threat as Pyongyang ramps up military provocation.
- There has been an uptick in North Korea-linked cyber activity in recent months, coinciding with a series of missile launches. In particular, North Korean threat actors have targeted cryptocurrency operators and exchanges. For example, the Pyongyang-linked group Lazarus targeted cryptocurrency exchange employees with social engineering cyber attacks, in which the hackers used fake job advertisements purportedly showing new opportunities at well-known cryptocurrency firms. Once the victims open the malicious documents, the hackers gain access to their corporate networks and steal crypto assets. According to blockchain analytics firm Chainalysis, North Korean hackers stole a record amount of cryptocurrency in H1 2022 (around USD 840 m, compared with around USD 400 m for the whole of 2021).
- The resumption of missile activity and reported preparations for a new nuclear test will incur a significant financial burden on Pyongyang amid deteriorating socio-economic conditions. Although North Korea recently reopened cross-border trade with China, economic activity is unlikely to return to normal in the coming months. As a result, there is added importance and incentive for North Korean state-sponsored hackers to conduct financially motivated cyber operations; indeed, such activity will help fund Pyongyang’s ballistic missile and nuclear programmes. Given their high transaction value and volumes, cryptocurrency traders and exchanges represent an appealing target for North Korean hackers. The use of decentralised finance (DeFi) protocols, which allow quick swaps between different types of cryptocurrency, will also help the reclusive regime to launder stolen assets amid tight international sanctions.
- Similarly, North Korean state-backed threat actors will sustain the persistent threat of cyber espionage and intelligence gathering operations, especially as Pyongyang seeks to obtain technology and information through malicious means to aid its military development. Indeed, Lazarus conducted spear-phishing data theft attacks last month targeting individuals and organisations in Western security and defence industries (see Sibylline Cyber Daily Analytical Update – 3 October 2022). Hackers waging these types of campaign often exploit existing or previously unknown (zero-day) vulnerabilities in targets’ hardware and software. Individuals and entities are advised to keep their IT systems up to date, use multi-factor authentication and apply regular offline backups as part of mitigation measures against this threat.
Domestic, foreign actors drive elevated election-related cyber threats ahead of US midterms
- The US government’s law enforcement and cyber security agencies have issued several warnings regarding a ‘very complex threat environment’ related to threats posed by disinformation and foreign interference targeting the upcoming midterm elections. Although federal agencies have disclosed no specific or credible threats, the Cybersecurity and Infrastructure Security Agency (CISA) has stepped up its public information campaigns countering malicious cyber operations against election infrastructure. In early October, the US government issued a public service announcement highlighting the active threat posed by foreign actors aiming to discredit the US democratic electoral process. State actors such as Russia, Iran and China are all known to engage in cyber operations, through which they try to influence key international developments and further their own political and economic agendas. US intelligence agencies and US tech giant Google reported co-ordinated disinformation operations by Russian and Chinese cyber actors targeting major social media sites, such as YouTube, during the 2020 US presidential elections.
- In the run-up to and after the 8 November midterm polls, foreign state-sponsored groups will likely use social media platforms to spread false information about election infrastructure, amplifying conspiracies about voting irregularities and/or voter suppression. Such activities will be aimed at eroding public confidence in the US democratic process and undermining the polls’ legitimacy. There is a realistic possibility that pro-Russia hacktivist groups, such as Killnet, will launch disruptive cyber attacks, most likely denial-of-service (DDoS) attacks, targeting US election infrastructure in an attempt to sow doubts over the midterm results by exploiting a deeply divided society. Killnet regularly attacks US and NATO entities as a way of expressing political grievances over their support for Kyiv in the Ukraine conflict (see Sibylline Weekly Ukraine Cyber Update – 19 October 2022). Meanwhile, Chinese state-affiliated media will intensify its anti-US propaganda across major social media platforms by focusing on various narratives/topics, including crime rates, mass shootings, racial injustice and US involvement in foreign conflicts.
- In addition to foreign cyber threats, domestic disinformation campaigns are emerging as a serious concern in the run-up to the midterms. They are partly driven by an increasingly divisive electorate. As supporters of the two main political parties become more polarised in their opinions on major contentious issues such as abortion rights, there is now a greater risk of US-based individuals/groups conducting disinformation campaigns in a bid to undermine and discredit the rival party and its supporters. Such attacks may also target the integrity of the elections if the threat actors refuse to accept an unfavourable outcome, which could incite protests or violence after the polls. (Source: Sibylline)
02 Nov 22. NCI Agency’s Nato Partners Network achieves final system acceptance. The NPN system will support Nato’s partners in Supreme Headquarters Allied Powers Europe. The Nato Communications and Information (NCI) Agency has announced that its new information management network has secured final system acceptance.
Dubbed the Nato Partners Network (NPN), the system will cater to the needs of partners placed in Supreme Headquarters Allied Powers Europe (SHAPE).
The system, which received interim authorisation to operate from Allied Command Operations (ACO) earlier this year, is likely to reach full accreditation in the first quarter of 2023.
The new network replaces the Partnership for Peace Information Management System. It was jointly developed by Core Enterprise Services, Nato Digital Workplace, Nato Cyber Security Centre (NCSC), and Network Services and IT Infrastructure.
The NPN will support the alliance in deterrence and defence, crisis prevention and management, and cooperative security.
