Native plant life could join traffic cameras, motion detectors and enemy sensor systems as future sources of battlefield information if the U.S. Army Research Laboratory has its way. The laboratory is applying the Internet of Things approach to theater command, control, communications, computers and intelligence as it plans to equip soldiers and their leaders with vital knowledge from nontraditional information sources, and it is leaving no stone—or crop—unturned in its efforts.
The Department of Defense Joint Enterprise Standards Committee today has listed the Software Communications Architecture (SCA) version 4.1 as a mandated tactical radio standard in the department’s Information Technology Standards Registry (DISR) and retired SCA version 2.2.2.
The SCA is an open architecture framework that defines a standard way to instantiate, configure and manage waveform applications running on a radio hardware platform. The SCA decouples waveform software from its platform-specific software and hardware, facilitates waveform software reuse and minimizes development expenditures.
Where some see challenges, others see opportunities. It sounds like a motivational poster, but that is exactly how researchers at the National Security Agency view the Internet of Things, or the IoT.
“We approach IoT a little differently than everybody else. Everybody’s talking about all the security problems. That’s certainly fair, but we look at IoT as an opportunity in terms of the security goals we can accomplish,” says George Coker, chief, Information Assurance Research Group, National Security Agency (NSA).
The military tackles many challenges in its cyber ecosystem—a diverse group of human users, processes and technologies and their interactions—by striving for uniformity across its hardware, software and operating systems. But standardization also can create large holes in the cyber environment, weakening defenses and contributing to successful cyber attacks. Coming at cybersecurity from a different angle could leverage differences in favor of network defenders.
Without a doubt, system consistency has its benefits. Using the same operating systems, applications, switches, routers and other components across networks reduces complexity and lowers the cost of equipment maintenance as well as defense.
Artificial intelligence is one of the most influential forces in information technology. It can help drive cars, fly unmanned aircraft and protect networks. But artificial intelligence also can be a dark force, one that adversaries use to learn new ways to hack systems, shut down networks and deny access to crucial information.
The next-generation airborne missile control system being developed by the U.S. Air Force will take advantage of modern communications and electronics systems such as software-defined radios to provide a number of capabilities, including improved cybersecurity.
Part of the Office of Naval Research’s efforts in command, control, communications and computers is to provide key analytical tools to planners, analysts and commanders swamped by data. To that end, the office, known as the ONR, is conducting basic and applied research in applications that will cut maneuver planning time, expand access to data, enhance analytical processing and improve predictions. The tools are meant to improve decision making across antisubmarine warfare, integrated air and missile defense, electromagnetic maneuver warfare, and expeditionary and integrated fires missions.
Many cybersecurity methods and products are available to protect wireless networks from intrusion, but security concerns go well beyond the risks to Wi-Fi. The combination of legacy wireless systems and Internet of Things vulnerabilities number in the hundreds, and all radio frequency protocols are at risk.
The billions of bits and bytes that make government services, information sharing and even shopping easier also open the doors for adversaries to gather intelligence that aids their nefarious pursuits. AFCEA International’s Cyber Committee has published a white paper that describes several ways big data analytics can help cybersecurity analysts close those doors or at least shrink the gap and reduce vulnerabilities.
Mobile devices used by federal employees continue to be susceptible to malicious cyber attacks. Email accounts, stored documents, microphones and cameras on the devices still present avenues of entry for bad actors.
Complicating the matter are conflicting governmental compliance policies, misconceptions of security measures and naivety about the exact risks, a recent survey concluded. Many agencies are still ill equipped to handle these incidents. Moreover, even if policies are in place, employees do not always follow them, and intrusions still happen, according to the report, "Policies and Misconceptions: How Government Agencies are Handling Mobile Security in the Age of Breaches," prepared by San Francisco-based Lookout Inc.
Russia, Iran and North Korea are testing more aggressive cyber attacks against the United States and partner nations, according to the annual Worldwide Threat Assessment of the U.S. Intelligence Community delivered to Congress today by Dan Coats, director of national intelligence.
“The use of cyber attacks as a foreign policy tool outside of military conflict has been mostly limited to sporadic lower-level attacks. Russia, Iran and North Korea, however, are testing more aggressive cyber attacks that pose growing threats to the United States and U.S. partners,” the report states.
Advances in automated cyber weapons are fueling the fires of war in cyberspace and enabling criminals and malicious nation-states to launch devastating attacks against thinly stretched human defenses. Allied forces must collaborate and deploy best-of-breed evaluation, validation and remediation technologies just to remain even in an escalating cyber arms race.
In the U.S. Cyber Command, the part of the cyber force that defends Defense Department networks, systems and vital information is fully up and running, the DOD reported.
The Joint Force Headquarters (JFHQ) Department of Defense Information Network (DODIN) reached readiness after three years of building its capacity and capabilities to secure, operate and defend the DODIN, according to a DOD statement. To achieve full operational capability, JFHQ-DODIN participated in a number combatant command exercises and managed daily network operations to address and counter “significant” cyber threats, DOD said. The unit also deployed its six cyber protection teams to support high-priority military operations.
Within the next 12 months, a fledgling program at the U.S. Department of Homeland Security will likely begin transitioning cybersecurity technologies to the finance sector in an effort to shore up the nation’s critical infrastructure. Technologies developed under the program ultimately could be made available to other sectors.
Europe is taking on several socio-technological initiatives, including developing a digital single market and tackling consumer financial services reform. Add the need to balance privacy concerns and safeguards across 28 member countries of the European Union, and it may seem like a tall order for policy makers to help strengthen information security.
Enter the European Union Agency for Network and Information Security, the European Union’s cybersecurity agency known as ENISA. The agency, founded in 2004, equips the European Union (EU) to prevent, detect and respond to cybersecurity problems.
Although universities can be part of larger cyber attacks as unwitting victims like any other organization or enterprise, the institutions are distinguished by a collegial nature that renders them vulnerable. Academia has a more open atmosphere and a mindset of research and collaboration, making universities an enticing cyber target even for adversaries such as nation-states
Understanding the cyber kill chain and disrupting it could effectively defend against the most recent generation of cyber attacks. By scrutinizing the time and effort hackers invest in scoping out potential targets, network defenders can take advantage of several opportunities to block system access or, at the very least, drive up the cost, making attempts unappealing.
A new project headed by Lawrence Livermore National Laboratory aims to use microgrid resources to boost the electric grid’s ability to bounce back more rapidly from blackouts or cascading outages, such as those following major storms or earthquakes.
In less than three years, researchers will attempt to demonstrate the potential of distributed energy resources, including the energy produced by solar panels on homes, to help restore power to the grid from scratch, an effort commonly known as a black start. The black start process is now done manually using special generators that can provide power to slowly bring other generators back online.
The Defense Information Systems Agency (DISA) now offers service product packages to mission-partner authorizing officials to provide a holistic view of their information systems risk posture. The packages help ensure compliance for mission partners who have programs and systems hosted within the DISA computing ecosystem.
Control Correlation Identifiers (CCIs) within the service packages allow high-level policy framework requirements to be decomposed and associated with low-level security settings to determine compliance with the objectives of that specific security control.
The Army issued a contract to Lockheed Martin Missiles and Fire Control, Orlando, Florida, to help boost national cyber range capability, by allowing potentially virulent code to be introduced and studied on the range without compromising the range. The award is a $33,916,629 modification (P00036) to contract W900KK-14-C-0020. Work will be performed in Orlando, Florida, with an estimated completion date of May 25, 2019. Fiscal year 2017 and 2018 research, development, test and evaluation funds in the amount of $33,916,629 were obligated at the time of the award. U.S. Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity.