Sponsored by Spectra Group
————————————————————————
26 Oct 23. General Dynamics Receives NSA Certification for First TACLANE E-Series Ethernet Encryptor. The TACLANE-ES10 (KG-185A) is the only tactical, high-speed Layer 2 Ethernet Data Encryption Cryptographic Interoperability Specification (EDE-CIS) compliant solution available today.
General Dynamics Missions Systems announced today that the National Security Agency (NSA) has certified the TACLANE-ES10 (KG-185A) encryptor to protect information classified Top Secret and below transmitted across Layer 2 Ethernet networks. As the first High Assurance EDE-CIS product in the TACLANE E-Series portfolio, the TACLANE-ES10 supports data rates up to 10 Gigabits per second (Gb/s) in each direction and is ruggedized and SWaP-C optimized for both data center and tactical uses. It is designed to support Key Management Infrastructure (KMI) and will support Preplaced Keys (PPK) capabilities in the next release.
“Customers are demanding higher bandwidth and increased performance in crypto solutions to maintain superiority over adversaries in an increasingly challenging threat environment,” said Stephen Marker, vice president of the Secure Networks, Voice and Computing business area in General Dynamics Mission Systems’ Cyber Systems line of business. “The now certified TACLANE-ES10 meets NSA’s EDE-CIS specifications and will carry through to all TACLANE E-Series products, helping customers save time and money by eliminating the need to retrofit outdated hardware that cannot be upgraded to meet the latest EDE-CIS specifications.”
As previously announced, NSA awarded General Dynamics the contract to design, develop and test a certifiable, EDE-CIS compliant High Assurance encryption solution. The TACLANE-ES100 (KGV-185B) and TACLANE-ES400 (KGV-185C) will soon follow the TACLANE-ES10, supporting up to 100 Gb/s and 400 Gb/s full-duplex throughput respectively.
“We built the TACLANE E-Series with the customer and their mission in mind,” said Todd Warton, vice president of sales and marketing. “We’re excited to be helping customers accelerate their adoption of Layer 2 Ethernet encryption and offer an infrastructure of customer support including onsite product training and solution architect services.”
TACLANE E-Series encryptors are manageable by the GEM® One Encryptor Manager software. Please contact the Cyber Systems team for any product inquires, pricing and/or delivery.
26 Oct 23. Why the military needs Generative AI. For some, the idea of the military using Generative AI(GenAI) might conjure up a mental image of a commander asking ChatGPT to generate ten alternative battle plans, or asking it to identify the top five high-value enemy targets for the next five sorties. Whilst simplistic, these scenarios are not so far away from the truth.
In its favour are Generative AI’s speed, ease of use and ability to draw on vast volumes of data to generate responses to queries. On the other hand, the very public lessons that ChatGPT has taught us about GenAI’s limitations include ‘hallucinations’, its preference for historical versus real-time data, its unreliable mathematics functions, and risks to data security.
However, large language models (or LLMs) are simply too big for the military to ignore. They can be astonishingly fast to generate useful responses to complex queries, can do so in natural language (of multiple languages, in fact), and have the ability to present and compare seemingly endless sets of data.
So, it is an area of artificial intelligence that warrants urgent examination and experimentation by the military. The U.S. Department of Defense formed Task Force Lima over the summer, to play the lead role in analysing and integrating generative AI tools across the DoD. According to the DoD, GenAI has significant potential to improve intelligence, operational planning, and administrative and business processes. It obviously also emphasises careful implementation and a focus on security, in order to manage associated risks effectively.
It’s difficult to narrow down where generative AI might be of most use to the military today and that’s for two main reasons. Firstly, because the technology will have use cases everywhere, from catering supplies inventory, through to battlefield decision support. Secondly, this is a fast-changing emerging technology with capabilities that are growing every day. Just because a aspect of functionality is missing or less reliable today, doesn’t mean that it won’t be created or enhanced tomorrow.
In the short term, we’re likely to see generative AI used to improve efficiency and productivity, and reduce costs in administration and business affairs, internal communications, logistics and supply chain, human resources, training, healthcare and cybersecurity. However, in the near future, we’re sure to see GenAI applications created for operational planning, intelligence analysis and battlefield decision support.