Through the system, Nato seeks to improve military cooperation with partners by involving them in Nato Response Force and other alliance-led missions.
The system will also allow the Partnership Directorate at SHAPE to collaborate and share information with partners at Nato Unclassified level.
It will also enable the Supreme Allied Commander Europe’s to develop and enhance Nato’s ties with partners.
The network will also give Nato’s partners access to internet with separate infrastructure, enabling them to use their respective Bring Your Own Device equipment.
NCI Agency senior project manager Nikolaos Chalkias said: “One of the most important drivers of the NPN network was security.
“That means assurance that the data shared with partners is available only to the right partner at the right time, in an auditable way.”
The NPN will offer multiple services including effective cyber security elements via the NCSC and NPN Document Management System to facilitate the sharing of Nato unclassified documents. (Source: army-technology.com)
31 Oct 22. ‘Secure, survive, strike’: The Navy’s new approach for cyber dominance. The U.S. Navy this month highlighted the values the service is using to shape its cyberspace investments and improve its day-to-day digital posture, including what one official described as the ability to “fight hurt.”
The Cyberspace Superiority Vision, announced Oct. 28, contains three tenets: secure, survive and strike. The pillars, according to the documents, are “fundamental to maintaining maritime dominance” and ensuring Navy and Marine Corps operations proceed smoothly across increasingly cyber-contested environments.
The right cyber investments are critical, officials say, as the U.S. positions itself for a fight against technologically advanced opponents such as China and Russia after decades of focusing on counterterrorism and less-equipped forces in the Middle East.
The superiority plan was teased earlier this year by Chris Cleary, the Navy’s principal cyber adviser.
“It’s not only important that we build the foundation — data science, all the things that enable almost everything that we do right now — but how do we really apply this to warfighting techniques,” Cleary said last month at the Defense Talks conference in Pentagon City. “We talk about secure, survive, strike.”
The three factors are meant to work in concert, producing a sum that is great than its parts. The combination is also meant to fortify cybersecurity, shielding sensitive information from prying eyes, while providing commanders the tools they need to virtually reach out and ding a target.
“At the end of the day, the Department of Defense is here to engage our adversaries. The Columbia-class submarine does not deliver humanitarian aid,” Cleary said. “And as we look at our ability to deliver effects in and through cyberspace, I want our adversaries to be every bit as nervous looking down the barrel of our non-kinetic capabilities as they are every one of our kinetic capabilities.”
An analysis published by the International Institute for Strategic Studies in 2021 ranked the U.S. as the world’s top cyber power. Both China and Russia were placed in the second tier, alongside Australia, France, the U.K. and others.
Sailors and other military members in February were warned they are targets for cyberattacks amid turbulent Sino-U.S. relations and Russia’s invasion of Ukraine. In a memo at the time, Navy Vice Adm. Jeffrey Trussler said cyberattacks against U.S. infrastructure and businesses were “increasing in frequency and complexity,” and that most anyone can be baited for access and information.
Hackers previously exploited mistakes on Navy and private networks by stealing or brute-forcing credentials as well as installing malware, according to Trussler’s unclassified bulletin. Defense News in June 2018 reported Chinese-sponsored cyberattacks breached a Navy contractor’s computers, jeopardizing information related to secret work on an anti-ship missile.
“As we engage with our adversaries, our critical infrastructure, our weapon systems are going to be targeted,” said Cleary, who advises Navy and Marine Corps leadership and works to implement the Pentagon’s broader cyber strategy. “The Department of Navy has to learn how to fight hurt. We all really need to learn how to fight hurt.” (Source: Defense News)
26 Oct 22. Spain’s National Police Force and leading global technology engineering company Indra presented a new method of chemical analysis that greatly simplifies and speeds up ballistics investigation through the use of the revolutionary iForenLIBS system. The decision at the end of the 2010s to restrict the use of lead in ammunition for environmental and public health reasons made ballistics analysis much more complex. Investigations by police forces around the world were hindered by a new obstacle.
The Spanish Police Force and Indra introduced the new procedure in a scientific study presented to acknowledged leaders in the field globally, who came together at ENFSI’s Annual Ballistics and Firearms Congress in Lisbon. The study investigated the problem posed by Sintox and Nontox-type cartridges. Each manufacturer has its own fulminant formulation, replacing lead with other more common elements considered non-toxic, like potassium, sodium and silicon. This makes chemical analysis much harder and more resource-intensive.
Using Indra’s iForenLIBS system, Spain’s National Police has found a new way of determining the distance from which a shot was fired by analysing a common element: the microscopic copper residues from the brass of the cartridges. This dispenses with the need for other more complex techniques; even items of clothing covered in biological matter can be analysed.
That has been made possible by the investigative work of the Police to resolve a large number of cases and by the extraordinary sensitivity of Indra’s iForenLIBS system, which is capable of rapidly analysing particles of any chemical element measuring as little as one micron – one thousandth of a millimetre.
Using Laser Induced Breakdown Spectroscopy (LIBS) techniques, the system can also help to determine the angle of entry and trajectory of a bullet by analysing the debris around an entry hole. It is as if capabilities that until now could only be found in a big laboratory have been now transported to the scene of the crime. It is now straightforward to analyse many pieces of evidence and preliminary results can be available at the scene, helping an investigation to make progress from the very beginning. (Source: www.joint-forces.com)
Spectra Group Plc
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.