Cyber

July 1, 2020
By George I. Seffers
Credit: DR MANAGER/Shutterstock

Network data collection, analysis and sharing are core to cyber defense, and Tinisha McMillan is on a mission to improve all three.

As division chief for the Cyber Situational Awareness and NetOps Division within the Defense Information Systems Agency (DISA), McMillan is responsible for building and providing cyber analytics and tools to enhance the department’s cyber information sharing to protect the Department of Defense Information Network (DODIN).

July 2, 2020
By Robert K. Ackerman
Credit: Shutterstock/AlexLMX

Third of a multipart series.

The seeds of future telecommunications are being planted in China. But the question remains, will they take root globally?

China’s cyber policy has both economic and political sides to it. On the economic side, flooding the global market with subsidized Chinese-made technologies offers the chance for major financial rewards as this equipment and its services become ubiquitous. On the political side, introducing Chinese standards to the Internet and cellular service will give the nation control over both services and data.

July 1, 2020
By George I. Seffers
The NETCOM Network Enterprise Center provided extended information technology support to many of the units deploying in support of Joint Task Force-Civil Support during the COVID-19 pandemic. U.S. Army Cyber Command has now delegated to NETCOM some its authorities for protecting Army portions of the Department of Defense Information Network. U.S. Army photo by Spc. Chafelmer Kroll

The U.S. Army Cyber Command is transferring some of its cyber defense responsibilities for the service’s networks to the Army Network Enterprise Technology Command, commonly known as NETCOM. The change, which officially took effect on June 1, transfers authority for the Army’s worldwide regional cyber centers to NETCOM, allows Cyber Command to increase its focus on electronic warfare and information operations and provides one primary point of contact for warfighters in need of network support.

July 1, 2020
By Allison Annick
After serving in the U.S. Navy during World War II, Grace Hopper remained in the naval reserve. In 1952, her team at Remington Rand created the first compiler for computer languages, which was a precursor for COBOL. In this 1960 report, Hopper stands next to a mainframe computer that ran using COBOL. Courtesy of the Computer History Museum

At 61 years old, the common business-oriented language is the same age as many college kids’ parents. The coding language had its own exhibit in the Smithsonian National Museum of American History in 2013. Many in the industry now call it a “legacy language,” but its continued, widespread use tells a different story.

June 24, 2020
By Robert K. Ackerman
Credit: Shutterstock/Aleksandar Malivuk

Second of a multipart series.

China’s high-technology communications and networking industries are proposing a host of future capabilities to come if vendors cast their lot with companies such as Huawei and ZTE. But these new technologies, once ensconced, would lead their users down a path closed to others and open to Chinese government control, say Internet experts.

June 18, 2020
By Robert K. Ackerman
Credit: Shutterstock/AlexLMX

First of a multipart series.

The next-generation Internet proposed by Huawei and supported by the Chinese government would provide a platform for revolutionary capabilities while implementing repressive measures that would eliminate today’s open communication. At worst, it would place control of Internet content in the hands of a few masters. But even if it does not subsume the entire Internet, it would cripple the interoperability that has characterized the network’s value as an economic growth engine by creating separate and unequal Internets.

July 1, 2020
By Stephen Wood
Devices such as copiers have been updated with Internet connectivity, creating a potential risk as an entry point to the network. Credit: Andrey_Popov/Shutterstock

In the past two years, hackers have increasingly targeted Internet of Things devices to breach cybersecurity defenses. Because these devices are frequently not patched when software flaws are found, they represent a soft target for attackers. In 2017, 15 percent of all successful attacks exploited one of these device’s beachheads. By 2019, that number increased to 26 percent of all incidents with growth expected to continue, according to a recent analysis performed by Ponemon Institute.

July 1, 2020
By Capt. Alex M. Roberts, USAF
U.S. Marines with 8th Communication Battalion, II Marine Expeditionary Force Information Group, collaborate as part of Team Spartan during Cyber Fury 2020. Cyber Fury is an annual training exercise that allows Marines to simulate a series of cyberspace attacks by identifying and countering them. Credit: Lance Cpl. Haley McMenamin, USMC

With the 2020 election fast approaching and tensions with Iran continually shifting, many people are looking to U.S. Cyber Command to help ensure cybersecurity. The command faces an uphill battle because the current construct allows each service branch to retain tactical command of its organic cyber experts. To be more successful in the cyberspace domain, the command needs to take over tasking authority for all cyber-related units, establish a standardized joint cyber schoolhouse and establish a Joint Cyber Operations Command to perform joint, effects-driven cyber operations.

July 1, 2020
By Ryan René Rosado

The 2020 election may be the most vulnerable yet. Last year, several federal agencies released a joint statement identifying election security as a “top priority for the U.S.” However, some have proposed mail-in ballots due to the COVID-19 pandemic and consequences associated with not social distancing. Why are we going backward instead of forward? Reverting backward during a disaster only adds challenges and difficulties with an already broken voting system. We need to be proactive, not reactive, when electing leaders at all levels across the country.

June 17, 2020
Posted by Kimberly Underwood
Brig. Gen. Robert Lyman (USAF), director, Command, Control, Communications, and Cyber Systems Directorate, TCJ6, pictured center, speaks to Col. Mark Bradley, USAF, the TCJ6 deputy director at the U.S. Transportation Command (USTRANSCOM) on June 9. In July, Gen. Lyman will be joining the Pentagon as the Air Force’s assistant deputy chief of staff for Cyber Effects Operations, AF A2/A6. Photo by Michelle Gigante, USTRANSCOM/PA

Next month, Brig. Gen. Robert Lyman (USAF) will become the assistant deputy chief of staff for Cyber Effects Operations, the AF A2/A6, at the Pentagon, the U.S. Transportation Command announced on Monday. Gen. Lyman is currently dual-hatted as the director for Command, Control, Communications, and the Cyber Systems Directorate, TCJ6, at the command.

