Sponsored by Spectra Group
06 Dec 23. Lockheed jammer for Strykers, AMPVs on ‘good path,’ Army official says. A combined electronic warfare, signals intelligence and cyber weapon being developed by Lockheed Martin is “on a good path” to realization, following soldier testing this year, according to a U.S. Army official.
The Terrestrial Layer System-Brigade Combat Team, or TLS-BCT, is part of the service’s reinvestment in jamming, spoofing and spying as competition with Russia and China ramps up. The technology is so far slated for installation aboard Stryker combat vehicles, made by General Dynamics, as well as Armored Multi-Purpose Vehicles, made by BAE Systems.
Army Brig. Gen. Ed Barker, the leader of the Program Executive Office for Intelligence, Electronic Warfare and Sensors, or PEO IEW&S, on Dec. 5 told reporters a demonstration at Fort Huachuca, Arizona, months earlier was informative.
“We believe that we demonstrated the capabilities that are being asked, with regard to the Army’s next SIGINT, EW and cyberspace operations platform,” said Barker, whose office helps develop and deploy everything from reconnaissance payloads to missile-warning suites to biometric tools. “We still got a lot of work to do, coming out of the operational demonstration. We learned a lot.”
He did not speak to system shortcomings.
TLS-BCT is meant to provide smaller Army formations a means to better read their surroundings and disrupt sensitive networks and advanced electronics. Manipulation of the electromagnetic spectrum — a contested resource — is critical in modern warfare as it’s used to guide weapons, communicate with friendly forces and suppress enemy observations.
An operational assessment, another evaluation, of TLS-BCT is expected in fiscal 2025.
Deon Viergutz, Lockheed’s vice president of spectrum convergence, in November told a separate group of reporters visiting Syracuse, New York, that the company recognized the Defense Department’s desire for sophisticated jammers. Observations gleaned from the Russia-Ukraine and Israel-Hamas wars are driving factors.
“There’s, obviously, a huge focus on the modernization of EW within the Army. Many of the Army leaders have talked about that,” Viergutz said at the time. “It’s reflected in the budgets that we see. There is a great demand for these programs of record and getting them out there quickly.”
Lockheed is also spearheading development of the Army’s TLS-Echelons Above Brigade, known as TLS-EAB, and the Multi-Function Electronic Warfare-Air Large, or MFEW-AL.
The Maryland-based company is the largest defense contractor in the world when ranked by revenue, according to Defense News Top 100 analysis.
(Source: Defense News Early Bird/Defense News)
07 Dec 23. Chief Digital and Artificial Intelligence Office to Host Hackathon in Hawaii.
The Office of the Secretary of Defense Chief Digital and AI Office, Defense Innovation Unit, U.S. Indo-Pacific Command, U.S. Army Pacific Command and the U.S. Air Force will host a multi-classification hackathon open to all U.S. citizens, Feb. 5 – 9, 2024.
A hackathon is an innovation event commonly employed by technology companies in which teams develop prototypes in response to enterprise challenges associated with data. The BRAVO 11 Bits2Effects hackathon will occur at one of the DOD AI Battle Labs on the island of Oahu, Hawaii.
Any American citizen is eligible to apply, regardless of whether they currently work for the federal government or possess a security clearance. Applications – available online here – will be accepted on a rolling first-come-first-serve basis with the first group of acceptances taking place in mid-December. Due to past events exceeding 400 participants, BRAVO has secured an over-flow room, although organizers still expect demand to exceed supply.
Attendees are not required to hold a security clearance. However, certain spaces, use-cases, and datasets may require a U.S. secret security clearance or higher. Applicants may apply as an employee for the U.S. government, a U.S. government contractor working on behalf of a federal contract, or as U.S. citizen either affiliated or unaffiliated with a company. Any U.S. federal employees or federal contractors are eligible to submit potential use-cases and proposed collaborations within the application process. Sourcing a use-case to these hackathons often results in an operational prototype and feedback for the sourcing organization.
Starting in 2021, the U.S. Air Force began organizing multi-service prototyping events, known as BRAVO hackathons, to expedite learning and capability development from classified and protected operational data. This year’s BRAVO 11 Bits2Effects, the fourth BRAVO hackathon and first-held inside a combatant command, is seeking to produce solutions to combatant command challenges utilizing Indo-Pacific operational theater data. BRAVO utilizes a permissive software development environment that permits the co-mingling of classified and protected data with untrusted open-source and commercial software otherwise not approved for production systems within minutes.
Prior hackathons have produced prototypes influencing major Defense Department programs in areas including large language models, space launch, flight telemetry and biometrics, unmanned systems, personnel recovery, security classification, sensing and targeting, and battle damage assessment among others.
“In the early 1920s, Army Col. Billy Mitchell assessed battleships, a top military funding priority of the Department of War, could be sunk by bombers just 1/80th the cost,” said Stuart Wagner, Chief Digital Transformation Officer for the Department of the Air Force and BRAVO AI Battle Labs Executive Agent. “To disprove widely held resourcing beliefs of senators, four-star generals and the Secretary of War, Mitchell organized the Project B exercises where bombers repeatedly sunk German-captured battleships, changing warfare by turning investments to airpower in the leadup of World War II.
The BRAVO DoD AI Battle Labs are again seeking to change how warfare is conducted by enabling innovators to develop and employ data driven effects during competition and conflict.”
Applicants looking to participate may do so in one of three roles:
* The “Hacker” role is open to all applicants and expects project builders with varying skill sets and experience, including operational and warfighter expertise, software development, data science, machine learning, design and user interface/user design, data visualization, and product management. Hackers may optionally supply a use case during the application process.
* The “Hacker Subject Matter Expert” (HackerSME) role is open to government and government contractors who lead one or more teams with specific expertise about a use case or dataset, or supplies and administers infrastructure utilized at the hackathon. HackerSMEs will be required to supply a use case during the application process.
* The “Supporter” role, open to government and government contractors, provides administrative support to the event by running security, facilitating supplies delivery, organizing social events, and facilitating the delivery of science fair materials and attendee check-in.
Any federal government organization (contractor or government) is eligible to submit a use case, dataset, infrastructure, or potential collaboration with the hackathon by submitting a Hacker/HackerSME application to the event. Further clarification can be obtained via . U.S. citizens and industry not leveraging an existing DoD contract for their proposed collaboration are encouraged to contact the Defense Innovation Unit at . (Source: U.S. DoD)
04 Dec 23. Spectrum Battle Management. The EWPMT heralds a step change in how the force commands and controls electronic warfare at the tactical and operational levels. The system will be fully integrated with other C2 systems to ease the sharing of relevant data and intelligence.
