Cyber

October 1, 2016
By Wesley Kaplow

Sixth in an ongoing series of articles

The intelligence community recently has directed activity toward creating common resources to increase collaboration and speed up the delivery of information technology tools for the government. The need for modern and cost-effective information technology solutions is paramount. However, complex, paper-heavy, time-consuming information-assurance processes steal capital required to modernize. This unproductive cycle affects both U.S. government systems and the industrial base that develops mission systems for the government.

October 1, 2016
By Sandra Jontz
Soldiers of the U.S. Army Cyber Protection Brigade (CPB) conduct defensive cyberspace operations in August at the National Training Center at Fort Irwin, California. Elements of U.S. Army Cyber Command (ARCYBER) are participating in a training rotation as part of the ongoing ARCYBER-led Cyber Support to Corps and Below pilot program.

The U.S. Army aims to move sophisticated offensive and defensive cyber operations out of a headquarters environment to the front lines as it prepares its mission force to adapt to and prevail in the critical cyber warfighting domain.

September 29, 2016
By Sandra Jontz

The Office of Personnel Management (OPM) is launching its new background investigation service following a White House directive to address shortcomings and cyber vulnerabilities that have plagued the agency. Charles Phalen Jr., a former CIA director of security, will be the director of the National Background Investigations Bureau (NBIB) starting October 1.

September 15, 2016
By J. Wayne Lloyd

When it comes to cybersecurity, I have heard many people express consternation and wonderment as to why the government cannot protect the Internet. It boils down to two things: No authorization, and officials only have visibility into a scant number of networks under their control. 

September 22, 2016

Yahoo Inc. released a statement Thursday informing customers that at least 500 million user accounts were stolen from its network in 2014 by what company officials labeled a "state-sponsored actor."

The hacked account information might have included customer names, email addresses, telephone numbers, birth dates, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers, according to a company statement. The release does not identify the nation officials believe are behind the hack. 

September 7, 2016
By Sandra Jontz
Director of National Intelligence James Clapper speaks at the Intelligence & National Security Summit. Photo by Herman Farrer Photography

Cybersecurity will remain as much of a challenge for the next administration as it has been for the current White House, especially in light of the constant barrage of cyber attacks from nation states, Director of National Intelligence James Clapper said Wednesday.

“The Russians hack our systems all the time, not just government but corporate and personal systems,” Clapper said on the inaugural day of at the Intelligence & National Security Summit (INSS) in Washington, D.C. The two-day conference, sponsored by AFCEA International and the Intelligence and National Security Alliance (INSA), runs through Thursday.

September 1, 2016
By Wesley Kaplow

Fifth in an ongoing series of articles 

The U.S. government must bring its key software providers into the secure environment and use them as trusted partners in delivering and supporting their products. In many cases, these providers are not only the best sources of trusted software but also the only sources. Holding them contractually liable for certifying their products and delivering them directly to the end system may be the only way to reduce the time to furnish baseline systems, streamline costs and maintain product integrity and security.

September 1, 2016
By Ryan René Rosado

The U.S. Defense Department and the federal government could piggyback on the recent blockbuster popularity of Pokemon Go, the location-based augmented reality game that catapulted some couch potatoes from their sofas to the great outdoors, to transform cyber training. The mobile app, an overnight international sensation, combines the virtual world of Pokemon with the real world in which people live.

The gaming craze offers insights on how to excite people to partake in—and really learn from—cybersecurity training.

August 18, 2016
By Sandra Jontz

The U.S. Defense Department unveiled Thursday a bold information technology and cybersecurity road map that modifies its approach on several efforts in the rapidly changing environments. The guide positions the department’s IT infrastructure and processes for a broad impact, in addition to hopes of greater security and scrutiny, said its chief information officer, Terry Halvorsen.

August 30, 2016
By Robert B. Dix Jr.

With all of the public and media attention around high profile cyber attacks such as the Office of Personnel Management (OPM) breach and the Sony hack, it is easy to understand why many in government, as well as others, continue to focus on the consequences associated with major cybersecurity events.

August 16, 2016
By Mav Turner

When we think of cyber attacks, we generally picture a lone wolf hacker or Anonymous-type organization. But foreign governments are also formidable threats. Take a moment to scan the headlines and you’ll see that articles about cyber hacks on Sony Pictures Entertainment and the Democratic National Committee—among many others—have been attributed to North Korea and Russia.

August 10, 2016
By Sandra Jontz
Nischit Vaidya (c), stands with his mother Mira Vaidya and father Niranjan Vaidya. Vaidya started a scholarship in his parents' names for cyber students at Capitol Technology University. Two students, a male and a female, will receive $1,000 each this fall. Photo courtesy Nischit Vaidya.

