On September 29, 2017, 3e Technologies International Incorporated, Rockville, Maryland, was awarded a $16,163,099 modification to a previously awarded cost-plus-fixed-fee, firm-fixed-price contract (N00174-16-C-0046) to exercise option year one for continued implementation of a facilities critical infrastructure control and monitoring system interface to the Navy Virtual Perimeter Monitoring System that will allow for monitoring and control of critical facility infrastructure for potential operating hazards or intrusions.
With the Internet of Things promising—or perhaps threatening—to connect many more millions of devices, experts from industry, government and the military are urging action.
The critical infrastructure covers a lot of territory, including banking and finance, gas and oil, health care, agriculture, water distribution, transportation, communication, law enforcement and emergency services. Many outdated and poorly secured computers, experts say, operate a great deal of that infrastructure. Additionally, commercial or private entities own the vast majority of the infrastructure, meaning that government has little authority to protect it.
The U.S. federal government has not yet told state-level election officials whether their election systems were hacked by the Russians.
— George Seffers (@gseffers) September 7, 2017
A cyber strike may not be the most effective deterrent against adversaries, Tom Bossert, assistant to the president for homeland security and counterterrorism, National Security Council, told the audience at the 2017 Intelligence and National Security Summit in Washington, D.C.
If a “bad actor” is engaging in increasingly unacceptable behavior, he said, “I think what we’ll have to do is punch him in a way that’s real-world and not cyber-world.” Deterrent actions will be “commensurate with the expense” and also will be done in such a way that it will not “create a long-term escalatory posture.”
The U.S. government is expanding and enhancing training on how to protect the nation’s critical infrastructure from both cyber and physical attacks.
For more than a decade, the U.S. Department of Homeland Security (DHS) has offered a wide array of free training programs to government and private-sector infrastructure owners and operators. Critical infrastructure provides the essential services that underpin American society and serves as the backbone of the nation’s economy, security and health. It includes defense, transportation, finance, communications and other sectors.
Now that Donald Trump has become the 45th president of the United States, he will be exposed to the nation’s soft underbelly: cybersecurity. Given rapid advancements in information and communication technologies, continued coupling of the digital domain with the physical world and advanced persistent threats, critical infrastructure protection poses a major challenge for the United States.
This is where the president should focus his efforts. But is either the Department of Homeland Security or the Defense Department the right agency for cyber protection?
When we think about critical infrastructure, specifically the sectors the Department of Homeland Security has deemed essential to the wellbeing of the country, rarely does the idea center on public networking assets to support critical infrastructure. But a rapid transformation of network technology and security improved processes so that agencies now can take advantage of combined public and private networking to accomplish information technology goals.
U.S. military and civilian experts on protecting critical infrastructure control systems debated whether a cyber attack on common information systems or on industrial control systems would be more deadly in response to an audience question at the AFCEA TechNet Asia-Pacific conference in Honolulu.
The Department of Homeland Security’s Critical Infrastructure Security and Resilience (CISR) month serves as a reminder to not only understand, but appreciate, the various critical infrastructure sectors that play vital roles in the national and economic security of the United States. As a veteran of the telecom industry, my focus is to support those network infrastructure centers underlying these sectors. How do we improve networking capabilities within these sectors, not only addressing today’s complicated requirements, but allowing for continued innovation?
Discussions about the nation’s critical infrastructure usually focus on aging networks, some more than 50 years old. A most stunning fact was highlighted in a recent a Government Accountability Office report, which revealed some Defense Department control systems still use 8-inch floppy disks to store data related to nuclear operations.
Efforts to increasingly digitize networks that run the nation’s critical infrastructure enterprises also are boosting attack surfaces and vulnerabilities in an enduring cybersecurity contest in which hackers target those weaknesses with an elevated furor, experts admonished during a panel discussion on the issue.
The strongest assembled securities available today can’t fully safeguard the nation’s critical infrastructure assets. But the good news is that these vulnerabilities are front and center on official radars and primed for increased attention. For starters, the Department of Homeland Security (DHS) has designated November as Critical Infrastructure Security and Resilience (CISR) month.
AFCEA TechNet Augusta 2016
The SIGNAL Magazine Online Show Daily, Day 2
Quote of the Day:
“There isn’t a warfighting function that isn’t impacted by cyber, so securing, operating and defending the Army portion of the DODIN is a core warfighting capability.” —Ronald Pontius, deputy to the commanding general, U.S. Army Cyber Command and Second Army
On day two of the AFCEA TechNet Augusta conference, cyber experts from across the military and industry openly and bluntly discussed the challenges of cybersecurity.
When a hacker talks about a novel way to disrupt the power grid, people listen. At least that was the case on day two of the AFCEA TechNet Augusta conference taking place in Augusta, Georgia.
Shawn Wells, chief security strategist, public sector, Red Hat Inc., who was once busted—and then hired—by the NSA for breaking into the networks at Johns Hopkins University, said he recently learned at a Department of Energy cyber conference about a creative technique hackers used to mess with power distribution.
Wells did not specify when the attack took place.
A more diverse group of players is generating a growing threat toward all elements of the critical infrastructure through cyberspace. New capabilities have stocked the arsenals of cybermarauders, who now are displaying a greater variety of motives and desired effects as they target governments, power plants, financial services and other vulnerable sites.
But concerns come from not just evolving and future threats. Malware already in place throughout critical infrastructure elements around the world might be the vanguard of massive and physically destructive cyber attacks launched on the say-so of a single leader of a nation-state. Physical damage already has been wrought upon advanced Western industrial targets.
Imagery captured from unmanned aerial vehicles (UAVs) can be up to 10 times less expensive than from manned aircraft or satellites, prompting government agencies and private farmers alike to investigate using the economical method to scan miles and miles, from power lines for infrastructure maintenance to railroads for servicing or acres of farmland for precision agriculture.
The topic of critical infrastructure protection has been around for decades. In May 1998, President Bill Clinton issued Presidential Decision Directive (PDD)-63 on the subject of critical infrastructure protection. This represented a decision formally recognizing that key elements of our national infrastructure were critical to national security, the economic vibrancy of the United States and the general well-being of our citizenry. The PDD further highlighted the necessary actions to preserve and ensure the continuity of these critical infrastructures. In the wake of the terrorist attacks of September 11, 2001, President George W.
3e Technologies International Inc., Rockville, Md., is being awarded a $9,861,065 modification to previously awarded contract to design, develop, implement, test, deliver and install a functional and efficient facilities critical infrastructure control and monitoring system to increase infrastructure readiness and optimize critical systems, including energy and other systems. This SBIR Phase III extension effort is to integrate the technologies and concepts established under previous Phase I, II and III tasks with new and more advanced technologies and concepts. The Naval Surface Warfare Center, Indian Head, Md., is the contracting activity.
3e Technologies International Incorporated, Rockville, Maryland, is being awarded a $9,923,241 contract for the design, development, integration, testing and implementation of critical infrastructure sensor network at government sites for the Naval Surface Warfare Center, Corona Division. Work will be performed in Commander, Naval District Washington. Naval Surface Warfare Center, Port Hueneme Division, Port Hueneme, California, is the contracting activity.
3e Technologies International Incorporated, Rockville, Maryland, is being awarded a $9,408,612 contract modification to design, develop, implement, test, deliver, and install a functional and efficient facilities critical infrastructure control and monitoring system to increase infrastructure readiness. This requirement is for Facilities Critical Infrastructure Control and Monitoring System to extend current Navy Virtual Perimeter Monitoring System capabilities for Naval District Washington.