The US Army’s Electronic Warfare Planning and Management Tool (EWPMT) should reach full operational capability by 2025.
The EWPMT heralds a step change in how the force commands and controls electronic warfare at the tactical and operational levels. The system will be fully integrated with other C2 systems to ease the sharing of relevant data and intelligence.
The US Army’s RTX Electronic Warfare Planning and Management Tool (EWPMT) is the Command and Control (C2) systems the force will use for operational and tactical Electronic Warfare (EW) missions. The EWPMT facilitates Signals Intelligence (SIGINT) analysis and spectrum management. The C2 system is also used for the planning and execution of electronic or cyberattacks against hostile emitters. Once engagements are performed, the EWPMT aids battle damage assessment.
Command and Control
The force has been deploying the EWPMT since 2018 chiefly to US Army units stationed in Europe. Initial recipients included the 173rd Airborne Brigade and the 1st Infantry Division of the 2nd Brigade. The system represents one of the army’s major EW programmes alongside the Terrestrial Layered System (TLS). The TLS will provide electronic attack, support and protection capabilities to US Army formations. Two distinct systems constitute the TLS family: The TLS–Brigade Combat Team (TLS-BCT) is being developed by Lockheed Martin. This TLS configuration provides electronic and cyberwarfare capabilities at the tactical level for brigade–sized formations and below. The TLS–BCT architecture will be mounted on a General Dynamics M1133 medical evacuation vehicle. The M1133 is a variant of General Dynamics’ M1126 Stryker wheeled armoured fighting vehicle. The medical evacuation variant was chosen by the army because of the number of electrical power points available inside the vehicle.
Heavy brigades are receiving the same TLS–BCT architecture mounted onboard the BAE Systems M1283 Armoured Multi-Purpose Vehicle series tracked platforms. There appears to be no word in the public domain regarding which M1283 variant will accommodate the TLS–BCT fit. Larger formations are receiving the TLS–EAB (Echelon and Above) system. As Armada reported in August, Lockheed Martin is building a prototype TLS–EAB. The TLS–EAB configuration will deliver EW and cyberwarfare capabilities to support land manoeuvre and joint forces at division and corps levels.
The EWPMT has been rolled out via several Capability Drops (CDs): CD1 allowed the EWPMT architecture to perform EW mission planning and electronic attack targeting. CD2 conferred the ability to perform dynamic spectrum management. CD3 covered the integration of additional US Army sensors beyond those already connecting with the EWPMT architecture. Finally, CD4 moved the overall EWPMT architecture towards Full Operational Capability (FOC). This capability drop saw the addition of machine learning and artificial intelligence tools to the EWPMT. These tools will take raw SIGINT gathered from across the battlefield and help turn this into useful data for EW cadres.
A key element of the EWPMT is that it can receive and share data with other users in the manoeuvre force and beyond, according to US Army documents. The system connects with the army’s Intelligence Broadcast Service (IBS). The Intelligence Broadcast Service lets BCTs receive relevant signals and other intelligence from sources not organic to the formation like SIGINT aircraft. The IBS is a secure communications protocol that handles this data. Data is moved through systems like Leonardo DRS’ Joint Tactical Terminal using conventional radio and satellite communications.
The EWPMT is being managed by the US Army’s Intelligence, Electronic Warfare and Sensors Programme Executive Office (PEO IEWS). A spokesperson for the office told Armada that the EWPMT reached its full deployment milestone this May. Reaching this milestone allows full EWPMT deployment across the army in 2024. The spokesperson said that, so far, the army has received 25 EWPMT units “based on operational need.” While they did not provide details on precisely which formations have got the EWPMT they did say that the architecture will be used by all echelons. In practice this means that the will EWPMT support manoeuvre force tactical- and operational-level electronic warfare. The spokesperson continued that current plans call for the EWPMT to reach FOC by late 2025.
The US Army’s expected FOC for the Electronic Warfare Planning and Management Tool coincides with the entry of the TLS incarnations in the latter half of this decade. The advent of new EW platforms coupled with a new electronic warfare C2 system is an important step forward for US Army electronic warfare capabilities. (Source: Armada)
05 Dec 23. Sea Change. Recent Royal Navy operations in the Baltic and Europe’s far north have underscored the challenges the fleet faces as NATO deals with Russia’s increasingly muscular strategic behaviour in these areas.
A recent conference saw Royal Navy representatives outlining how the service sees competition in the electromagnetic spectrum and the steps being taken to ensure it can prevail in this challenging domain.
The United Kingdom’s Defence Science and Technology Laboratory’s Operating in the Future Electromagnetic Environment (OFEME) symposium has established itself as a key annual event. This year’s event included a presentation by Captain Marcus Hember of the Royal Navy entitled ‘Operating in the Future Electromagnetic Environment.’ His presentation highlighted the levels of tension characterising Europe’s arctic areas and far north. Existential tensions between Russia and the North Atlantic Treaty Organisation (NATO) are the result of the former’s increasingly muscular presence in these areas.
Capt. Hember highlighted the importance of the Electromagnetic Environment (EME) as the arena in which a commander understands, observes, and through which they communicate and deliver effects. By leveraging the EME commanders can change an opponent’s calculus. EME operations are not exceptional but are very much day-to-day activities, he added. The use of jamming in areas where the Royal Navy and allied maritime forces operate is a reality even in peacetime. For example, peacetime jamming can affect vital services like crew welfare communications and vessel meteorology.
The past is prologue
The Royal Navy has a long heritage of involvement with the EME commencing with the Senior Service’s use of radar and Electronic Warfare (EW) during the Second World War. The 1970s saw the navy pioneer methods to exploit EW information for command and control, and to share this data between vessels. The loss of the Israeli Navy’s INS Eilat destroyer on 21st October 1967 in the Mediterranean was instructive. She sank after being hit by three P-15 Termit (NATO reporting name SS-N-2 Styx) radar-guided Anti-Ship Missiles (AShM) fired by Egyptian Navy missile boats. The loss of the INS Eilat was the first time a naval vessel had been sunk by radar- guided AShMs. 15 years later, the Royal Navy would learn firsthand about the lethality of such weapons. During the 1982 Falklands/Malvinas conflict the navy’s task force lost two ships to radar-guided Aérospatiale/MBDA AM39 Exocet radar-guided AShMs. A third vessel, HMS Glamorgan, a ‘County’ class destroyer, was damaged by an MM38 Exocet on 12th June during that conflict.