When students studying cybersecurity return to Capitol Technology University in Maryland this fall, cash scholarships donated by a former adjunct professor will aid at least two of them.

Nischit Vaidya, president and CEO of Argotis, is driven by a love of education and a desire to give back to his community. The new scholarship program—created in his parents' names—accomplishes that quest and provides a legacy honoring his parents, who endured years of hard work and worry to see their son succeed, he says. “For me, the biggest thing is my mom and dad.”

August 9, 2016
By Robert K. Ackerman
The SANS Institute’s VetSuccess program aims to move veterans into private sector cybersecurity jobs via targeted training and corporate sponsorships.

A private cybersecurity institute is plucking U.S. veterans with related experience, training them and placing them with commercial firms where they can help develop solutions that ultimately could benefit their former services. Government and the military increasingly are calling on industry to provide them with effective cybersecurity, and this program aims to tap the expertise of former military cyber warriors as part of that private sector effort.

August 9, 2016
By Sandra Jontz

The Office of Personnel Management (OPM) announced Tuesday it has appointed David DeVries as its new chief information officer. DeVries now leaves the Defense Department, where he serves as the department’s principal deputy chief information officer under Terry Halvorsen.

August 8, 2016
By Marvin Marin

One often-overlooked aspect of software development is how much programmers rely on open source libraries and packages for prewritten functions. Instead of writing code from scratch, or even copying and pasting code from one program into a new one, programmers often rely on what is called a dependency, the technical term for a shortcut to code maintained by a cloud service provider. Using the method makes a new program dependent on the existence and availability of that particular module. If that dependency is not available or the code functionality is broken, the entire program fails.

August 4, 2016
By George I. Seffers
Panelists discuss requirements for innovative solutions, primarily in the cyber realm, at AFCEA TechNet Augusta 2016.

AFCEA TechNet Augusta 2016
The SIGNAL Magazine Online Show Daily, Day 3

Quote of the Day:
“We need a network environment where cybersecurity and cyber situational awareness is, in real time, capable of automated response, reacting at machine speed, self-diagnosing and self-healing.”—Gen. Dennis Via, USA, commander, Army Materiel Command

Officials with the Army’s Materiel Command (AMC) have initiated discussions with Army Cyber Command officials to see if the command can play a greater role in the cyber arena, according to Gen. Dennis Via, USA, AMC commander.

August 3, 2016
By George I. Seffers
A TechNet Augusta panel discusses critical infrastructure protection.

AFCEA TechNet Augusta 2016
The SIGNAL Magazine Online Show Daily, Day 2

Quote of the Day:
“There isn’t a warfighting function that isn’t impacted by cyber, so securing, operating and defending the Army portion of the DODIN is a core warfighting capability.” —Ronald Pontius, deputy to the commanding general, U.S. Army Cyber Command and Second Army

On day two of the AFCEA TechNet Augusta conference, cyber experts from across the military and industry openly and bluntly discussed the challenges of cybersecurity.

August 3, 2016
By George I. Seffers
Corrupting GPS data can disrupt the power grid, says one expert at the AFCEA TechNet Augusta conference.

When a hacker talks about a novel way to disrupt the power grid, people listen. At least that was the case on day two of the AFCEA TechNet Augusta conference taking place in Augusta, Georgia.

Shawn Wells, chief security strategist, public sector, Red Hat Inc., who was once busted—and then hired—by the NSA for breaking into the networks at Johns Hopkins University, said he recently learned at a Department of Energy cyber conference about a creative technique hackers used to mess with power distribution.

Wells did not specify when the attack took place.

August 3, 2016
By George I. Seffers

One of the biggest advances in the near future likely will be the convergence of major military networks into one unified Department of Defense Information Network (DODIN), predicts Ronald Pontius, deputy to the commanding general, U.S. Army Cyber Command and Second Army. And that network will be operated and maintained by Signal Corps soldiers.

August 2, 2016
By George I. Seffers
Maj. Gen. Stephen Fogarty, USA, commander, U.S. Army Center of Excellence, speaks at TechNet Augusta on August 2, 2016.

The Russian Federation forces are using a wide array of cyber and electronic warfare capabilities unlike anything U.S. forces have faced in the past 16 years. Russia uses its sophisticated capabilities to detect, locate and eliminate enemy forces, according to Maj. Gen. Stephen Fogarty, USA, commander, U.S. Army Center of Excellence.

Gen. Fogarty made the comments as the first speaker for AFCEA’s TechNet Augusta conference, Cyber in the Combined Arms Fight, taking place in Augusta, Georgia, August 2-4.

Pages