mobile

The U.S. Department of Homeland Security’s Science and Technology Directorate is working to improve the resiliency of smartphones and other mobile technologies through directed research and development initiatives. Not as secure as office computers, mobile devices are becoming the preferred target for malicious actions by cyber adversaries. In many cases, smartphones, tablets and other electronic devices simply do not have the same protections available for more traditional computing technologies, experts say. The level of attacks also is moving “deeper down the mobile device stack,” from the application and mobile operating system layers to the hardware and infrastructure layers, according to the department.

As enterprises mobilize business processes, more and more sensitive information passes through and resides on mobile devices. BlackBerry, a virtual grandfather in the handheld devices world, offers chief information officers (CIOs) an idea of what they’re up against when attempting to ensure the security of data flying through cyberspace.

Rep. Ted Lieu is no stranger to having his cellphone "hacked." Intruders recently were able to track his whereabouts, eavesdrop on conversations with staff members and access his text messages and email.

Fortunately for Lieu, the intrusion was part of a 60 Minutes segment last year that the TV news program did to highlight mobile device vulnerabilities. The California Democrat knew of the hackers who had successfully exploited his phone's Signaling System Seven, aka SS7, security flaw that compromises the global network that connects phone carriers. The same vulnerabilities still exist one year later, Lieu shared on Thursday during a Capitol Hill demonstration about mobile security, or lack thereof.

Global security readiness received an overall score of 70 percent, or a C- rating, on the 2017 Global Cybersecurity Assurance Report Card, a decline of six points from last year and lower than the U.S. tally of 78 percent, according to recently released survey results. 

The survey, created by Tenable Network Security and conducted by CyberEdge Group, solicited insights from 700 security practitioners in nine countries and across seven like-industries to calculate the global index score. It measures practitioners’ attitudes and perceptions rather than actual cybersecurity system effectiveness and seeks to determine whether cyber defenses meet expectations.

The future of the U.S. Marine Corps lies in apps. Warfighting applications will transform mobility, much like the assembly line did for the automotive industry, predicts Kenneth Bible, Marine Corps deputy chief information officer.

“The automobile was around for many years before anybody could afford it,” says Bible, also the Corps’ deputy director of command, control, communications and computers (C4). “The idea of an automobile wasn’t really disruptive. It was when the assembly line opened up mass production and drove the cost down that the market changed ... and average citizens could buy a car and retire their wagon and horses.

Mobile data traffic generated by cellphones and tablets will approach almost 197,000 petabytes by 2019, according to Juniper Research. That is the data equivalent to more than 10 billion Blu-ray movies.

With the information world marching en masse to the cloud, one global firm is offering direct peer-to-peer encryption to reduce the threat of an intervening cyber intercept. This approach is applicable to dedicated hardware as well as to commercial off-the-shelf consumer communications equipment, and its operation is relatively transparent to the user.

The National Institute of Standards and Technology (NIST) is preparing recommendations to help organizations leverage the benefits of mobile apps while managing their risks. The publication’s authors are seeking public comments about the draft of "Technical Considerations for Vetting 3rd Party Mobile Applications." The deadline for comments is Sept. 18.

While apps can improve productivity, they also can introduce vulnerabilities that put sensitive data and network resources at risk. The draft publication describes tests that software security analysts can employ to find and understand these security gaps before the app is approved for use.

It’s traditional for journalists to end an interview with some version of the question, “What would you like to add?” On the surface, it is the softest of softball questions—so broad and general that there is no wrong answer.

Some sources take this opportunity to repeat their major talking points. Others simply say they have nothing to add. And some will offer a warm and fuzzy, feel-good quote about partnering or working hand-in-hand, or about how great their employees are. All are perfectly legitimate responses.

But on very rare occasions, a source will take this opportunity to make news. And from a reporter’s perspective, this is the absolute best kind of answer.

A key tenet of the Joint Information Environment (JIE) will be the ability of users to have access to the same information system capabilities regardless of physical location, according to Defense Information System Agency (DISA) officials. Speaking on the final day of AFCEA’s three-day JIE Mission Partner Symposium being held in Baltimore May 12-14, the panel of officials described the importance of mobile capability as well as connectivity.

Is there an app for that? If you want news about the Navy, there is.

The U.S. Navy has launched a multiplatform mobile app to connect sailors and families with relevant and updated content.

The U.S. Defense Department will deploy version 1.0 of its unclassified mobility capability on January 31 with plans to expand the capacity to support up to 100,000 users by the end of the fiscal year. The Defense Information Systems Agency (DISA) is the lead agency for the program and has made substantial progress toward delivering the capability.