Today’s EME challenges faced by the Royal Navy include the proliferation of technologies like digital communications which can create problems because of signal discretion. Digital signals can be hard to detect by naval communications Electronic Support Measures (ESMs). Digital communications technology also creates cyber protection challenges. Modern naval ESMs need continually improving signals discrimination and endless threat library updates. Training must cope with an ever-changing technological environment as new technology is rapidly fielded. People must be trained to support and use an ever-changing spectrum of technology in an ever-changing operational environment. Meanwhile, technology improves while the number of deployed operators reduces. This divergence has an impact on the level of specialisation operators can have simply because there are fewer of them. Capt. Hember stressed the need for remedies to these challenges which are consistent, clear and robust.
From a materiel perspective, spare parts need to be continuously available and equipment must be robust. New capabilities must be blended into existing platforms which creates its own challenges and places a premium on reducing size, weight and power consumption burdens. Ships and submarines are often entirely deprived of communications for long periods. Communications outages can affect a vessel’s ability to receive timely threat data information for ESM library updates.
Future CEMA (Cyber and Electromagnetic Activities) capabilities must be delivered to frontline users at the speed of relevance, Capt. Hember emphasised. The UK Ministry of Defence now recognises CEMA as a single operational domain and the Royal Navy is recasting its CEMA strategy to reflect this. The navy’s objectives are to understand the EME, protect freedom of action within it, develop capabilities to gain operational advantage, operate to actively exploit the EME in a consistent and confident manner, and constantly develop its capabilities at the speed of relevance. The ecosystem that deliveries these requirements must be secure and resilient. Delivering the above priorities depends on some vital enablers chiefly people, adaptable processes to field capability quickly, ethos and intellectual curiosity in every part of the navy. Future challenges will include assuring capability and understanding that vis-à-vis the navy’s opponents.
Ongoing Royal Navy operations in the Baltic and far north are driving home the importance of the electromagnetic environment to the fleet’s freedom of manoeuvre. Fortunately, the Senior Service has both the heritage and strategy to ensure it remains at the cutting edge of maritime CEMA. (Source: Armada)
06 Dec 23. Finger on the Pulse. Electronic support measures have revolutionised electronic warfare by aiding the detection, geolocation and identification of radars, although current ESM technology does have some significant shortcomings.
Current radar electronic support measure technology has room for improvement, says a leading electronic warfare expert.
The United Kingdom’s Defence Science and Technology Laboratory’s annual Operating in the Future Electromagnetic Environment (OFEME) symposium does not disappoint. This year’s event, which took place in Nottingham, in England’s East Midlands on 20th and 21st November, had some excellent presentations. Among an array of subjects, presentations covered electromagnetic challenges in the maritime environment and optical wireless communications. Dr. Sue Robertson, a leading electronic warfare expert and director of EW Defence, discussed current shortcomings in Electronic Support Measure (ESM) technology.
Highlighting the challenges for electronic support measures to detect radar signals, Dr. Robertson told delegates that ESMs can usually only detect a radar when that signal is pointing at the system’s antennas. At 100 nautical miles/nm (185 kilometres/km) an ESM will see a radar signal for less than one percent of the time it is transmitting. At 25nm (46km) the radar is seen for less than five percent of the time it transmits. A radar will be seen for 20 percent of its scan cycle when under five nautical miles (nine kilometres) away.
ESMs often generate several tracks for the same radar, a process known as multitracking. Multitracking is caused by a myriad of factors. Dr. Robertson said that one of the main causes of multitracking is errors in the measurement of a radar signal’s Direction of Arrival (DOA). An ESM maybe mounted on an aircraft with the system’s receiving antennas spaced several metres apart. The problem, highlighted by Dr. Robertson, is that most ESMs are designed to treat the platform carrying them is a single point in space. This hypothesis leads to a further assumption that radar pulses will arrive at all the ESM’s antennas with an equal signal strength. However, radars can transmit signals with very narrow azimuth beamwidths, sometimes measuring one or two degrees or less. Radars with very narrow main beams might have different parts of the radar pulse at different amplitudes hitting each of the antennas at the same time. This risk causing DOA errors.
Missing pulses also create challenges for ESMs. A radar will transmit a certain number of pulses over a specific time, known as a Pulse Repetition Interval (PRI). PRI measurement is a very important task for an ESM as this information will be correlated with radar tracks to help identify types of radar. Missing pulses creates errors in PRI measurement which has a correspondingly negative effect on the ESM’s performance. Pulses are transmitted by the radar but not detected by the electronic support measure. These missing pulses are caused by the narrow shape of the radar beam, Dr. Robertson added.
Addressing the shortcomings
Dr. Robertson encouraged the Electronic Warfare (EW) community to urgently address these, and other, ESM shortcomings to ensure they can work in today’s and tomorrow’s operating environment. She stressed that the testing of ESM systems in the real world is vital: “However good your system is in theory, or however well it works in the lab environment it will almost certainly work differently, and much, much worse when it is out in the real world.”
To complicate matters, future ESMs will have to deal with much more complicated radar signals than they do today. The advent of active electronically scanned array radars being a case in point. ESMs will need to cope with multitudes of different signals performing different tasks all transmitted by the same system. In addition, ESMs will also have to work in an ever-more congested electromagnetic environment. Dr. Robertson highlighted the advent of satellite communications constellations like SpaceX’s Starlink. Transmissions from Starlink satellites to Earth in the eight to twelve gigahertz range could cause challenges for ESM systems. These wavebands are in the electromagnetic ‘neighbourhood’ where X-band (8.5GHz to 10.68GHz) radar transmission also live.
Dr. Robertson asked what role Artificial Intelligence (AI) can play in future electronic support measure architectures, specifically cognitive electronic warfare. Cognitive EW harnesses AI techniques like machine learning and neural networks to help electronic warfare systems understand and react to their environment. She stressed that technological hurdles to the adoption of cognitive EW techniques along with human trust issues must be addressed. Human trust is imperative, after all a cognitive EW system “only has to fail once and then it will never be trusted again.” Cognitive EW approaches will need to be demonstrated as safe, reliable and capable.
Ultimately, an EW system, cognitive or otherwise, is only as good as the data it receives. Work will need to be done to address existing ESM shortcomings highlighted by Dr. Roberston’s talk. The challenges for the future are as follows: Fix performance errors we know of in ESM systems, develop robust test and assurance methods and use cognitive EW without destroying the credibility of the electronic support system. (Source: Armada)
07 Dec 23. December Spectrum SitRep. A recent agreement concluded between Infozahyst and SPX CommTech will ensure that electronic warfare systems provided by the latter company can be maintained in the Ukrainian theatre of operations. Likewise, the agreement covers the provision of local training the systems’ operators.
