SIGNAL Media Blog

There’s little doubt that thanks to the influx of new government regulations around privacy and data security, requirements have become the primary area of focus for many defense industrial base and General Services Administration contractors.

Ask someone in federal IT what zero trust means and you’re likely to hear that it’s about access control: never granting access to any system, app or network without first authenticating the user or device, even if the user is an insider. The term “Never trust; always verify” has become a common way to express the concept of zero trust, and the phrase is first on the list of the Defense Information Systems Agency’s (DISA’s) explanation.

I take no joy in writing this article, but it is a desperate plea for improvement.

From 1995-2001, I worked for the Department of the Army as a contract specialist procuring advanced communications and electronics systems, equipment and services.

Recently, I had the privilege of attending a ceremony and presenting an award to a local high school Junior Reserve Office Training Corps (JROTC) cadet on behalf of another organization for this cadet’s superior performance and leadership. Looking around the stage, I noticed representatives from multiple organizations all eager to recognize the efforts of these amazing young leaders with their respective groups’ awards.

As people around the world practice self-isolation in an effort to reduce exposure and spreading of the COVID-19 virus, the need to maintain a strong cybersecurity posture arguably has never been higher. Millions of people have shifted their daily lives to an environment relying on telework, distance learning, Internet-enabled social engagement, streaming news and entertainment and other activities.

This “new normal” is facilitated by the robust capabilities of the Internet. Yet it presents a significant cyber risk. During the COVID-19 crisis, we’ve seen bad actors stepping up their game with increased incidents of phishing, disinformation, watering hole attacks and other criminal activity.

A mushroom cloud explosion in the New Mexico desert on July 16, 1945 forever changed the nature of warfare. Science had given birth to weapons so powerful they could end humanity. To survive, the United States had to develop new strategies and policies that responsibly limited nuclear weapon proliferation and use. Warfare is again changing as modern militaries integrate autonomous and semiautonomous weapon systems into their arsenals. The United States must act swiftly to maximize the potential of these new technologies or risk losing its dominance.

It’s easy to forget that in the midst of a catastrophe, physical safety isn’t the only thing that’s important. As technology’s role in disaster response and relief becomes more and more prevalent, cybersecurity becomes an essential part of the process. Here’s why.

Few people are more vulnerable than those impacted by a crisis. Whether a man-made attack or a natural disaster, the widespread destruction created by a large-scale emergency can leave countless individuals both destitute and in need of medical attention. Protecting these men, women and children requires more than a coordinated emergency response.

Last year was a banner year for cyber fraud. In just the first six months of 2019, more than 3,800 breaches exposed 4.1 billion records, with 3.2 billion of those records exposed by just eight breaches. The scale of last year’s data breaches underscores the fact that identity has become the currency of the digital world and data is the fuel that powers the digital economy. What’s also clear looking back on 2019 is that digital identities are continually being compromised on multiple levels. 

Supply chain security has been of concern to government leaders for decades, but with attacks now originating in industrial control systems (ICS) from supply chain vulnerabilities and with an increasing reliance on the Internet of Things (IoT), Congress is stepping up its involvement. For example, legislators have promised that more stringent standards will soon be enforced.

The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.

The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry. 

This is grossly incorrect.

The U.S. Army is leading the charge on the military’s multidomain battle concept—but will federal IT networks enable this initiative, or inhibit it?

The network is critical to the Army’s vision of combining the defense domains of land, air, sea, space and cyberspace to protect and defend against adversaries on all fronts. As Gen. Stephen Townsend, USA, remarked to AFCEA conference attendees earlier this year, the Army is readying for a future reliant on telemedicine, 3D printing and other technologies that will prove integral to multidomain operations. “The network needs to enable all that,” said Townsend. 

When the Department of Defense (DOD) launched its Everything Over IP initiative nearly 10 years ago the focus was to bring traditional telecommunications technology—phone calls, streaming video and even faxes—to the digital world.

At that time, unified communications (UC), especially in the government workplace, was a relatively new concept. Remember, this was a time when voice over Internet Protocol (VoIP) phones were still seen as cutting edge. Now, though, UC has become not just a business tool, but a strategic offering that can connect employees in disparate locations, including the frontlines.

