Back to news

January 21, 2021 | International, C4ISR, Security

After huge hack, Biden security picks want more cyber coordination with industry

WASHINGTON — Two top national security nominees advocated Tuesday for stronger federal cybersecurity and increased collaboration with contractors in the aftermath of a supply chain breach that infiltrated numerous federal agencies.

If confirmed, retired Army Gen. Lloyd Austin and Avril Haines, President-elect Joe Biden's nominees for defense secretary and director of national intelligence, respectively, would start their jobs in the middle of the national security community's assessment of damage from a cybersecurity breach pinned on Russian hackers. They gained access through software from SolarWinds, a major government contractor.

“We must elevate cybersecurity as an imperative across the government in order to defend the American people and U.S. critical infrastructure,” Austin told the Senate Armed Services Committee in his answers to the lawmaker's advance policy questions. “Additionally, the government must continue to strengthen its partnership with the private sector to foster greater information sharing and collaboration.”

So far, federal investigators have discovered breaches at “fewer than 10” federal agencies, though the Pentagon and intelligence community haven't confirmed whether their offices were among the victims. Haines, who served as deputy CIA director and deputy national security adviser to President Barack Obama, found it concerning that the breach first came to light through cybersecurity company FireEye, instead of through U.S. government cybersecurity operators.

“[I] absolutely share ... concern that we're actually able to detect these because that's obviously absolutely critical to us protecting against them,” Haines said before the Senate Select Committee on Intelligence. “I think ... it was pretty alarming that we found out about it through a private company as opposed to our being able to detect it ourselves to begin with.”

In response to the breach, Austin committed to reviewing the DoD's cyber posture and emphasized that Russia must be punished for infiltrating federal networks. In the advance questions, Austin stopped short of calling the breach an act of war, arguing that designation “requires a case-by-case and fact-specific determination.”

“For example, malicious cyber activities could result in injury, death or significant property destruction,” Austin wrote. “These activities would need to be considered in their totality.”

An early January announcement from several federal investigators, including the NSA and Office of the Director of National Intelligence, stated that the breach was believed to be an espionage campaign and “likely Russian in origin.”

“If that's the case, I think Russia should be held accountable,” Austin said at the hearing. “That's my personal belief.”

Sen. Jack Reed, D-R.I., who sits on both SASC and SSCI, called the breach “the greatest cyber intrusion in the history, I think, perhaps, of the world” and said that the stovepiped nature of the U.S. national security apparatus needed to be addressed. Reed said one challenge for Haines will be developing a “more coherent, cohesive, integrated approach” to dealing with cybersecurity threats, particularly from advanced nation-state actors.

Under questioning from senators, Haines said the SolarWinds supply chain hack was a “grave threat,” and the government needs new to improve its defenses against such attacks, though she noted that she hasn't received a classified briefing on the intrusion. In 2019, a report from ODNI warned of growing software supply chain hacks that provide an “efficient way to bypass traditional defenses and compromise a large number of computers.”

“To prevent a recurrence of this kind of attack, we need to close the gap between where our capabilities are now and where they need to be in order to deter, detect, disrupt and respond to such intrusions far more effectively in the future,” Haines wrote in her questionnaire. “If confirmed as DNI, I will review the expert conclusions from the SolarWinds incident and the current intelligence about supply chain vulnerabilities and what steps may be taken to address any vulnerabilities.”

Haines told senators that she would assess how the intelligence community can improve its cybersecurity partnerships with industry and the whole federal government.

“I believe that the IC plays an integral role in detecting and warning against nation-state targeting of U.S. networks and infrastructure,” she wrote. “If confirmed, I will examine how better collaboration between the IC and the rest of the U.S. government, coupled with closer partnerships with the private sector and our international allies, can enhance our ability to deter, detect, and mitigate cyberattacks.”

Haines will review whether the intelligence community is allocating resources properly to face advanced cyber threats and will examine the adequacy of the IC's existing authorities to protect the digital infrastructure of the United States, she said. Austin pointed to a cyber-threat sharing partnership the department has with the defense industrial base and stated that the department should “continue to look for ways to better integrate with interagency partners and the private sector.”

In light of the SolarWinds breach, the senators on SSCI wrote that they are worried about a “lack of mandatory threat information sharing between the private sector and government,” adding that any information sharing from the private sector after the breach is voluntary. Haines would review the relationship.

“Information sharing between the IC and the private sector is increasingly important to ensure that our data systems and networks are secure,” she wrote. “If confirmed as DNI, I look forward to reviewing the Intelligence Community's data sharing and information exchange relationship with the private sector, to engaging with IC experts and private sector leaders on what information is currently being shared, and to examining the efficacy of the current framework for sharing threat information.”

The incoming Biden administration has signaled that it will prioritize cybersecurity in the aftermath of the SolarWinds breach. The Biden team named Anne Neuberger, the NSA's cybersecurity director who worked to improve information sharing with the private sector, to National Security Council as deputy national security adviser for cyber and emerging technology.

Haines wrote that she will “ensure” that the intelligence community has a “robust data sharing and information exchange relationship” with private companies and said that she will be “studying current information sharing to determine how it can be improved and what types of information can be shared to enhance cybersecurity protections.”

“The private sector has unique insight and expertise on malicious activity occurring within its networks,” Haines said. “Real-time integration of private sector and government data could lead to more effective prevention and mitigation outcomes.”

Cyber norms and deterrence

For the last few years, the U.S. government wrestled with the concept of deterrence in the cyber domain, a complex challenge that including resilient defenses, risk management and strong international partnerships. As the SolarWinds breach demonstrated, deterring adversaries from hacking, which is seen as below the threshold of an armed response, is difficult.