The stakes are too high not to find safe, reliable ways of harnessing GenAI. For example, one day soon, a commander will be able to contrast and compare battlefield scenarios based on historical data, current data and predictive analysis in just a few seconds. An adversary’s movements, offensives and targets could be analysed, it’s communications translated and annotated, and yes, the potential value and recommended priority of military targets could be provided: all in just a few seconds. These are not capabilities that you stand by and leave your adversaries to capitalise on. (Source: Armada)
26 Oct 23. GenAI could be key to determining military advantage. The Pentagon has been testing different large language models (LLMs) for most of this year with a view to developing digital platforms that leverage a variety of defence data sources. Meanwhile, Deputy Secretary of Defense Dr. Kathleen Hicks oversaw the setting up of Task Force Lima, launched in August, charged with assessing, synchronising, and employing generative AI capabilities across the DoD.
The DoD is moving fast to embrace generative AI, but there are some that believe it should move even faster. In September, the Special Competitive Studies Project (SCSP) urged the Pentagon to establish a Defense Experimentation Unit (DEU) to “provide for much-needed operational experimentation and iteration with AI models across missions, in order to enable their broader and faster deployment and mainstreaming across the Joint Force”. The SCSP recommends that the DEU is stood up by January.
Although a non-profit, chaired by Eric Schmidt, previously chairman of the National Security Commission on AI and former Google CEO, the SCSP’s recommendations carry some weight. The think tank argues that GenAI will accelerate the key trends that will help to determine U.S. military advantage, in particular vis-a-vis China, and so needs to be elevated in priority itself.
According to SCSP, generative AI will accelerate “the imperative of human-machine collaboration and teaming”, the criticality of software advantage, and the necessity of “empowering warfighters at the edge so that they can conduct distributed, network-based operations”.
Empowering warfighters at the edge is without doubt one of the hardest nuts to crack.
U.S. forces have recently made efforts to accelerate their integration of data platforms and use of AI to process data from the ever increasing number of data sources in theatres of operation, so informing decision making. Advances have been made too, in developing networks and devices for those at the frontline to receive data, insights and software apps.
However, huge volumes of data are now collected from space, air, land and sea during conflicts, not to mention the data and communications sent from military personnel themselves. Therefore, analysing relevant data in a timely fashion and using it to empower, rather than burden or confuse warfighters is a significant challenge. What if GenAI could help solve that? (Source: Armada)
26 Oct 23. How will the PLA use GenAI? One of China’s research institutes run by the Ministry of Science and Technology, revealed earlier this year that Chinese organisations had launched 79 large language models (LLMs) since 2020.
The scale of this R&D effort comes as no surprise, given that Beijing stated ambition is to make China the world’s leading AI power by 2030. And given China’s now longstanding innovation strategy for the People’s Liberation Army (PLA), it should be taken as a given that it will be experimenting with generative AI.
With a policy of “intelligentisation” of the PLA and intelligentisation of warfare, artificial intelligence and unmanned systems have become more and more of a focus over the past four years. Many analysts believe this to be a holistic strategy that aims to use AI and automation across all aspects of warfare, including information, propaganda, cyber and psychological. In fact, some Chinese researchers, in the context of intelligentised warfare, have often referred to the future ability to affect the enemy’s human cognition.
If the ability to influence the minds of their adversaries is one of China’s ambitions, then generative AI must certainly be a focus for development and experimentation. In fact, GenAI’s potential for deepfake audio and video alone, must make it a key technology. We’ve not yet seen deepfake technology used at scale by adversaries, but the potential is there and so are the early commercial equivalents.
UK-based startup Synthesia allows customers to produce HD and UHD videos choosing from a library of synthetic video human avatars, created from real-life models, with voice-over audio created via text-to-speech. However, the software platform allows customers to go one step further. For those prepared to pay additional fees, customers can create their video avatars in their own likeness, voiced by clones of their own voices and then personalise these videos at scale. For example, marketing teams could create personalised videos from their CEO for each of their top 1,000 customers.
Last year, deepfake disinformation videos were spotted being distributed by pro-China bot accounts on Facebook and Twitter for the first time. The videos showed fake news bulletins, on a fake television station, delivered by synthetic human avatars. According to U.S. media reports, the messages were allegedly part of one of China’s state-aligned disinformation campaigns.
Chinese software firms have their own synthetic video technology. China’s state news agency Xinhua, trialed its first virtual television newsreader way back in 2018. Meanwhile, creating virtual human avatars for advertising and business communications is already a fast growing business.
