The Defense Advanced Research Projects Agency (DARPA) selected Systems Technology & Research, Woburn, Massachusetts, for a research project under the Harnessing Autonomy for Countering Cyberadversary Systems (HACCS) program. The HACCS program aims to develop technologies for accurately identifying malicious cyber-adversary infiltrated networks, generating reliable software exploits for large numbers of known (n-day) vulnerabilities, and creating effective autonomous software agents that can be inserted in the compromised networks via the n-day exploits to safely and reliably neutralize cyber-adversary software agents.
Cyber Systems & Services Solutions, Bellevue, Nebraska, has been awarded a $15,603,744 indefinite-delivery/indefinite-quantity contract for cyber support services. This contract provides for a qualified team with expertise, theoretical and practical knowledge to support mission operations and mission support. Work will be performed at Lackland Air Force Base, Texas, and is expected to be complete by April 25, 2023. This contract was a competitive acquisition, and seven offers were received. Fiscal 2018 operations and maintenance funds in the amount of $2,929,723 are being obligated at the time of award. The 38th Contracting Squadron, Lackland Air Force Base, Texas, is the contracting activity (FA8773-18-D-8002).
Kudu Dynamics, Chantilly, Virginia, was awarded a $7,913,091 cost-plus-fixed-fee contract for a research project on the Harnessing Autonomy for Countering Cyberadversary Systems (HACCS) program. The HACCS program aims to develop technologies for accurately identifying malicious cyberadversary infiltrated networks, generating reliable software exploits for large numbers of known (n-day) vulnerabilities, and creating effective autonomous software agents that can be inserted in the compromised networks via the n-day exploits to safely and reliably neutralize cyberadversary software agents. Work will be performed in Chantilly, Virginia (85 percent); and Arlington, Virginia (15 percent), with an expected completion date of April 2022.
Researchers at the National Institute of Standards and Technology (NIST) have developed a method for generating numbers guaranteed to be random by quantum mechanics. Generating truly random numbers is one of the major challenges for quantum-based encryption and could mark a major leap in cybersecurity.
Sotera Defense Solutions Inc., Herndon, Virginia, was awarded a $7,284,383 cost-plus-fixed-fee contract for a research project under the Harnessing Autonomy for Countering Cyber-adversary Systems (HACCS) program. The HACCS program aims to develop technologies for accurately identifying malicious cyber-adversary infiltrated networks, generating reliable software exploits for large numbers of known (n-day) vulnerabilities, and creating effective autonomous software agents that can be inserted in the compromised networks via the n-day exploits to safely and reliably neutralize cyber-adversary software agents. Work will be performed in Herndon, Virginia, with an expected completion date of April 2022.
From an industry perspective there are many advantages to moving aspects of any organization to the cloud. In theory, cloud is more efficient and easier to manage, but organizations like the Defense Department need to make sure they are not bringing along their bad habits and old baggage with them. Legacy networks are hard to understand and have grown out of control in the last few decades. Cloud is as complex as legacy networks, but the difference is who or what is really maintaining them.
When combatant commanders plan an attack on an enemy stronghold, they know exactly what to do, including which intelligence reports to consider, where to send the ground troops, when to call in an air strike and when to jam the enemy’s radar. But ask those same commanders to attack the enemy in cyberspace and the response will be far less defined.
Amid the political scuffles on Capitol Hill about immigration, health care and budget legislation to keep the federal government open, cybersecurity is not necessarily one of the highest policy-making priorities. This must change, some lawmakers say. Cyber attacks, already plentiful and disastrous, will only increase in frequency and scale over time. The United States needs more protections and measures, especially at the federal level, according to some legislators.
Jack Finney’s science fiction classic Invasion of the Body Snatchers offered a frightening premise. In the novel, aliens in seed vessels descend to Earth, landing in a small California farming community. As the townsfolk sleep, these seeds replicate the earthlings and, by morning, replace them. The only discernible difference between the clones and their host bodies is that the clones lack emotion. In essence, the aliens have stolen the earthlings’ DNA, and the humans never saw it coming.
The idea of this happening is unimaginable—in the case of human bodies at least. However, one company replacing another company’s DNA then killing off the original entity is happening now in the invisible world of cyber.