As the TCJ6 director, Gen. Lyman led the planning, integration, operations and maintenance of the Transportation Command’s, or USTRANSCOM’s, command, control, communications and computing (C4) systems, as well as guiding cyberspace mission assurance.

June 17, 2020
 

The one constant of cybersecurity is its rate of change. The technology you knew yesterday was acquired, bundled and updated into a consolidated tool that provides the solution for today. That consolidation is inevitable given the breadth of solutions and vendors working to address always-shifting security operations requirements. Not all segments of cybersecurity are responding equally to consolidation though. In particular, a critical segment that is long overdue, the security operations center (SOC), has not undergone its shift—yet.  

May 28, 2020
 

Zero Trust, a strategic security model to “never trust, always verify,” centers on preventing successful breaches by eliminating the whole concept of trust from an organization’s digital environment; instead, everything must be proven. 

June 1, 2020
By Kimberly Underwood
Advances in quantum information science will allow the military a different approach to communications and networking. Credit: Shutterstock

Across the U.S. Air Force’s research arm, scientists are developing quantum information science capabilities in four key areas of interest to the service: timing; sensing; communications and networking; and computing. Experts at the Air Force Research Laboratory, known as AFRL, are also investigating the development of enabling technologies, which will springboard the use of quantum capabilities in the four areas.

June 1, 2020
By Bryan C. Ward and Ryan D. Burrow
Hollis Roush, a Coast Guard Cadet intern at the Massachusetts Institute of Technology Lincoln Laboratories (MITLL), demonstrates a prototype representative industrial control system. Credit: Glen Cooper, MIT Lincoln Laboratory

Multiple decades of research have focused on building more secure and resilient systems by incorporating defensive techniques into computer systems. Such techniques range from enforcement-based defenses that apply some invariant to the execution of code on a machine to randomization-based defenses that enhance a system’s resiliency to attacks by creating uncertainty, diversity or dynamism in the internals of the system. Such defenses have evolved to address increasingly sophisticated attacks that bypass previous defensive technologies and minimize security-related overheads.

May 28, 2020
By Kimberly Underwood
Characteristics of cyber actors give clues as to who poses a credible threat, experts say. Credit: Shutterstock/BABAROGA

The persistence, frequency and destructiveness of cyber attackers in this day and age propels digital defenders to search the Internet to understand how attackers operate in order to thwart attacks or fix vulnerabilities. Amidst all of the nefarious activity, cyber defenders must discern between credible threat players and less dangerous actors. One company, New York-based Flashpoint, searches the deep web and the dark web to gain intelligence on malicious cyber activity, including where, when, why and how bad actors are operating. More and more, threat actors are selling stolen, sensitive or valuable information, or they are selling awareness of vulnerabilities of companies.

May 27, 2020
By Maryann Lawlor
Cybersecurity experts emphasize it’s important for businesses, no matter their size, to have a plan to protect their data and systems as well as recover from an inevitable cyber attack. Credit: Den Rise/Shutterstock

Rapid changes in technology create new security vulnerabilities that require small businesses to expend resources to remain compliant. Lack of guidance, definitions or policies place these companies in positions that require them to make security investments without fully understanding the need or outcome of the resources they are spending.

While government information technology firms are better staffed from a security perspective, those that provide other services often do not have enough employees or the expertise to operate their internal computer systems at a high level of security. This situation makes them ideal targets for adversaries.

May 20, 2020
By George I. Seffers
Network data gains value for the Defense Department amidst an increase in attacks during the COVID-19 pandemic. Credit: solarseven/Shutterstock

The COVID-19 pandemic presents a unique challenge for the Defense Department. More people are working remotely, networks are busier than ever and hackers from around the world seek to take advantage, driving up demand for more situational awareness data to keep those networks safe. And the Defense Information Systems Agency (DISA) continues to deliver that data under the most unusual of circumstances.

May 19, 2020
Posted by Kimberly Underwood
Credit: Shutterstock/Pogorelova Olga

The Space Force has announced that the planned satellite hacking challenge known as Space Security Challenge 2020: Hack-A-Sat would proceed as planned, but in a virtual format due to the pandemic. The Department of the Air Force and the Defense Digital Service's (DDS's) event includes an online qualification event May 22-24, followed by a final August 7-9. During the final, participants will attempt to reverse-engineer representative ground-based and on-orbit satellite system components to overcome planted “flags” or software code.

May 18, 2020
By Kimberly Underwood
The Defense Information Systems Agency’s Cyberspace Operations Directorate is relying on a so-called battle drill concept, pulling in teams of experts to troubleshoot and fix hard-to-solve communications challenges. Credit: Shutterstock/Gorodenkoff

The Cyberspace Operations Directorate within the Defense Information Systems Agency is employing a so-called battle drill concept to ensure communications and data are available to the combatant commanders, senior leaders or other key officials when required. The directorate is responsible for the global flow of information, especially in support of the U.S. military’s 11 combatant commands and other key Defense Department operations. The battle drill model collectively pulls together the resources needed to tackle complex communication and data issues.

May 15, 2020
By Rear Adm. Michael Brown, USN (Ret.)
End-to-end encryption will help the defense industrial base meet the requirements of the Cybersecurity Maturity Model Certification program, according to Rear Adm. Michael Brown, USN (Ret.). Credit: Jan Alexander/Pixabay

The Department of Defense (DOD) is dramatically increasing its digital security expectations for defense contractors and subcontractors. Having been on both sides of the partnership between government and the public sector, I am happy to see DOD is not only raising the bar on cybersecurity but also providing guidance on the implementation of cybersecurity best practices within the defense industrial base.

Pages