While we can expect China to develop deepfakes and other creations of generative AI, for information, propaganda and even psychological warfare, as one of the top two investors in AI on the planet, we should expect much more too. (Source: Armada)
27 Sep 23. DOD to Establish AI Battle Labs in EUCOM, INDOPACOM. Two BRAVO AI Battle Labs will be established at U.S. European Command and the U.S. Indo-Pacific Command, in collaboration with the Chief Digital and Artificial Intelligence Office’s Algorithmic Warfare Directorate and the Defense Innovation Unit, to expedite learning from Department of Defense (DOD) operational theater data. Over the next year, the labs will organize multiple U.S. federal government-wide BRAVO Hackathons, including some with coalition partners.
“BRAVO Hackathons represent an opportunity for DoD to practice and proliferate the fundamentals of user-centered design and agile software development,” said Joe Larson, the Defense Department’s Deputy Chief Digital and AI Officer for Algorithmic Warfare. “By providing the seed funding to establish the AI Battle Labs in EUCOM and INDOPACOM, we will be designing and testing data analytic and AI capabilities with warfighters, not for them, informing and strengthening our ability to deliver exactly what they need to win.”
These multi-classification labs will collect operational theater data — including logistics, cyber and telemetry — and share it with the DoD enterprise, providing central hubs for digital integration among federal entities, industry, coalition partners and American citizenry. The BRAVO Hackathon series will continue organizing one-week events to integrate data at any classification within a software development environment that permits untrusted licensed open-source and commercial software and data otherwise not approved for production systems.
“On behalf of the DOD, we will deploy BRAVO’s awesome development experience to combatant commands to host timeboxed hackathons and continuously develop and integrate capabilities developed from operational theater data,” said Stuart “Dr” Wagner, Air Force Chief Digital Transformation Officer and Executive Agent for the BRAVO AI Battle Labs. “Given that a free society’s largest competitive advantage is innovation and collaboration, the labs will provide a physical and digital space for serendipitous social collisions as DoD, industry, and coalition partners prototype solutions to challenges from peer competitors. Any U.S. citizen remains eligible to apply to participate in public BRAVO hackathons.”
Federal government employees and federal contractors are encouraged to share use cases, data, infrastructure, or potential collaborations with these labs by contacting . U.S. citizens and industry seeking to collaborate with these labs are encouraged to contact the Defense Innovation Unit at .
“We look forward to working with the BRAVO labs to ensure that developers and companies who want to work with DOD data can rapidly access the environments they need to demonstrate operational relevance,” said Doug Beck, Director of the Defense Innovation Unit.
The labs will continue the series’ bottom-up approach to problem solving, where military members, civilians and federal contractors propose projects and form self-organizing teams that develop prototypes inside combatant commands.
“The use of emerging AI tools to quickly analyze and leverage data for decision advantage is critical in today’s increasingly complex threat environment,” said U.S. Army Maj. Gen. Peter Andrysiak, U.S. European Command Chief of Staff. “Establishing one of the BRAVO AI Battle labs within in the USEUCOM region is an important investment for this command. The lab will enable greater innovation at the edge, with our Allies and partners, against a range of challenges at a pivotal time for the command.”
The labs seek to interconnect Combatant Command, enterprise DOD, and coalition partner capabilities from data ingestion and system integration to approved employment. The Air Force’s system-of-systems technology integration toolchain for heterogeneous electronic systems (STITCHES) will integrate various Combatant Command and service level systems directly to the labs.
Across three BRAVO hackathons at six separate sites, 81 operational prototypes have been produced at three classifications from operational DOD data at approximately 2 percent the cost of existing DOD minimum viable product innovation pipelines such as Small Business Innovation Research Program Phase II grants.
Since the BRAVO 10 hackathon in March 2023 at Hurlburt Field, Fla., 33 percent of those projects have been utilized in production or received follow-on funding commitments that totals over 75 times the cost of the hackathon itself. Dozens of prototypes from prior events have been further resourced and impacted major defense programs in areas including large language models, space launch, flight telemetry and biometrics, radar resiliency, unmanned systems, personnel recovery, sensing and targeting, user experience, intelligence analysis, situational report automated analysis, battle damage assessment, critical communication system reliability and legal and administrative operations among others.