The Internet of Things (IoT) has security issues. The fundamental weakness is that it adds to the number of devices behind a network firewall that can be compromised. Not only do we need to safeguard our computers and smartphones, now we must worry about protecting our homes, vehicles, appliances, wearables and other IoT devices.
NATO and the European Union are improving information sharing on the cyber threat and bolstering collaboration on potential solutions. The two organizations seek to increase the relevance of shared data and are discussing the potential for sharing classified information.
Amid stunning digital attacks that have not only rocked countries around the globe but also targeted alliance forces, NATO is sharpening its resolve to serve as a cyber protector. A forthcoming Cyber Operations Center will incorporate cyber warfare into NATO’s defense operations. In addition, NATO’s Cooperative Cyber Defence Centre of Excellence is boosting the organization’s cybersecurity-related research, exercises and instruction to meet the seemingly unending threats.
The U.S. Defense Department must move aggressively to better understand information warfare and its implications to national security. To propel the necessary next steps, the department must organize information resources not only to meet military cyberspace requirements but also to address how adversaries view U.S. cyber assets.
Although the nation has long dominated the communications and information systems landscape, past success makes it vulnerable in the future. Consequently, forces and the weapons platforms they rely on are increasingly susceptible to information attacks.
Every day, more and more government organizations are moving IT functions and data storage to the cloud. Early last month, the U.S. Department of Defense signed a multimillion-dollar contract to encourage organizations under its umbrella to move to the cloud. While the needs of public-sector entities differ from those of the private sector, there are some hard-won data security lessons corporations have learned—such as encryption key management and the use of cryptographic gateways—that can be useful for government organizations as they plan and execute a migration to the cloud.
A new smart phone application is illustrating the devastation that war has on the smallest citizens of the world. Introduced last week by the Geneva, Switzerland-based International Committee of the Red Cross, the application, called Enter the Room, uses augmented reality to create an immersive experience for users to see how conflicts impact children. The organization claims that it is the first use of augmented reality in humanitarian aid.
The U.S. Department of Homeland Security (DHS) Science and Technology Directorate has released two publications, the 2018 Cyber Security Division Portfolio Guide and the 2018 Cyber Security Division Technology Guide, to help transition mature cybersecurity solutions to the marketplace.
U.S. Army officials are applying a streamlined acquisition process known as an IT box to offensive cyber technologies.
The IT box acquisition concept includes four sides: developing the capabilities requirement, determining development costs, analyzing sustainment and operations costs, and providing oversight and management of the product.
Maj. Gen. John George, USA, force development director, Office of the Army Chief of Staff G-8, told the the AFCEA Army Signal Conference in Springfield, Virginia, that the Army is focusing on the IT box concept pretty heavily.
U.S. military officials may be enjoying increased funding under the fiscal 2018 and 2019 budgets, but an Army general is warning that the 2020 budget could return to sequestration levels—and young soldiers on the battlefield will be the ones paying the price for a failure to plan ahead.
The Department of Defense’s draft request for proposals for the Joint Enterprise Defense Infrastructure, known as JEDI, hit the streets on March 7. With this action, the U.S. military behemoth is pulling itself further toward acquiring commercial-based cloud solutions commonplace to everyone outside of DOD.
Industry responded in droves, packing into a ballroom in Arlington, Virginia, at an industry day to hear about the unique and potentially lucrative award to provide modern cloud services to the DOD.
Brig. Gen. David Krumm, USAF, deputy director for requirements, Joint Staff, warned the industry that JEDI is not an ordinary information technology contract.
To succeed in the battlespace of the future and to ensure combat superiority over peer adversaries, the U.S. military must be equipped with capabilities to defend information networks in cyberspace and to secure unimpeded access to the electromagnetic spectrum. Adversaries are developing cyber and electronic warfare capabilities to conduct information operations against U.S. systems that will likely threaten the speed and accuracy of military communications, intelligence and data sharing channels, while maliciously altering or stealing the information itself. These capabilities often have complementary effects, which means integrating cyber and electronic warfare could provide a stronger protection and attack capacity for U.S.