The U.S. Indo-Pacific Command is incorporating new cyber technologies and standards as it strives for greater interoperability among a growing number of allies and potential partners. This increased reliance on cyber is viewed by command leadership as essential for maintaining effective military capabilities in the face of a growing kinetic and cyber presence by diverse adversaries.
Part one of a two-part series.
Nothing keeps Defense Department leaders up at night more than today’s cyber threat. This heightened concern was clearly reflected in the September 2018 DoD Cyber Strategy, which noted that “competitors deterred from engaging the United States and our allies in an armed conflict are using cyberspace operations to steal our technology, disrupt our government and commerce, challenge our democratic processes, and threaten our critical infrastructure.”
Officials from several federal agencies testified on Wednesday as to the effectiveness of the government’s cloud accreditation process, the Federal Risk and Authorization Management Program, with mixed reviews. Most witnesses before the U.S. House of Representatives Committee on Oversight and Reform’s Subcommittee on Government Operations hearing, entitled To the Cloud! The Cloudy Role of FedRAMP in IT Modernization, confirmed the positive benefits of the program.
On Friday, the U.S. House of Representatives passed their version of the National Defense Authorization Act for Fiscal Year 2020, H.R. 2500, by a vote of 220-197. Known as the NDAA, the annual legislation authorizes policy measures for the Defense Department. It varies from the Senate’s bill, S. 1790—passed on June 28—which the two legislative bodies will have to reconcile before sending a final NDAA to the president.
The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.
The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry.
This is grossly incorrect.
Meta: We examined the simulated phishing data of our federal customers and identified three tips program administrators and decision-makers in these organizations can use to strengthen their security awareness training efforts.
U.S. federal government agencies face ongoing scrutiny from virtually all angles, but cybersecurity has leapt to the forefront in recent years. From safeguarding elections to defending against nation-state attacks, federal organizations (and their workers) face many sophisticated and high-profile threats—in addition to day-to-day issues that impact data and system security.
The military and the government in the United Kingdom are employing cloud computing, big data, data analytics, Internet of Things devices, artificial intelligence, augmented reality and blockchain more often, according to recent study from London-based Frost & Sullivan, entitled Digitalization in Defense.
The result improves the continuity of operations and brings the military to a higher level of combat readiness, said Alix Leboulanger, senior industry analyst of defense at Frost & Sullivan.
The U.S. Army is building a tighter relationship with industry to tap commercial expertise and avoid long procurement delays that often render new information technologies obsolete before they are fielded.
At the heart of this effort is Cherie A. Smith, program executive officer for enterprise information systems (PEO EIS), U.S. Army. After she assumed her position last year, Smith relates, she focused on making promises and seeking help. Since then, she has emphasized a shared relationship with industry.
Global, asymmetrical threats now dominate attacks on nations and businesses alike, and the enemy is not always immediately knowable, identifiable or even seen. These realities are forcing leaders to invest more resources into analytics, as well as intelligence, surveillance, reconnaissance and other 21st century responses to cyber bombardments today.
Adversaries are exploiting the inherent vulnerabilities of U.S. military supply chains that involve tens of thousands of private sector providers from all over the globe. Attack operations include stealing valuable technical data; striking critical infrastructure, manufacturing and weapon systems control systems; corrupting the quality and assurance across a broad range of product types and categories; and manipulating software to access connected systems and to degrade systems operation integrity.
Members of the Missouri National Guard Cyber Team are launching a nonprofit organization to share RockNSM, a system initially built by cyber warriors for cyber warriors.
RockNSM is a network security monitoring platform that uses open source technologies, such as CentOS, which is an operating system derived from the RedHat enterprise-level open source system. RockNSM formed the basis for a Task Force Echo network anomaly detection system used for real-world cyber operations.
The Defense Department is pursuing an aggressive software development program, called the DOD Enterprise DevSecOps Initiative. The effort is focused on bringing automated software tools, services and standards to DOD programs so that warfighters can create, deploy and operate software applications in a secure, flexible and interoperable manner, explained Nicolas Chaillan, chief software officer, U.S. Air Force, co-lead of the DOD Enterprise DevSecOps Initiative. The program is a joint effort of the DOD’s Chief Information Officer, Office of the Undersecretary of Defense for Acquisition and Sustainment and the services, he said.
Artificial intelligence and machine learning techniques could help information and network defenders recognize patterns of potential attackers so their next moves can be proactively blocked. In addition, cyber tools enhanced with these capabilities could provide a much more detailed picture of the cyber battlefield and increase the potential of success in a cyber campaign. This knowledge would complement the kinetic battlefield and could permit war planners to choose the appropriate mix of cyber and kinetic operations.
National Guard members conducting cyber operations found themselves poorly equipped to meet some of the real-world challenges they faced, so they banded together and built the system they needed on a shoestring budget. That system detects anomalous behavior on the network, reduces the number of analysts and enriches network data provided to data scientists.
Social engineering and its impacts on organizations worldwide are hot topics in infosec circles—for good reason. It’s no secret that cybercriminals use email-based phishing prolifically, in both broad and targeted attacks. But what are infosec teams—the boots on ground in the cyber war—experiencing in terms of impacts, and are they effectively managing risk?
Personnel working in cyber must continually look for opportunities to learn, say cyber professionals from across government.
During a morning panel discussion on the final day of the AFCEA TechNet Cyber conference in Baltimore, high-ranking officials from the Defense Department, Department of Homeland Security and National Security Agency discussed a wide range of issues concerning the cyber workforce today and tomorrow.
In an effort to secure the digital supply chain for the United States, President Trump issued a policy on May 15 prohibiting the trade of information and communications technology or services designed, developed, manufactured or supplied by adversaries.
The Executive Order on Securing the Information and Communications Technology and Services Supply Chain states that the risk of using such technology and services constitutes a national emergency.
The Defense Information Systems Agency (DISA) is acquiring an array of cutting-edge technologies using rapid development processes and could begin fielding some of those technologies within the next two years.
Discussions about data may need to become as integral to military operational planning as kinetic weapons and physical targets, say two of the top cyber leaders in the U.S. Defense Department.
Gen. Paul Nakasone, USA, director of the National Security Agency and commander of U.S. Cyber Command, and Dana Deasy, Defense Department chief information officer, stressed the importance of data during a fireside chat on the first day of the AFCEA TechNet Cyber conference in Baltimore.
The Defense Information Systems Agency (DISA) is challenged with a significant personnel shortage, including information technology, spectrum and cybersecurity experts.
Vice Adm. Nancy A. Norton, DISA director and commander of the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), told the audience at the AFCEA TechNet Cyber 2019 conference in Baltimore that the agency is seeking to hire personnel in a number of areas.