“Despite the speed and impacts from BRAVO hackathons, we are still finding the time from development of capabilities, calibrations, or tactics with operational data to employment in theater to be on the order of months or years,” Wagner said. “We are deploying these labs to drop this timeline by a factor of 100 — from months or years to days and eventually hours — by increasingly automating bureaucratic processes such as data classification determinations and authority to operate applications. If successful, we will adapt our capabilities and tactics to our strategic competitors faster than they can adapt to us.”
Named from Billy Mitchell’s controversial 1920s Project B battleship bombing trials that creatively disproved the top funding priority of the Secretary of War by demonstrating bombers sink battleships, BRAVO seeks to empower government, academia, industry, citizens and foreign partners to rapidly develop capabilities from existing operational data while encouraging psychological safety and rank-agnostic innovation. (Source: U.S. DoD)
26 Oct 23. Europe: Heightened risk of cyber espionage operations targeting government, research sectors. On 25 October, security firm ESET reported that Russian threat group ‘Winter Vivern’ has exploited a zero-day vulnerability to target European organisations in an espionage operation since 11 October. The campaign exploited a flaw (CVE-2023-5631) in the Roundcube Webmail server through a targeted email that injected malicious code on victim networks. Winter Vivern targeted servers belonging to government entities and think tanks in Europe, indicating continued Russian strategic interest in the region. Nonetheless, the group’s toolset has a relatively low level of sophistication. The group previously used another zero-day vulnerability in March in a cyber espionage campaign. There is increased likelihood that it will continue to develop its capabilities to target strategic targets. While Roundcube has released a patch for this vulnerability, there is an outstanding risk of malicious injection, highlighting the necessity of robust security measures. (Source: Sibylline)
25 Oct 23. USAF activates units dedicated to electronic warfare. The U.S. Air Force has activated two detachments at Robins Air Force Base in Georgia dedicated to electronic warfare and its future applications.
The green light, given Oct. 25 at a ceremony inside an aviation museum, marks a step toward the realization of the 950th Spectrum Warfare Group, tasked with assessing the effectiveness of electronic warfare across dozens of aircraft while improving jamming and spoofing capabilities in large military exercises.
The nascent group is an outgrowth of the 350th Spectrum Warfare Wing at Eglin Air Force Base in Florida. That wing is staffed by engineers and other specialists that tinker with software and code to counter electronic threats in the field.
“Our enemies right now are looking at developing countermeasures as they shore up their capabilities against us,” Col. Josh Koslov, the wing’s commander, said at the ceremony. “Our team here at Robins will identify what our weak points are, and be able to point us in the direction we need to go.”
The Air Force, like the Army and the Navy, is reinvesting in electronic warfare and the related domination of the electromagnetic spectrum after years of atrophy. Modern militaries rely on the spectrum to communicate, navigate and guide weapons to their targets; the fight over it can make or break wartime success.
Both Russia and China recognize the value of the spectrum and are trying to beef up their associated arsenals. The latter may struggle in fights where spectrum access is fiercely contested, according to a Pentagon assessment released earlier this month.
“I want to emphasize the words of the commander of Air Combat Command, Gen. Mark Kelly, who said if we don’t achieve superiority in the spectrum, then our forces are going to lose, and we’re going to lose fast,” Koslov said.
The 950th Spectrum Warfare Group is expected to be fully established by 2027. But Koslov has nearer-term goals.
The detachments activated at Robins Air Force Base, where a significant avionics footprint already exists, are feeding the effort.
“Standing up these units today gives me the organizational capability to put mission on the table for warfighters,” Koslov said. “We’re depressurizing the administrivia of standing up an organization and allowing them to focus on mission earlier.”
(Source: C4ISR & Networks)
26 Oct 23. Kromek Group plc (AIM: KMK), a leading developer of radiation and bio-detection technology solutions for the advanced imaging and CBRN detection segments, has been awarded a $5.9m contract from the US Department of Homeland Security (“DHS”) Countering Weapons of Mass Destruction (“CWMD”) Office for the research and development of technologies focusing on an agent agnostic bio-detection system. The contract has been awarded under a four-year programme, which commences immediately, and the Group expects to receive $874k during the first year base period.
Arnab Basu, CEO of Kromek Group, said: “We are pleased to have been awarded this new contract for the research and development of agent agnostic biosecurity technologies, which will build on our existing expertise and technology in the field of automated bio-detection solutions. It is our first biosecurity contract from the Department of Homeland Security and underscores our belief that there are significant market opportunities in this area, as our technologies align well with government biosecurity strategies.