A recent survey of government employees reveals that federal agencies benefit financially from the flexibility mobile devices afford the work force. Responses from more than 200 federal employees at the management level indicate that 81 percent connect to work remotely at least once a week, 54 percent connect at least once a day and 45 percent connect several times a day. Respondents estimate that, in addition to their full-time work schedule, they spend more than another full workday—nine hours—each week checking their mobile devices for messages and email.

DISA’s Defense Information Technology Contracting Organization awarded a firm fixed price contract for the Mobile Device Management (MDM) system and Mobile Application Store (MAS) to Digital Management Inc. (DMI) of Bethesda, Md., Thursday for an initial award amount of $2.9 million, with four six-month option periods for a total lifecycle amount of nearly $16 million. The base period of performance for this contract is July 9, 2013 to July 8, 2014.

The U.S. National Nuclear Security Administration (NNSA) began working on its Yourcloud solution about two years ago and expects to have the cloud computing solution in place by year's end. You can read more about this in "U.S. Nuclear Agency Enhances Cybersecurity With Cloud Computing
." 

Following the lead set by NASA, the Department of Veterans Affairs and several other federal agencies, the Defense Information Systems Agency (DISA) has posted a solicitation for an enterprisewide Mobile Device Management system and Mobile Application Store (MDM-MAS). As many as 260,000 devices could reach authorized security resources and data initially through the DISA app store, which could eventually expand to support the needs of the entire Defense Department.

From circuit-switched networks (CSN), to Global System for Mobile Communications (GSM), to Enhanced Data Rates for GSM Evolution (EDGE), technology has reached the point where it is now feasible to secure mobile communications. Only recent mobile devices-witness the iPhone-can keep up with security demands required for secure communications. The National Security Agency (NSA) is developing a midterm pilot program aiming for the end goal of a mobile platform developed using only commercial off-the-shelf (COTS) components.

The U.S. government is adopting changes to the cloud computing certification program that will better protect against potential insider threats. The improvements include additional penetration testing, more thorough testing of mobile devices, tighter controls over systems being carried from a facility and more stringent scrutiny of systems connecting from outside the network.

The widespread use of mobile devices on the battlefield, which may have seemed an improbability just a few years ago, may become an actuality within the next few. A recently released strategy document supports that pending reality, which is expected to increase situational awareness, improve operational effectiveness and enhance the operational advantage for U.S. forces.

“I don’t think it’s going to be 10 or 15 years before these devices are going to be the preponderance of what we see on the battlefield. We’re probably three to four years away from that,” says John Hickey, Defense Department mobility portfolio manager, Defense Information Systems Agency (DISA).

The jury is still out in the corporate world as to whether the bring-your-own-device trend will gain a permanent foothold. While the movement creates security worries and extra work for information technology employees, it presents a few perks corporate leaders are reluctant to turn down: cost savings and increased employee productivity. Efforts for full implementation for both businesses and government entities are stymied much more by policy than by technology, or the lack thereof, experts say. While some technological shortcomings create some security risk, viable solutions are on the horizon.

The U.S. Marine Corps Warfighting Lab this week wrapped up an Advanced Warfighting Experiment (AWE) in the jungles of Hawaii, which tested a total of 16 systems including unmanned ground vehicles. The experiment was part of the July 9 -14 Rim of the Pacific exercise and could help determine how future Marine forces will fight and which technologies they will use.

The experiment included Marines aboard Navy ships as well as three company landing teams, a relatively new organization construct for the service. The company landing teams are altered rifle companies and represent a different approach to the Battalion Landing Team.

The complexities of the U.S. Army’s networks and spectrum allocation processes interfere with the need to reassign units to different tasks, creating major delays and presenting serious challenges. To solve the issue, researchers intend to deliver a wide range of technologies, including automated spectrum planning and allocation tools and smarter radios, that will use spectrum more efficiently, network more effectively and provide commanders the flexibility to reorganize as needed.

The Defense Department drive toward its Joint Information Environment is picking up speed as it progresses toward its goal of assimilating military networks across the warfighting realm. Individual services are developing solutions, some of which are targeted for their own requirements, that are being applied to the overarching goal of linking the entire defense environment.

Early successes in Europe have advanced Joint Information Environment (JIE) efforts elsewhere, including the continental United States. Some activities have been accelerated as a result of lessons learned, and they have been implemented ahead of schedule in regions not slated to receive them for months or even years.

Warfighters on foot equipped with night vision systems now can give their commanders a real-time glimpse of what they’re seeing in the field. A new system that combines a portable radio with night vision goggles allows the optical imagery to be captured and sent across the same radio channels used for voice and data communications.

Each piece of hardware—the portable radio and the night vision system—is in service with the armed forces of several countries around the world. Engineers basically combined the two functions to produce a single system that allows commanders to remotely view a night scene from the warfighter’s eye view accompanied with geolocation information.