Armada’s monthly round-up of all the latest electronic warfare news in the product, programme and operational domains.
Infozahyst has announced a technical cooperation agreement with SPX CommTech. A press release revealing the news said the agreement would cover “the delivery of specialised technologies within the RF (Radio Frequency) spectrum, adapted to battlefield requirements.” Infozahyst will provide diagnostic, repair and care services for equipment supplied by SPX CommTech. The former will also supervise operator instruction for members of the Ukrainian military using the latter’s equipment. Beyond support and training, Infozahyst will ensure that SPX CommTech’s equipment is integrated with other systems used by the Ukrainian military. Localising the care, support and training of the equipment will help ensure that these are more responsive to the demands of Ukraine’s armed forces. The agreement will also enable equipment and personnel to remain in theatre for maintenance, repair and overhaul, and training. Sources familiar with the agreement told Armada that the depth of the cooperation between both companies could grow beyond this collaboration in the future.
Horizon Technologies has been awarded a $1.5 m grant by the UK Space Agency as part of the country’s wider Amber Phoenix programme. Amber Phoenix is working to provide the UK with a constellation of Radio Frequency (RF) sensing satellites. The award was made following the failure of Virgin Orbit’s LauncherOne rocket on 9th January. LauncherOne was an air-launched rocket capable of lofting satellites into space. Horizon Technologies had an RF sensing payload equipping Amber IOD-3 (also known as Amber-1); one of the nine satellites being taken into space by LauncherOne. Another attempt to place one of the company’s RF sensing payloads into space can now be made because of the grant. Reports state that the UK Space Agency plans to use space-based RF sensing payloads to help detect suspect vessels at sea. Maritime radio signals will be useful to aid the tracking of illegal fishing, smuggling and other potentially criminal activity on the high seas. Proposals are afoot, according to the Space Agency, to eventually have a constellation of 20 satellites supporting this mission.
John Beckner, Horizon Technologies’ chief executive officer, told Armada that the new Amber satellite will have solar panels to continuously power its RF sensing payload, providing an “always on” capability: “You have to be always on as you don’t know where the targets are,” Mr. Beckner continued. Regarding signals of interest, the satellites will geolocate emissions from maritime Automatic Identification Systems (AISs). Vessel AIS transponders use frequencies of 161.975 megahertz/MHz and 162.025MHz. L-band satellite phone signals (1.5 gigahertz/GHz to 1.6GHz) can also be geolocated. Meanwhile, signals from marine S-band (2.3GHz to 2.5GHz/2.7GHz to 3.7GHz) and X-band (8.5GHz to 10.68GHz) radars will be geolocated by the payload. When a signal of interest is detected, its coordinates will be shared with satellite imagery providers. This lets users correlate the signal of interest with a visual picture of its source. Mr. Beckner says plans are afoot to augment the constellation with Synthetic Aperture Radar (SAR) to improve imagery collection. SAR has the attraction of being unimpeded by rain, snow, dust or smoke. These atmospheric contaminants can potentially obscure signal sources from imagery gathering.
Infrared Moves Ahead
Northrop Grumman has unveiled the company’s new Advanced Tactical Hostile Engagement Awareness (ATHENA) system. The company refers to ATHENA as a next-generation missile warning sensor which is “always on and keeping an eye out for threats,” according to a company press release. Dennis Neel, ATHENA’s programme director at Northrop Grumman, told Armada that this optical sensor detects infrared threats. These threats can include shoulder-fired surface-to-air missiles. Mr. Neel said that ATHENA can “replace existing missile warning sensors” as it is “similar in weight and power to them (but) offers greater resolution and processing power in the sensor itself.” He continued that ATHENA’s platform-agnostic design makes it suitable for use with other self-protection systems like the company’s Common Infra-Red Countermeasure. According to Northrop Grumman, it is under an engineering manufacturing and development contract to supply ATHENA to the US Air Force. No details were given regarding the platforms the missile warning sensor will equip or when deliveries may commence. Nonetheless, Mr. Neel added that ATHENA was “meeting demanding internal benchmarks … and it continues to mature rapidly.”
07 Dec 23. The British Army trials Smarter Technologies’ Orion IoT Data Network on Exercise IRON TITAN 2023.
Smarter Technologies Group (STG), the leading British provider of Internet-of-Things (IoT) solutions, is helping the UK’s 101 Operational Sustainment Brigade (OSB) gain “Support Advantage” with modern tracking technology. A joint industry/MoD trial of STG’s proprietary Orion IoT Data Network was conducted during exercise IRON TITAN 23. Critical supplies were tracked in near real-time to give commanders, planners and operators full visibility of their supply chain and present them with data-driven insight for their decision-making.
Exercise IRON TITAN 23 was the British Army’s largest support exercise in 20 years. It was designed to test the support elements of the 3rd (UK) Division and involved over 8,000 troops deployed across England and Wales. As well as individual and collective training, the exercise explicitly aimed to innovate, and to trial technologies that help realise the Army’s logistic support vision for the future.
Aligned with this vision, Army Logistics targeted the need for more timely and reliable supply chain visibility than is possible using manual systems. They saw the value of tracking vital logistic commodities, such as ammunition, across the breadth and depth of the logistic effort, in near real-time and via a common user interface. Smarter Technologies, who have extensive experience of high-value asset-tracking in the commercial sector, worked alongside 101 OSB and 27 Regt RLC to design and implement an automated asset-tracking capability suitable for deployed military manoeuvres, with a customisable interface to meet the needs of different users.
The trial proved Orion’s ability to automate manual interventions, efficiently and reliably, and to track critical consignments at rest and in transit, on arrival and departure at logistics nodes and as they move between them. The trial opens up the prospect for enhanced supply-chain visibility, from the industrial base, along extended lines of communication and all the way to front-line units. It also offers the possibility of a faithful, live and responsive common operating picture able to support dynamic operations in rapidly changing circumstances.
Brigadier Craig Hanson, formerly ACOS Log (Army) and now Commander 101 OSB, said, “It was great to see modern asset-tracking on Ex IRON TITAN. What Smarter Technologies showed was the art of the possible for real-time situational awareness in a deployed military setting.” He added, “It was also good to see units working directly with industry partners to experiment and innovate. The Land Industrial Strategy (LIS) is clear about the need for closer working relationships between MoD and industry, and what the troops have delivered here is exemplary. Embracing current and emerging technologies is essential if we are to meet our future needs, generate support advantage and give us the edge. Thank you to Smarter Technologies for working so closely with my units on this project – a real success story”.