“This programme directly addresses a CWMD Office priority focused on the detection, classification and identification of bioterrorism attacks. Biological threats are an increasing priority for governments, particularly in light of the pandemic. The output of the programme is aimed at providing increased capability to detect and identify biological threats in response to the operational needs of the Department of Homeland Security and will be an important step in making the world safer from the threat of bioterrorism and other biological threats.”
24 Oct 23. Tarian Technology Announces Partnership with Ploughshare to Bring Revolutionary Cybersecurity Products to the Market. Tarian Technology, a Wales-based provider of cybersecurity solutions and commercial spin-out of Exsel Electronics, announces today a ground-breaking licensing agreement with Ploughshare, the commercial face of the UK Government’s Defence Science and Technology Labs (Dstl), for the use of game-changing cybersecurity products.
The partnership brings together years of work between Exsel Electronics and Dstl and demonstrates both organisations’ ambitious desire to bring Defence R&D into the wider market.
Under the new agreement, Tarian Technology gains rights to bring to market data-centric security (DCS) models, developed in collaboration with Dstl. It represents a significant leap in cybersecurity, focusing on ensuring that data and information remain secure at rest, in transit and in use across all domains.
The first to market with this approach is Bastion, a software that intrinsically protects data and is self-subscribing. Bastion works to fortify the protection of data beyond the network protection level. It adds an additional layer of encrypted security written into each document, meaning that if the network is penetrated, sensitive files remain secure. It works as an additional armour to protect valuable information and a business’s intellectual property from theft or cyber espionage.
Marie Thirlwall, Digital & Data Commercialisation at Ploughshare said: “The underpinning DCS architecture to which Bastion has been built, is the result of extensive research and development efforts; carried out in conjunction with Dstl and Tarian’s parent company, Exsel Electronics.
“DCS systems, as the core enabler of multi-domain information management, will revolutionise how organisations protect sensitive data and information in an ever-evolving digital landscape – and we’re excited that Bastion will be the first of many developments we bring to market together for this purpose and beyond.”
Key features of the Bastion DCS system include:
- Comprehensive Data Security: Bastion provides comprehensive protection for data and information at every stage of its lifecycle, ensuring it remains secure regardless of its location or usage.
- Next-Generation Technology: Leveraging cutting-edge cybersecurity technology, Bastion DCS sets new standards for data protection, guaranteeing peace of mind for organisations handling sensitive information. Secure, often multi-layer, information objects are bespoke built for each business use case, which is unique to this system.
- Collaborative Development: The collaboration between Exsel Electronics and Dstl demonstrates a unique synergy between private industry and government research, emphasising the importance of public-private partnerships in advancing cybersecurity.
Tarian Technology is excited to bring the Bastion system, that has been evolving behind the scenes with Dstl, to the wider market. The established licensing agreement with Ploughshare signifies Tarian’s dedication to providing state-of-the-art cybersecurity solutions to businesses, government agencies, and organisations worldwide.
Commenting on the partnership, Tarian MD, Keith Hughes said: “We are proud to be at the forefront of cybersecurity innovation, and this agreement with Ploughshare allows us to introduce game-changing products to the world. Data Centric Security is the future of information protection, and we are committed to helping organisations secure their most valuable assets.
“With the Bastion launch, we are poised to change the face of encryption software. This isn’t a ‘one-size-fits-all’ package like traditional DCS offerings but a tailor-made solution for enterprise and government.”
For further information about Tarian Technology and its cybersecurity solutions, please visit https://tarian.tech
23 Oct 23. China may struggle in electromagnetic spectrum fighting, Pentagon says. The Chinese military is wrestling with shortcomings in fights where access to and control of the electromagnetic spectrum is hotly contested, according to a U.S. Department of Defense assessment.
The spectrum is a critical resource in modern conflicts, as its manipulation enables navigation, communication, deception and even weapons guidance. A dizzying amount of electronic jamming and spoofing is expected in a fight between world powers.
China is aware of its perceived deficiencies and is trying to remedy them, a senior U.S. defense official told reporters in a discussion about the 2023 China Military Power Report. The document is published annually and provides the public in-depth analysis of the People’s Liberation Army, or PLA, and Beijing’s modernization goals.
“Some of the things that they talked about are how they can operate — or need to be better prepared to operate — in what they call a complex electromagnetic environment,” said the official, who declined to be named under rules set by the Defense Department. “They still talk about some of the challenges they’re involved in command and control and coordination, among others.”
