cyber

February 13, 2018
Posted By George I. Seffers

Russia, Iran and North Korea are testing more aggressive cyber attacks against the United States and partner nations, according to the annual Worldwide Threat Assessment of the U.S. Intelligence Community delivered to Congress today by Dan Coats, director of national intelligence.

“The use of cyber attacks as a foreign policy tool outside of military conflict has been mostly limited to sporadic lower-level attacks. Russia, Iran and North Korea, however, are testing more aggressive cyber attacks that pose growing threats to the United States and U.S. partners,” the report states.

February 1, 2018
By Nicola Whiting
Credit: Mopic/Issarawat Tattong/Shutterstock

Advances in automated cyber weapons are fueling the fires of war in cyberspace and enabling criminals and malicious nation-states to launch devastating attacks against thinly stretched human defenses. Allied forces must collaborate and deploy best-of-breed evaluation, validation and remediation technologies just to remain even in an escalating cyber arms race.

February 1, 2018
Posted by Kimberly Underwood
The Joint Force Headquarters Department of Defense Information Network is fully operational, DOD reports. The network defense headquarters spent three years improving capabilities and building capacity to be able to secure and defend the military’s global network. DOD U.S. Strategic Command photo by Adam Hartman, of Petty Officer 2nd Class Ryan Allshouse using an intrusion detection system aboard the USS Ronald Reagan.

In the U.S. Cyber Command, the part of the cyber force that defends Defense Department networks, systems and vital information is fully up and running, the DOD reported.

The Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN) reached readiness after three years of building its capacity and capabilities to secure, operate and defend the DODIN, according to a DOD statement. To achieve full operational capability, JFHQ-DODIN participated in a number combatant command exercises and managed daily network operations to address and counter “significant” cyber threats, DOD said. The unit also deployed its six cyber protection teams to support high-priority military operations.

February 1, 2018
By George I. Seffers
Ultimately, lessons learned and technologies developed under the Next Generation Cyber Infrastructure Apex program will benefit other critical infrastructure industries, such as oil and gas.

Within the next 12 months, a fledgling program at the U.S. Department of Homeland Security will likely begin transitioning cybersecurity technologies to the finance sector in an effort to shore up the nation’s critical infrastructure. Technologies developed under the program ultimately could be made available to other sectors.

February 1, 2018
By Kimberly Underwood
 The European Union Agency for Network and Information Security, or ENISA, plays a collaborative role to bring Europe together to improve cybersecurity.

Europe is taking on several socio-technological initiatives, including developing a digital single market and tackling consumer financial services reform. Add the need to balance privacy concerns and safeguards across 28 member countries of the European Union, and it may seem like a tall order for policy makers to help strengthen information security.

Enter the European Union Agency for Network and Information Security, the European Union’s cybersecurity agency known as ENISA. The agency, founded in 2004, equips the European Union (EU) to prevent, detect and respond to cybersecurity problems.

February 1, 2018
By Kimberly Underwood
The distinctive collegial nature of universities makes them susceptible to cyber attacks, experts say. Credit: Jorge Salcedo/Shutterstock

Although universities can be part of larger cyber attacks as unwitting victims like any other organization or enterprise, the institutions are distinguished by a collegial nature that renders them vulnerable. Academia has a more open atmosphere and a mindset of research and collaboration, making universities an enticing cyber target even for adversaries such as nation-states

February 1, 2018
By James R. Rutherford and Gregory B. White
A proposed new cyber kill chain model modifies the previous one by adding an intelligence-gathering step as well as a step for execution of an attack and exfiltration of information. Credit: Denis Semenchenko/Shutterstock

Understanding the cyber kill chain and disrupting it could effectively defend against the most recent generation of cyber attacks. By scrutinizing the time and effort hackers invest in scoping out potential targets, network defenders can take advantage of several opportunities to block system access or, at the very least, drive up the cost, making attempts unappealing.