David Miller, Chief Technical Officer at STG said, “It was invaluable for us to work alongside 27 Regt RLC and to better understand the logistic challenges they face. Orion has been used for many years to track high-value assets in the commercial sector and in Defence. We’ve now demonstrated that it has benefit well beyond base infrastructure, such as naval dockyards, military air bases and established training areas, and can also support deployed operations globally. We’re looking forward to working more with UK Defence to leverage the benefits of IoT tracking solutions further, for both efficiency and effect.”
06 Dec 23. Babcock showcases HF comms expertise at Army’s flagship experimentation event.
We were pleased to take part in the Army Warfighting Experiment’s (AWE) Distinguished Visitors’ Day last week where we showcased our solution for delivering wideband High Frequency (HF) Beyond Line of Sight communications.
Babcock is a world leader in HF comms and provides a variety of services to the UK, Australia and New Zealand, all of which are part of the Five Eyes intelligence alliance.
HF comms are difficult to geolocate and offer significant range without intermediate infrastructure and as a result, they are becoming more popular for dispersed and agile forces in the battlespace.
AWE, which is the flagship experimentation programme for the British Army, provided our Tactical Communications and Information Systems team with the opportunity to demonstrate our collaboration with cutting-edge radio solutions provider KNL.
We showcased a wideband HF-enabled Intelligence, Surveillance, Target Acquisition and Reconnaissance (ISTAR) system which allows data transfers of up to 300kbps.
This enables situational awareness, target information and images to be sent over extended ranges – allowing an up-to-date tactical picture of the battlespace to be shared, speeding up the ‘sense, decide, effect’ for armed forces across domains.
Dr Tim Wilkinson, Head of Technical Strategy in Babcock’s Mission Systems business, said: “It was great to take part in AWE 2023 and demonstrate how Babcock is a world leader in systems integration.
“We work with the brightest SMEs to deliver innovative solutions for customers who have increasingly complex requirements.
“Being able to operate in a dispersed and agile formation is a key requirement for Land Forces and by collaborating with KNL we’ve developed a solution that contributes towards fulfilling their key requirements.”
07 Dec 23. US: Exploitable software vulnerabilities elevate security risks faced by government entities. On 5 December, the US Cybersecurity and Infrastructure Security Agency (CISA) reported that unknown threat actors accessed government servers by exploiting a pre-existing software vulnerability between June and July 2023. The vulnerability (CVE-2023-26360) is present in Adobe ColdFusion software, allowing improper access control and remote code execution. The vulnerability was used to compromise two public-facing servers that employed outdated versions of the software, underscoring the importance of applying patches, especially for organisations involved in national security. The first campaign focused on reconnaissance without conducting lateral movement or exfiltrating data, likely mapping the wider government network for future operations. Another campaign attempted to view sensitive files (including password stores) and install remote access trojans, highlighting the latent security risk to US government entities. As the US remains a high-value target for cyber espionage by nation-state actors, it is highly likely that government entities will continue to be targeted in attacks utilising software vulnerabilities for access. (Source: Sibylline)
04 Dec 23. Backpack jammer prototyped by CACI’s Mastodon passes early Army test. Preliminary testing of a portable jammer soldiers can sling to their backs and use to manipulate electronic signals while on the move was successful, according to its makers and a U.S. Army official.
The service in November put the Terrestrial Layer System-Brigade Combat Team Manpack, or TLS-BCT Manpack, through an operational demonstration at Fort Huachuca in Arizona. CACI International-owned Mastodon Design months earlier won a $1.5 m contract to prototype the system, built utilizing the company’s existing Beast and Kraken electronic-warfare products.
“I think we were very happy with what we saw and where it’s going,” Todd Probert, CACI’s president of national security and innovative solutions, said in an interview at the Reagan National Defense Forum in California. “We’re not sleeping on the last test. We’re continuing to look to new modes of capability.”
The TLS-BCT Manpack is designed to give troops a mobile means of molding the electromagnetic spectrum to their advantage. It is a smaller offshoot of the TLS-BCT, to be installed aboard Stryker and Armored Multi-Purpose vehicles, and the longer-range TLS-Echeclons Above Brigade, envisioned for use by divisions and corps amid preparations for fighting with Russia and China.
A key consideration of the backpack version is its physical load: size, weight and power, often referred to as SWaP. Soldiers carry dozens of pounds of gear; adding to the pile can be annoying at least and debilitating at most.
“We’re already asking people to carry too much stuff. In my judgement, those parts of the defense industry that can deliver an exquisite capability that doesn’t break the back of the operator, literally, is going to be a premium,” Michael Nagata, a CACI strategic adviser, senior vice president and retired Army lieutenant general, said in an interview at the forum. “I mean, my average combat load when I was in service was well over 60 pounds.”
The Army is attempting to reinvigorate its electronic warfare arsenal after years of complacency. While such tools were used in the Greater Middle East, threats posed by larger world powers are motivating the U.S. military to rethink its strategies and spending. Contracts for the TLS line have so far totaled tens of ms of dollars, with Lockheed Martin winning much of it. CACI is collaborating with the company on the TLS-EAB as well.
Army Brig. Gen. Ed Barker, the leader of the Program Executive Office for Intelligence, Electronic Warfare and Sensors, or PEO IEW&S, in a statement said the demonstration of the manpack last month “set the standard” for future users. Army Forces Command contributed to the evaluation.
“They were highly motivated, highly competent, innovative problem-solvers,” Barker said. “They excelled at not only learning and operating the manpack system, but also demonstrated how their teams can successfully operate and influence the battlefield.”
CACI in 2022 earned $4.3bn in defense-related revenue, securing the No. 27 spot on the Defense News Top 100 list of the world’s largest defense contractors. The company bought Mastodon Design for $225m in 2019. (Source: C4ISR & Networks)
05 Dec 23. US: New threat actor will elevate security risks to aerospace organisations. On 30 November, technology firm, Blackberry, reported on a new threat actor (‘AeroBlade’) targeting a US aerospace organisation in a suspected cyber espionage operation. The first campaign occurred in September 2022, using phishing emails containing a malicious document to drop malicious code. The second campaign occurred in July 2023 and employed the use of more obfuscation and anti-analysis techniques compared to the first operation, highlighting the group’s rapid sophistication to sustain covert operations. In both campaigns, AeroBlade targeted the same US aerospace organisation, indicating a highly targeted operation to steal sensitive information. There is a realistic possibility that the exfiltrated information will be used to bolster other nation-states’ aerospace programmes. As such, aerospace organisations will remain an attractive target for espionage operations due to their established relationship with the government sector and the highly sensitive information they manage. (Source: Sibylline)
04 Dec 23. Global Integrity Announces QTel™, the Company’s Next-Generation Secure Communications Ecosystem. Global Integrity today announced the newest version of the company’s secure communications solution, QTel, which offers advanced features and even stronger encryption. Formerly Qphone, the new QTel provides a unique approach that ensures security and privacy of all voice, messaging, and video conversations.