The U.S. is reinvesting in electronic warfare and other spectrum-related capabilities after years of decline. China in 2015 established its Strategic Support Force, centralizing its space, information, cyber and electronic warfare efforts.
Further, the PLA is leaning into what’s known as systems destruction warfare. The premise, referenced in the 2022 and 2023 China Military Power reports, envisions warfare no longer solely focused on the decimation of enemy troops. Rather, wars are won by the side that can disrupt, cripple or outright ruin the other’s underlying networks and infrastructure.
The Defense Department has observed Chinese forces “continuing to try to improve their cyber and electronic warfare” arsenals, the U.S. official said.
Both the U.S. and China fold electronic warfare into military exercises. The latter uses the opportunities to test units’ understanding of jamming systems and procedures as well as evaluate research-and-development advancements, according to the report.
“The PLA really sees space, cyber and electronic warfare as very closely interconnected,” the official said. “They’ve written about a concept that they refer to as integrated network electronic warfare for many years.”
(Source: C4ISR & Networks)
23 Oct 23. Moro Hub Named Red Hat Premier Business Partner in the Red Hat Certified Cloud and Service Provider Program.
The Recognition marks a significant milestone in Moro Hub’s journey, elevating its commitment to providing cloud and managed services.
Dubai, United Arab Emirates, 23 October 2023: Moro Hub, a subsidiary of Digital DEWA, the digital arm of Dubai Electricity and Water Authority (PJSC), was named a Red Hat Premier Business Partner in the Red Hat Certified Cloud and Service Provider Program. This milestone was announced by Adrian Pickering, Regional General Manager, MENA & Enterprise Segment Lead for CEMEA at Red Hat, in the presence of Marwan Bin Haidar Vice Chairman, Digital & Group CEO of Digital DEWA and Mohammed Bin Sulaiman, Chief Executive Officer of Moro Hub, on the sidelines of GITEX Global 2023, that takes place from 16th to 20th October at Dubai World Trade Centre.
This recognition marks a significant milestone in Moro Hub’s journey, elevating its commitment to providing cutting-edge cloud and managed services based on Red Hat’s industry leading platforms, Red Hat OpenShift and Red Hat Enterprise Linux, along with expert hybrid cloud professional services.
“We are honoured to be recognized as a Red Hat Premier Business Partner as part of the Red Hat Certified Cloud and Services Provider Program. This accomplishment is a testament to our commitment to excellence and innovation. It reflects Moro Hub’s relentless pursuit of delivering world-class cloud and managed services, ensuring that our clients receive the best-in-class solutions to meet their evolving business needs,” said Marwan Bin Haidar Vice Chairman, Digital & Group CEO of Digital DEWA.
As a Red Hat Premier Business Partner, Moro Hub has demonstrated exceptional expertise and dedication to delivering top-tier solutions and services within the Red Hat ecosystem to organizations in the region. Moro Hub’s customers can benefit from a comprehensive suite of hybrid cloud technologies and professional services that can help them navigate the complexities of modern IT environments, facilitating seamless integration of on-premises and cloud-based resources.
“At Red Hat we believe in the power of collaboration, and Moro Hub’s unwavering commitment to excellence and innovation aligns well with Red Hat’s open-source values. As such, this recognition is a natural fit for Moro, further elevating our confidence in the company’s capabilities and our shared vision for empowering businesses through open-source technologies,” said Adrian Pickering, Regional General Manager, MENA & Enterprise Segment Lead for CEMEA at Red Hat.
Red Hat supports and powers software and technologies for automation, cloud, containers, application development, management, and more. The collaboration with Red Hat aligns with Moro Hub’s vision of driving technological advancements that empower businesses and governments to thrive in the digital era.
About Moro Hub:
As part of 10X, Dubai Electricity and Water Authority (PJSC) mobilised its innovation unit to create a new entity called Digital DEWA, which uses innovation in artificial intelligence and digital services to meet the current and future requirements brought about by the 4th industrial revolution. This entity required an innovative, agile data hub, and thus Moro Hub was established. Forming the backbone of Digital DEWA, Moro Hub was introduced to fulfil the need for an innovative and agile data centre. Through its purpose-built, industry-accredited data hub, Moro Hub uses its expertise, capabilities and alliances to contribute to the digital transformation of society. Trusted to secure, manage, and integrate data, Moro Hub is committed to providing value through customer-centric innovation, creating new opportunities now and in the future. For more info, please visit www.morohub.com.