February 1, 2018
By George I. Seffers
A new project led by Lawrence Livermore National Laboratory aims to use distributed energy resources, such as customer-generated solar power, to enhance the electrical grid’s ability to recover quickly from blackouts or cascading outages. The work is funded through the U.S. Department of Energy’s Grid Modernization Initiative.

A new project headed by Lawrence Livermore National Laboratory aims to use microgrid resources to boost the electric grid’s ability to bounce back more rapidly from blackouts or cascading outages, such as those following major storms or earthquakes.

In less than three years, researchers will attempt to demonstrate the potential of distributed energy resources, including the energy produced by solar panels on homes, to help restore power to the grid from scratch, an effort commonly known as a black start. The black start process is now done manually using special generators that can provide power to slowly bring other generators back online.

January 25, 2018
By Maryann Lawlor
While the migration to the Joint Regional Security Stacks will transition ownership of security architecture from the Air Force to DISA, the squadron will retain operational control of traffic flow for Air Force networks. U.S. courtesy photo

The Defense Information Systems Agency (DISA) now offers service product packages to mission-partner authorizing officials to provide a holistic view of their information systems risk posture. The packages help ensure compliance for mission partners who have programs and systems hosted within the DISA computing ecosystem.

Control Correlation Identifiers (CCIs) within the service packages allow high-level policy framework requirements to be decomposed and associated with low-level security settings to determine compliance with the objectives of that specific security control.

January 24, 2018
 

The Army issued a contract to Lockheed Martin Missiles and Fire Control, Orlando, Florida, to help boost national cyber range capability, by allowing potentially virulent code to be introduced and studied on the range without compromising the range. The award is a $33,916,629 modification (P00036) to contract W900KK-14-C-0020. Work will be performed in Orlando, Florida, with an estimated completion date of May 25, 2019. Fiscal year 2017 and 2018 research, development, test and evaluation funds in the amount of $33,916,629 were obligated at the time of the award. U.S. Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity.

January 18, 2018
By Julianne Simpson
Lt. Gen. Rhett Hernandez, USA (Ret.) (far r), AWest Point chair to the Army Cyber Institute and former commander of the U.S Army Cyber Command, moderates the "Cyber Educator Perspective & Priorities" panel alongside (l-r) Jim Yacone, director of federal operations, SANS Technology Institute; Michael Moniz, Circadence Corporation; David Snow, University System of Georgia; and Robert Quinn, St. Leo University.

“The only way our nation is going to succeed in cyber is through public-private partnerships,” stated Major Gen. John B. Morrison, USA, commanding general, Army Cyber Center of Excellence and Fort Gordon, during an informal question and answer session over lunch at AFCEA’s Cyber Education, Research and Training Symposium.

Educators and industry leaders echoed the sentiment during afternoon panels on the second day of the conference.

January 18, 2018
By Julianne Simpson
ol. Paul Stanton, USA, commander, Cyber Protection Brigade, leads his subgroup during a workshop on research and development supporting the cyber training environment and tools at the Cyber Education, Research and Training Symposium.

A cyber training environment is essential to collective training proficiency and educational agility in the face of rapidly evolving threats. During a morning workshop focused on research and development supporting the cyber training environment and tools, attendees at the Cyber Education, Research and Training Symposium (CERTS) explored possible solutions in this environment, and offered thoughts and insights on the work ahead.

January 18, 2018
 

Assured Information Security Inc.,* Rome, New York, has been awarded a $47,974,580 cost-plus-fixed-fee contract for investigation of next-generation network operations and vulnerability assessment technology (INNOVATE). The objective of the INNOVATE effort is to provide new cyber assessment tools for high-priority, emerging or existing telecommunications technologies. Work will be performed in Rome, New York, and is expected to be complete by Jan. 10, 2020. This award is the result of a competitive acquisition and two offers were received. Fiscal 2018 research, development, test and evaluation funds in the amount of $4,000,876 are being obligated at the time of award.