Combining mobile apps with a highly secure, hardened network ecosystem, QTel leverages the best peer-to-peer encryption technology designed to prevent man/machine-in-the-middle attacks. This protects all communications and information exchanged between QTel from being spoofed or compromised and eliminates eavesdropping and other external threats.
From the boardroom to conflict zones around the world, QTel has proven to supply the most secure communications. Each organization has its own unique derivation of encryption ensuring complete privacy. Unlike most apps, QTel does not collect any location data, phone numbers or anything that can be used to track an individual.
“Many vendors tout end-to-end encryption as a key component to their secure communications solutions,” explained Bill Marlow, CEO of Global Integrity. “However, there is a vast difference between ‘end-to-end’ and ‘peer-to-peer’ encryption with the former being vulnerable to intercepts and eavesdropping. Alternatively, true peer-to-peer encryption, the method used by QTel, only occurs on an endpoint device, and the decryption only occurs on the specified recipient’s system(s), thus making it harder for a nefarious third-party to access your data.”
Organizations across a range of industries are increasingly using QTel as part of their operational toolset to safeguard communications and interface with personnel in the field and remote locations. It is designed and built specifically to ensure privacy and security of communications, sensitive information, and intellectual property.(Source: BUSINESS WIRE)
05 Dec 23. LeoLabs, the leading commercial provider of Space Traffic Management (STM), Space Situational Awareness (SSA), and Space Domain Awareness (SDA) services, today announced it signed a partnership agreement with Aalyria, the advanced software-defined and optical networking communications company.
LeoLabs and Aalyria seek to combine their complementary expertise and technologies to address space awareness challenges for complex communications networks that span land, sea, air, and space. This agreement marks the beginning of their collaboration on relevant contract opportunities, including with the United States Department of Defense.
“Communications infrastructure is critical to our daily lives and increasingly linked across multiple domains, including space,” said LeoLabs Chief Executive Officer Dan Ceperley, “That’s why we’re proud to partner with Aalyria and address the challenges faced by both commercial and government-owned communications networks. By layering our space safety services with Aalyria’s network orchestration solutions, we hope to ensure that the growing hybrid communication networks are secured in today’s complex, crowded, and contentious space domain.”
“The future of communications are dynamic, hybrid networks that can deliver high-speed, secure, and reliable connectivity anywhere and anytime,” said Chris Taylor, CEO of Aalyria. “LeoLabs and Aalyria share this vision, and we’re excited to collaborate with them to make it a reality.”
Aalyria will integrate LeoLabs’ growing commercially owned orbital database into Spacetime, Aalyria’s software platform for orchestrating networks of ground stations, aircraft, satellites, ships, and urban meshes. LeoLabs will serve as a “source of truth” for Aalyria to model the locations of objects in low Earth orbit (LEO) for mission planning and operations purposes. This is crucial for customers to maintain and secure their communications networks which may experience interference from other objects on-orbit.
By layering LeoLabs’ operational safety data and services onto Aalyria’s existing network solutions, operators will have a single point of access for real-time information and analysis for critical decision-making. This partnership serves the growing need for interoperability with legacy, hybrid space, 5G NTN and FutureG network architectures.
About LeoLabs (www.leolabs.space)
LeoLabs is transforming the way satellite operators, commercial enterprises and federal agencies across the world launch and track missions in low Earth orbit. Through its vertically integrated technology system, Vertex™, LeoLabs delivers the superior information needed to succeed in today’s space race. With unmatched LEO coverage, real-time tracking and powerful insights, companies and governments rely on LeoLabs to safely innovate and execute a wide array of operations in space.
About Aalyria (https://www.aalyria.com/)
Aalyria is a global advanced networking and laser communications technologies company. It is revolutionizing connectivity on Earth and in space. Its Tightbeam product, the world’s first atmospherically corrected coherent free space optics solution, Spacetime, the only all orbit, all domain, software defined network orchestration platform is helping commercial and government customers reimagine and operate new business and mission models to make assets more effective, efficient, and profitable. (Source: PR Newswire)
04 Dec 23. New backdoor sustains security risks to a broad spectrum of sectors in possible espionage operations. On 1 December, the security firm Palo Alto Networks reported a new backdoor (‘Agent Racoon’) being used in suspected cyber espionage operations against organisations in Africa, the Middle East and the US. The backdoor executes via scheduled tasks on an infected machine and its capabilities include command execution, file uploading/downloading and masquerading as legitimate software updates to evade detection. It is unclear how the attackers obtained initial access to target organisations. Targeted industries include education, government, non-profit, real estate, retail and telecommunications. The activity is currently being tracked as the cluster ‘CL-STA-0002’ by Palo Alto Networks. While the cluster has yet to be attributed to a known threat actor, due to the backdoor’s victimology and defence evasion techniques, there is a realistic possibility that a state-sponsored threat actor is behind Agent Racoon operations. Consequently, there remain moderate security risks to firms in the aforementioned sectors. (Source: Sibylline)
02 Dec 23. Australia says AI will be used to help track Chinese submarines under new Aukus plan. Artificial intelligence, drones, and deep space radar are among the technologies that will be used by Australia and its Aukus allies to counter China’s aggression in the Pacific.
Australia’s defence minister, Richard Marles, met with his counterparts from the United States and United Kingdom – Lloyd J Austin and Grant Shapps – in California on Saturday to announce the second “pillar” of the Aukus deal.
It came after the prime minister, Anthony Albanese, last month accused a Chinese naval ship of “dangerous, unsafe and unprofessional” behaviour after Australian naval divers were injured by sonar pulses said to have been emitted by a Chinese warship in the international waters off Japan.
Despite Australia’s thawing trade relationship with China, there is ongoing tension over the latter’s presence in the region.
Marles said on Saturday that the incident was “unsafe and unprofessional” and had been raised directly with China.
“We have made public our concerns about the behaviour,” he said.
“It highlights the need for this arrangement and it highlights the need for speed in this arrangement and I think you can see that speed.”