The military continues to focus its efforts on developing the most sophisticated technologies and capabilities needed to sustain tactical advantage and achieve mission objectives. But the most critical component to success on the battlefield continues to lie with the warfighter.

The U.S. defense industrial supply chain is vast, complex and vulnerable. Organic components, large-scale integrators, myriad commercial service providers, and tens of thousands of private companies sustain the Defense Department. According to the SANS Institute, the percentage of cyber breaches that originate in the supply chain could be as high as 80 percent.

It comes as no surprise that U.S. adversaries continue to target and successfully exploit the security weaknesses of small-business contractors. A successful intrusion campaign can drastically reduce or even eliminate research, development, test and evaluation (RDT&E) costs for a foreign adversary. Digital espionage also levels the playing field for nation-states that do not have the resources of their more sophisticated competitors. To bypass the robust security controls that the government and large contractors have in place, malicious actors have put significant manpower into compromising small- and medium-sized businesses (SMBs).

Every time federal information technology professionals think they’ve gotten in front of the cybersecurity risks posed by the Internet of Things (IoT), a new and unexpected challenge rears its head. Take, for instance, the heat maps used by GPS-enabled fitness tracking applications, which the U.S. Department of Defense (DOD) warned showed the location of military bases, or the infamous Mirai Botnet attack of 2016.

A special operations officer who needed secure network connectivity to transmit data anywhere on the globe gained the capability in less than a minute by using Cyberspace Operations Infrastructure, or CSOI.

That officer was able to send data securely across the open network because CSOI uses the 256-bit Advanced Encryption Standard (AES) encryption mode. A 128-bit header uses a series of standards built out in the 1990s initially to secure drones. It also is used to cloak energy grids and older military architectures that will not attain IPv6, according to Robert Osborne, chief technology officer at IMPRES, the developer of CSOI.

As edge technologies continue to get smarter, faster, and more connected, incredible opportunities have emerged for the public sector to accelerate time to value and reduce costs. These mission-specific solutions are also simpler and faster to deploy!

Never before has there been such an intense focus on data security and privacy. With data breaches increasing exponentially and the European Union’s recent implementation of the General Data Protection Regulation (GDPR), data security has been at the forefront of news stories over the past several months, with both businesses and consumers suddenly paying very close attention. With this increased attention has come an understanding that data continues to exist even when it is no longer needed or used. Due to this newfound understanding and GDPR’s “Right to be Forgotten,” the eradication of data has new urgency and has become critical to a successful data security program.

In February 2018, the Department of Defense (DOD) Defense Digital Service (DDS) relaunched Code.mil to expand the use of open source code. In short, Code.mil aims to enable the migration of some of the department’s custom-developed code into a central repository for other agency developers to reduce work redundancy and save costs in software development. This move to open source makes sense considering that much of the innovation and technological advancements we are seeing are happening in the open source space.

Traffic on optical transport networks is growing exponentially, leaving cyber intelligence agencies in charge of monitoring these networks with the unenviable task of trying to sift through ever-increasing amounts of data to search for cyber threats. However, new technologies capable of filtering exploding volumes of real-time traffic are being embedded within emerging network monitoring applications supporting big data and analytics capabilities.

As a result of recent federal legislative and administrative activity, government agencies are expected to launch significant modernizations of their cybersecurity systems, get offensive with hackers and take a more strategic approach to risk. Combined, these policy directives promise to transform our government into a robust digital society, gaining greater resiliency to cyber threats by leveraging opportunities while reinforcing standards and procedures.

Here’s a breakdown of the key components of the four policies:

The Department of Defense (DOD) Operational Test and Evaluation Fiscal Year 2016 Annual Report indicates that while there has been significant cybersecurity progress over the past few years, network defense as a warfighting function continues to be undervalued.

Despite the department’s concerted and progressive network modernization efforts, many networks are built on outdated legacy architectures that were never designed to address the challenges posed by continually evolving threat vectors. Neither agile nor flexible enough to be able to adjust, they are vulnerable to the security risks posed by increasingly intelligent, nimble and enterprising hackers.

The government’s effort to balance cybersecurity with continued innovation was underscored last year with the publication of the Commission on Enhancing National Cybersecurity’s Report on Securing and Growing the Digital Economy. The report included key recommendations for cybersecurity enhancements, while also serving as a sobering reminder that “many organizations and individuals still fail to do the basics” when it comes to security.