January 17, 2018
By Julianne Simpson
Cyber operators (l-r) Lt. Col. Barian Woodward, USMC; Lt. Col. Angela Waters, USAF; Lt. Col. Benjamin A. Ring, Ph.D., USA; Lt. Jr. Clovis Guevara, USCG; and Col. Paul T. Stanton, USA, panel moderator, address attendees at AFCEA's first Cyber Education, Research and Training Symposium.

During the afternoon of the first day of AFCEA’s Cyber Education, Research and Training Symposium (CERTS), leaders from all five branches of the armed forces shared their perspectives on cyber education and training. Though all five laid out slightly different strategies and goals for their individual services, they all agreed they should leverage each other’s expertise and work together to figure out a way forward.

January 17, 2018
By Julianne Simpson
“How can we make security effective and intuitive, yet usable?" Col. Andrew O. Hall, USA, director, Army Cyber Institute, asked attendees at AFCEA's first Cyber Education, Research and Training Symposium.

Col. Andrew O. Hall, USA, director, Army Cyber Institute, opened AFCEA’s first Cyber Education, Research and Training Symposium (CERTS) with a cyberthreat update.

“How can we make security effective and intuitive, yet usable?” Col. Hall asked attendees at the sold out conference. “Efficiency is an area of weakness and easy to hack,” he added. But it’s necessary to perform missions.

The emerging threats to cybersecurity are growing. Col. Hall focused on the global supply chain, artificial intelligence (AI) weapons factories, information warfare and critical infrastructure.

November 30, 2017
By Julianne Simpson

AFCEA will host its first Cyber Education, Research and Training Symposium January 17-18 in Augusta, Georgia. The much-anticipated event, also known as CERTS, will connect military and agency stakeholders with solution providers from academia, business and research centers.

CERTS will feature keynote speakers, panels and breakout sessions promoting discussion between operators and supporting professionals. Featured speakers include Col. Andrew O. Hall, USA, director, Army Cyber Institute; Michael Hudson, deputy director, J-7, U.S. Cyber Command; and Lt. Gen. Paul Nakasone, USA, commanding general, Army Cyber Command.

January 9, 2018
By Maj. Gilberto S. Perez, USAF
U.S. Air Force Maj. Gilberto Perez, 39th Information Operations Squadron director of operations, offers lessons learned on leadership. Credit: Oregongal/Pixabay

Leadership starts with cultivating your core with a healthy and strong mind, body and soul. 

January 8, 2018
By Kimberly Underwood

Computer core processors using a "speculative execution" have a "serious security flaw," according to researchers from Google's Project Zero. The speculative execution functionality is "a technique used by most modern processors (CPUs) to optimize performance," according to Google’s Matt Linton, senior security engineer, and Matthew O'Connor, Office of the Chief Technology Officer. The flaws, dubbed "Spectre" and "Meltdown," make aspects of the computer memory vulnerable to cyber attacks.

January 1, 2018
By George I. Seffers
“The most important thing I will predict is that we will stop talking about the technology of cognitive computing. It will be simply a behavior that will be built into any newer system,” says Sue Feldman, a co-founder of the Cognitive Computing Consortium.

Millions of hits result from searching Google for the phrase “how cognitive computing will change the world,” reflecting the public’s big appetite for information about the emerging technology. But some experts foresee a time when the extraordinary is ordinary.

December 28, 2017
By David Mihelcic
Former DISA official David Mihelcic stresses the need to balance IoT convenience and benefits with cybersecurity needs. Credit: PIRO4D/Pixabay

The federal government has invested billions of dollars on Internet of Things (IoT) technologies over the past few years, but it may be compromising its security posture for better information. Certainly being able to share and access the information derived from connected sensors is vital to the protection of the United States and instrumental to military success. However, connected devices present enticing targets, as evidenced by the 2016 Mirai Botnet attack, which originated through vulnerable IoT devices.

Pages