While Australia’s planned acquisition of nuclear-powered submarines has been the main focus of the Aukus pact, the second pillar focuses on advanced technologies.
AI technology will be used on systems – including on P-8A Poseidon aircraft – to process information from sonobuoys, which detect and transmit underwater data, to improve “our anti-submarine warfare capabilities”, according to a joint statement by the ministers.
AI algorithms and machine learning will also be used to “enhance force protection, precision targeting, and intelligence, surveillance, and reconnaissance”. (Source: News Now/https://uk.news.yahoo.com/)
01 Dec 23. NATO deepens cyber coalition with Asian partners. NATO countries wrapped up one their signature cybersecurity exercises in Estonia this week, welcoming South Korea and Japan to the proceedings as alliance officials seek like-minded governments to harden their collective virtual defenses.
The Cyber Coalition 2023 event in the country’s capital of Tallinn focused on sharing threat intelligence and responding to attack scenarios on virtual national critical infrastructure as well as targets and structures of military nature.
It involved 1,000 participants from almost every NATO nation, with the exception of Montenegro, Luxembourg and Belgium, who did not attend this year.
Newcomers Japan and South Korea, who in the previous edition were only observers, joined for the first time as full participants. Ukrainian officials were also present after having been absent since 2019.
“It was a logical next step for South Korea and Japan to be part of the exercise and is a sign of the deepening cooperation NATO sees with its Indo-Pacific partners,” David van Weel, NATO’s assistant secretary-general for emerging security challenges, said during a Nov. 28 media roundtable.
A few days ahead of the exercise, the Dutchman concluded a three-day visit to Japan to meet representatives from the ministry of defense. A statement released by the alliance said the meetings focused on discussing how to strengthen cyber defense cooperation between as well as technologies to defend against hybrid threats.
“There are more actors than just Russia conducting cyber-attacks – China and North Korea being two of them,” van Weel said. “The cyber coalition is crucial in raising our defenses, and we’ve seen an increase in the number of our partners in this sector as well.” (Source: C4ISR & Networks)
01 Dec 23. USN champions digital weaponry as decider of future fights. Neither ship nor torpedo alone will strike the deciding blow in future wars, rather the use of “non-kinetic effects” that may not be seen but still wreak havoc on enemy systems will increasingly determine outcomes, the U.S. Navy said in its inaugural cyber strategy.
Potential effects include jammed electronics, compromised networks and manipulated information consumed by troops and civilians alike, according to the 14-page document published this month. The military issues such frameworks to lay out its vision of the battle environment, both for internal accountability and external persuasion.
The new strategy is derived from years of lessons learned during cyber operations across the globe, according to Navy Secretary Carlos Del Toro.
“Alongside the physical domains, the Navy and Marine Corps must compete in cyberspace, defending American interests, enabling maritime dominance, and supporting integrated deterrence,” Del Toro wrote in the strategy. Doing so will require improved training, digitally hardened infrastructure and closer collaboration with private industry, among other investments.
“The challenges inherent to the cyber domain are considerable, but failing to mitigate cyber risks is not an option,” he continued. “I am confident this strategy provides the [Department of the Navy] with an effective road map to excel in cyberspace and compete with our adversaries on all fronts.”
The pledge to prioritize the virtual in order to greatly influence the physical comes as the Department of Defense positions itself to counter Russia and China after pouring decades of attention and manpower into the Greater Middle East. Both Moscow and Beijing wield significant online arsenals. The U.S. is monitoring the former’s capabilities as it continues to attack neighboring Ukraine and the latter’s as it menaces Taiwan.
Del Toro and former Chief of Naval Operations Adm. Michael Gilday foreshadowed the hierarchy in previous months. Del Toro in April told Congress he would improve the readiness of the cyber forces while also expanding “the integration of non-kinetic effects afloat.” Gilday has similarly said he wants waters dotted with uncrewed vessels that can spoof, spy and assist with the flow of fighting.
The Navy Cyber Strategy is in concert with — and references — the earlier and shorter Cyberspace Superiority Vision. In it, the service endorsed the ability to “fight hurt” alongside the tenets “secure, survive, strike.”
The blueprint puts a premium on resiliency, or the ability to shield sensitive systems with one arm while jabbing with the other. The Navy’s fiscal 2024 budget request featured bns of dollars for cyber, network and information warfare development.
“At the end of the day, the Department of Defense is here to engage our adversaries. The Columbia-class submarine does not deliver humanitarian aid,” Chris Cleary, then the Navy’s principal cyber adviser, said in 2022. “As we look at our ability to deliver effects in and through cyberspace, I want our adversaries to be every bit as nervous looking down the barrel of our non-kinetic capabilities as they are every one of our kinetic capabilities.” (Source: C4ISR & Networks)
01 Dec 23. Cyber Update Key points.
- The North Korean threat group ‘Lazarus’ is exploiting a zero-day vulnerability in software supply-chain attacks against South Korean entities (see Sibylline Cyber Daily Analytical Update – 27 November 2023 and our Technical analysis below).
- The threat actor ‘WildCard’ was observed using custom malware to target Israeli critical sectors in espionage operations since 2021 (see Sibylline Cyber Daily Analytical Update – 28 November 2023 and our Technical analysis below).
- A critical vulnerability (CVE-2023-49103) in software from the firm ownCloud is being actively exploited by threat actors.
- The Ukrainian hacking group ‘BLACKJACK’ collaborated with the Security Service of Ukraine (SBU) to target the Russian Labour Ministry in a data theft campaign (see Sibylline Cyber Daily Analytical Update – 30 November 2023).
- Finally, a suspected Chinese-speaking threat actor is using a new malware variant (‘SugarGh0st RAT’) to target South Korean and Uzbekistan government entities.
Technical analysis of weekly stories
North Korean threat actor ‘Lazarus’ exploited a zero-day vulnerability in a watering hold attack to target South Koreans users in a data theft operation. To initiate the attack, Lazarus compromised a media outlet’s website (also known as a watering hole attack), embedding malicious scripts into an article on the site. If users accessing that specific media outlet’s article originated within a specified IP address location aligning with the rules of the malicious injection, a script would then be executed to exploit the MagicLine4NX software vulnerability and obtain access to the targeted devices. The vulnerability affects all MagicLine4NX versions prior to 188.8.131.52. Once Lazarus obtained initial access, they established a connection to the command-and-control (C2) server and then used the data synchronization function of the MagicLine4NX software to move laterally, exfiltrate data and execute additional payloads.
Some non-exhaustive recommendations to mitigate this threat include:
- Ensure remediations for newly reported zero-day vulnerabilities are put in place as per instructions from the vendor of the software containing the vulnerability.