Red Hat, Red Hat Enterprise Linux and OpenShift are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the U.S. and other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
19 Oct 23. RTX Announces Licensing Deal With Hanwha.
- Companies to manufacture tactical radios in South Korea
Collins Aerospace, an RTX business (NYSE: RTX) has signed a licensing agreement with South Korean company Hanwha Systems to manufacture airborne tactical radios in South Korea as part of a Second-generation Anti-jam Tactical UHF Radio for NATO waveform (SATURN) upgrade program.
The TruNet™ AR-1500 is an internationally available networked communications airborne radio. The solution offers a fully exportable software-defined radio receiver-transmitter, securing connectivity between ground and airborne elements across the entire battlespace, and supporting the latest edition of SATURN waveform.
“The SATURN waveform upgrade, as part of this deal, will increase support of a modern, connected battlespace, and will provide the South Korean Armed Forces the latest anti-jam technologies, which are critical to mission-readiness, safety, and interoperability with allies,” said Ryan Bunge, vice president and general manager of Resilient Navigation Solutions, Collins Aerospace. “We’re moving past obsolescence and offering a more secure solution.”
SATURN is an anti-jam, hopping waveform that was developed as a replacement for existing anti-jam waveforms. Collins will support Hanwha Systems as a sub-contractor as part of the licensing agreement for the TruNet™ AR-1500 airborne tactical radios. (Source: ASD Network)
23 Oct 23. Asia-Pacific: Government entities face persistent risk to long-term cyber espionage operations. According to media reports on 22 October, a new sophisticated cyber espionage operation, ‘TetrisPhantom’, is using compromised secure USB drives to target government entities in the Asia-Pacific region. The campaign uses custom software to obtain access to the protected portion of the secure USB devices. It then installs additional malware for information theft and to establish persistence on the secure devices. Secure USB devices are used to store files in an encrypted portion of a USB device for the protected transfer of data between systems, including air-gapped environments. These pose attractive targets for espionage-focused threat actors as they often store sensitive information that can be beneficial to a state’s strategic interests. This attack operation has persisted for several years against a small number of government targets, indicating that this campaign is highly targeted by sophisticated, well-resourced threat actors. Consequently, there remains an elevated risk to targeting government entities in the Asia-Pacific region.
20 Oct 23. Cyber Update.
- A cyber campaign using DarkGate malware was observed operating compromised Skype accounts to infect organisations through malicious instant messages (see Sibylline Cyber Daily Analytical Update – 16 October 2023).
- A new backdoor (‘BLOODALCHEMY’) was discovered during a recent campaign against government entities and other sectors in Southeast Asia (see Sibylline Cyber Daily Analytical Update – 17 October 2023; see Technical analysis below).
- An unnamed state-sponsored threat actor conducted an espionage campaign exploiting the communication platform Discord to target Ukrainian critical infrastructure (see Sibylline Cyber Daily Analytical Update – 18 October 2023; see Technical analysis below).
- Several advanced persistent threat (APT) groups are exploiting an existing software vulnerability (CVE-2023-38831) in espionage-focused operations in Ukraine and Papua New Guinea (see Sibylline Cyber Daily Analytical Update – 19 October 2023).
- The Iranian threat group ‘OilRig’ conducted an eight-month-long espionage campaign against an unnamed Middle Eastern government entity between February and September (see Sibylline Cyber Daily Analytical Update – 20 October 2023).
Technical analysis of weekly stories
BLOODALCHEMY is a new backdoor that appears to have been developed by experienced malware developers. The backdoor contains modular capabilities, including multiple persistence and execution mechanisms, and also command-and-control (C2). BLOODALCHEMY requires a specific loader to run; it does not have the capabilities to load and execute on its own, indicating that it is highly likely a sub-feature of a wider intrusion toolset, ‘REF5961’, or a significantly focused piece of malware used for a highly specific purpose. The backdoor abuses a legitimate and benign operating utility that is vulnerable to DLL side-loading, so as to load the backdoor onto devices. It uses encryption techniques to obfuscate its activity to prevent detection. Based on its functionality, the backdoor works to write/overwrite the malware toolset, to uninstall and terminate activity and to gather host information. Therefore, BLOODALCHEMY is likely used as part of a wider toolset to steal information to use for lateral movement and escalating privileges in a network.