- Ensure there are adequate security detection measures in place, including end-point detection and response (EDR) solutions (such as anti-virus software)
- Conduct cyber hygiene awareness courses for users to enable them to recognise and report phishing attempts, prevent clicks on unknown or untrustworthy links, and avoid visiting sites that may be untrustworthy or suspicious.
A new threat actor, ‘WildCard’, is using the ‘SysJoker’ malware to target Israeli entities in a potential espionage operation. The SysJoker malware is a multi-platform backdoor that masquerades as legitimate system processes to trick users into running the malware on their machine. It is written in C++ coding language. WildCard developed new variants of the SysJoker malware that were then used in their most recent campaign against Israeli entities. These malware variants, ‘DMAdevice.exe’, and, ‘AppMessagingRegistrar.exe’, abuse legitimate tools such as OneDrive as its C2 host, but operate similarly to the SysJoker malware. The other observed backdoor variant, ‘RustDown’, is written in Rust and masquerades itself as a PHP framework component. It establishes persistence via running an obfuscated PowerShell command, but also otherwise operates very similarly to SysJoker.
Some non-exhaustive recommendations to mitigate this threat include:
- Monitor devices for suspicious traffic and activity.
- Ensure there are adequate security detection measures in place, including end-point detection and response (EDR) solutions (such as anti-virus software).
- Conduct cyber hygiene awareness courses for users to enable them to recognise and report phishing attempts, and prevent clicks on unknown or untrustworthy links.
The MITRE ATT&CK framework is a globally accessible documented collection of information detailing the malicious behaviours of cyber threat actors; it is used as the foundation for organising the processes which threat actors execute during cyber operations. It provides an encyclopaedic reference for organisations, highlighting the tactics, techniques and procedures (TTPs) cyber actors employ in campaigns, while also providing suggestions for detecting and mitigating against specific TTPs to bolster organisations’ security mechanisms. The framework organises a threat actor’s entire operational lifecycle from reconnaissance to exfiltration and impact.
Word(s) of the week
Our cyber word(s) of the week: Watering hole attack.
30 Nov 23. NATO to update artificial intelligence strategy amid new threats. NATO is set to update its artificial intelligence strategy to include generative AI amid an increase in cyber attacks on critical infrastructure and interference with government agencies.
The standard, described by the organization as a sort of quality control, is intended to clarify what is expected from industries, institutions and operational end-users across the alliance regarding the application of the technology.
Advancements in AI have rapidly made it an essential part of the defense alliance’s operations, especially in the cybersecurity domain to identify network vulnerabilities or monitor for anomalies in data access. Now NATO is looking to standardize processes to ensure that generative AI and other new tech can be also be utilized effectively and safely, according to David van Wheel, NATO’s assistant secretary general for emerging security challenges.
“The AI strategy endorsed by NATO in 2021, will be up for review next year and a new version will [eventually] be adopted, which will in part include language around generative AI,” he said during a media roundtable on Nov. 28.
Van Wheel said that while the initial strategy primarily defined the six principles guiding the responsible use of AI, NATO has been working on more recent initiatives to operationalize these concepts.
“Since February, NATO has been working on an AI intelligence certification standard aiming to translate the principles outlined in the 2021 strategy into concrete checks and balances, which is expected to be completed by the end of this year,” he said.
New forms of AI, of which ChatGPT is an example, are able to generate different types of content based on data provided by users. The more information it is given, the better the model learns and produces increasingly realistic outputs.
Some of the key concerns around generative AI are that given the significant amount of data it requires, the likelihood that sensitive intelligence could be misused or leaked by malicious actors is increasing. If not effectively protected, confidential documents could be exploited to create deep-fakes or spread misleading facts.
“We will make it [the revised strategy] as public as we can, to inform the public and those operating in the field of AI of what we are expecting,” van Wheel added.
An alarming number of cyber offenses have recently been reported worldwide ranging from attacks on critical infrastructure to interference with governmental agencies. For Russia specifically, cyber warfare has been an important aspect of its sustained efforts to disrupt Ukrainian networks throughout the war.
“Cyber is still playing a big role in Ukraine, it just doesn’t get the same attention as other types of attacks,” van Wheel said. “Even now, we’re seeing ongoing Russian attacks on Ukrainian data centers and energy infrastructure, which as winter approaches, will be even more critical.”
According to a Microsoft report, over the last year, 120 countries have been victims of cyberattacks, of which nearly half of the targets were NATO member-states.
“We will need AI to defend ourselves,” van Wheel said. (Source: Defense News Early Bird/C4ISR & Networks)
01 Dec 23. Asia: New RAT variant elevates espionage risks to government entities from Chinese-speaking actors. On 30 November, security firm, Cisco Talos, reported on a cyber espionage campaign delivering a new remote access trojan (RAT) (‘SugarGh0st RAT’) to government entities in Asia. The new RAT is a modified variant of the ‘Gh0st RAT’ malware that is delivered via phishing emails sent to South Korean users and Uzbekistan government entities. The RAT is capable of taking control over the infected machine, deleting files, running or terminating processes and keylogging, among others. This iteration of the RAT has altered features of the malware process to evade detection, highlighting its ongoing development to sustain a long-term undetected presence on targeted machines. Gh0st RAT is a common tool used by Chinese-speaking threat actors to conduct surveillance and espionage operations. Consequently, there is a realistic possibility that Chinese threat actors are behind this campaign, elevating further espionage risks to government entities in the region into 2024. (Source: Sibylline)
Spectra Group (UK) Ltd
Spectra Group (UK) Ltd, internationally renowned award-winning information security and communications specialist with a proven record of accomplishment.
Spectra is a dynamic, agile and security-accredited organisation that offers secure Hosted and Managed Solutions and Cyber Advisory Services with a track record of delivering on time, to spec and on budget.
With over 15 years of experience in delivering solutions for governments around the globe, elite militaries and private enterprises of all sizes, Spectra’s platinum and gold-level partnerships with third-party vendors ensure the supply of best value leading-edge technology.
Spectra was awarded the prestigious Queen’s Award for Enterprise (Innovation) in 2019 for SlingShot.
In November 2017, Spectra Group (UK) Ltd announced its listing as a Top 100 Government SME Supplier by the UK Crown Commercial Services.
Spectra’s CEO, Simon Davies, was awarded 2017 Businessman of the Year by Battlespace magazine.
Founded in 2002, the Company is based in Hereford, UK and holds ISO 9001:2015, ISO 27001:2013 and Cyber Essentials Plus accreditation.