Some non-exhaustive recommendations to mitigate against this threat include:
- Monitor network devices for suspicious traffic and activity on devices
- Monitor both inbound and outbound connections from network devices to both external and internal systems
- Ensure there are adequate security detection measures in place, including end-point detection and response (EDR) solutions (such as anti-virus software)
- Review password rules and enforce mandatory password changes at consistent intervals to prevent possible exploitation via stolen credentials
State-sponsored threat actors were observed exploiting the communications platform Discord to conduct malicious activity against Ukrainian entities. Because Discord is a web-based application and works over HTTP/HTTPS, it facilitates access to both corporate and non-corporate networks; it can also allow threat actors to blend in with normal traffic, making detection more difficult. In the aforementioned cyber operation, threat actors exploited Discord to download additional files and exfiltrate information. The actors leveraged Discord’s Content Delivery Network (CDN) to upload malicious files which can later be downloaded during the second stage of the attack (when the file is shared with users). Once a user interacts with the malicious file, the exfiltration process uses one of Discord’s automation features to enable the threat actor to disseminate information stored on the victim’s device, including text messages, files and other such data.
Some non-exhaustive recommendations to mitigate against this threat include:
- Monitor network devices for suspicious traffic and activity on devices
- Ensure there are adequate security detection measures in place, including end-point detection and response (EDR) solutions (such as anti-virus software)
- Conduct cyber hygiene awareness courses for users to enable them to recognise and report phishing attempts; urge them not to click on anything from an unknown or untrustworthy source
Ensure security measures surrounding Bring-Your-Own-Device (BOYD) policies are comprehensive and robust to prevent lateral movement to corporate networks and possible data exfiltration of corporate information. (Source: Sibylline)
20 Oct 23. Upgrade networks or suffer on the battlefield, generals warn. Maj. Gen. Paul Stanton leafed through his notebook.
He was sitting alone on stage during the last day of the Association of the U.S. Army’s annual conference, held in early October in Washington. The Army officer had just been asked about remarks made by the service’s newly sworn-in chief of staff, Gen. Randy George.
“Under continuous transformation, he did say the No. 1 priority and focus area is the network,” Stanton said, looking up from his notes and smiling. “Our Army senior leadership understands the significance of being able to move the right data to the right place at the right time.”
Stanton serves as both the commander of Fort Gordon and its Cyber Center of Excellence, a Georgia schoolhouse where troops are drilled on everything from electronic warfare to communications capabilities to cyberspace operations. The teachings there are increasingly important — especially so, after George named networking upgrades the Army’s most pressing modernization endeavor, citing lessons plucked from the battlefields of Eastern Europe.
While sophisticated, secure connectivity has for years been a focal point for the service, alongside other priorities such as long-range precision fires, air and missile defense, and aviation, it was not necessarily as high profile. Artillery, missile interceptors and helicopters have a splashy presence; the invisible tubes and tethers that enable military information sharing do not.
But that does not minimize their importance.
“They’re providing the right prioritization, they’re providing the right guidance,” Stanton said. “They’re providing the right degree of resourcing in ways that we haven’t seen historically.”
‘Shoot, move and communicate’
As the U.S. Defense Department reshapes itself following decades spent in the Greater Middle East, it is assuming a new posture molded by Russia, China and the dangers posed by their digital-savvy forces. Both powers, much like the U.S., wield influential cyber weaponry and pour money into military-related science and technology efforts.
As a result, networks that are insulated from hackers and capable of reliably connecting front lines to headquarters, wherever they may be, are of utmost importance, according to U.S. military leaders.
The Army in fiscal 2023 sought $16.6 bn to fund cyber and information technology projects, about 10% of its total budget blueprint. About $9.8 bn was set aside for the network. Another $2 bn was earmarked for offensive and defensive cyber operations as well as cybersecurity maturation.
“The character of war is changing,” George said at the outset of his AUSA address. “It’s changing rapidly because disruptive technology is fundamentally altering how humans interact.”
“Soldiers need to shoot, move and communicate,” he added. “Technology should facilitate those fundamentals, not encumber them.”
One doesn’t have to look further than the Russia-Ukraine war for evidence, according to George, who said Moscow’s forces face the consequences of compromised networks and clunky command centers multiple times a day. In other words, aging connectivity and outdated outposts make for easy targeting. (Source: Defense News)
————————————————————————-
Spectra Group (UK) Ltd
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.
————————————————————————-