In response to a question from Sen. John Cornyn, R-Texas, about how to approach cyber deterrence, Haines pointed to many of the same tenets of current U.S. cyber deterrence, including imposition of costs for malicious actors' behavior, bringing foreign allies together to impose those costs, building resilient systems that are hard to hack, developing norms and creating strong relationship with the private sector.

Haines wrote that setting norms should include outlining sanctionable behavior with the agreement from allies. A cornerstone to sanctioning is attributing cyberattacks to actors, a challenging undertaking in the cyber realm. Sen. Mark Warner, D-Va., said he wanted Haines to be more forthcoming with attribution of cyberattacks, stating that he found it “extraordinarily concerning” that the “[Trump] White House underplay[ed] attribution on Russia.”

Attribution, Haines said, would be a major piece of the ODNI's role in deterrence.

“Something we [ODNI] can do is promote the ability to detect when adversaries are engaging in such activity so as then to provide information about attribution, for example. And then hold adversaries to account through that.”

https://www.c4isrnet.com/cyber/2021/01/20/after-huge-hack-biden-security-picks-want-more-cyber-coordination-with-industry

On the same subject

  • Navy satellite system approved for expanded use

    August 6, 2018 | International, Naval, C4ISR

    Navy satellite system approved for expanded use

    By: Maddy Longwell   U.S. Strategic Command has approved the Navy's new narrowband satellite communication system for expanded operational use, which could begin as early as this fall, the Space and Naval Warfare Systems Command announced Aug. 2. “MUOS' acceptance for operational use is an important milestone for the Navy, and it's one step closer for significant communications improvements for all our forces,” Rear Adm. Carl Chebi, the Navy's program executive officer for space systems, said in the release. The Mobile User Objective System (MUOS), built by Lockheed Martin, is a five-satellite constellation, which includes four operational satellites and an on-orbit spare, that works with ground relays to operate like a global military cellular network. The first satellite launched in 2012. The system can transmit voice, video and mission data on an Internet Protocol based system that can connect to military networks. Users can connect to Department of Defense communications networks such as the Global Information Grid and Defense Switched Network. Full Article: https://www.c4isrnet.com/c2-comms/2018/08/03/navy-satellite-system-approved-for-expanded-use

  • After months of haggling, Lockheed moves on German air defense bid

    August 17, 2020 | International, Land

    After months of haggling, Lockheed moves on German air defense bid

    By: Sebastian Sprenger COLOGNE, Germany — Lockheed Martin and MBDA Deutschland have submitted another bid for Germany's next-generation air defense system, following negotiations throughout the summer that some observers said nearly tanked the project. The “updated proposal,” as the companies called it in a joint statement Friday, presumably will find smooth sailing in the Defence Ministry's upcoming analysis. That is because government officials and company executives already went through extensive discussions in the past few months to iron out sticking points left unresolved in previous bids and re-bids. “In the last months we made progress in further detailing the Integrated Master Schedule, relevant specifications as well as performance simulations to de-risk the future contract,” Thomas Gottschild, managing director at MBDA Deutschland, said in the statement. But there are no guarantees, especially when it comes to the famously circuitous Taktisches Luftverteidigungssystem, or TLVS. The program grew out of the now-defunct Medium Extended Air Defense System, which the Pentagon helped fund. Germany wants the weapon to replace its fleet of Patriot batteries. The German Defence Ministry did not immediately respond to a request for comment. The government in Berlin is under the gun to deliver military programs on time and on budget, especially now that the ministry wants to keep up defense spending despite the economic blow of the coronavirus pandemic. As a result, officials want to place greater financial liability on the contractors in case things go awry. That approach is infused throughout the TLVS contractual categories of “risk” and “terms and conditions,” industry officials previously said, though details are under strict wraps. Executives previously argued the proposed risk distribution is unsuitable for a development-heavy program like TLVS, making Lockheed especially wary of pursuing the deal after all. At the same time, the American defense giant finally needs to sell the program to a government customer if it wants the advertised revolution in missile defense equipment to actually happen. The envisioned weapon will feature a 360-degree sensing and shooting capability, which means operators no longer need to anticipate from which direction aerial threats will likely approach, as was the case with the sectored Patriot system. “TLVS will transform Germany's defense capabilities and set an important precedent in how neighboring nations address persistent global threats for years to come,” Lockheed and MBDA claimed in their joint statement. The German parliament, currently in recess, will have to approve the government's acquisition plan for TLVS — that is, if the industry consortium's newest submission makes the ministry's cut. https://www.defensenews.com/industry/2020/08/14/after-months-of-haggling-lockheed-moves-on-german-air-defense-bid/

  • Army Halts Apache Helicopter Deliveries

    October 19, 2020 | International, Aerospace, Naval

    Army Halts Apache Helicopter Deliveries

    For the second time in two years, the Army had to stop accepting Boeing's attack helicopter. The exact reason remains unknown. Marcus Weisgerber The U.S. Army has stopped accepting Apache helicopters from Boeing after the company found that an employee kept “improper” records concerning parts installed on the aircraft. It's the latest quality-control issue to bedevil America's largest planemaker, which is trying to shift its company's culture and repair its public image after two deadly airliner crashes and a production line that left tools and trash inside new tanker aircraft. “At this time the Army is still conducting a comprehensive review of a number of Boeing processes, production, and manufacturing plans for critical safety items applicable to all AH-64E aircraft production,” Lt. Col. Brandon Kelley, an Army spokesman, said in an emailed statement. When it learned of “improper record keeping” at its AH-64 Apache factor in Mesa, Arizona, Boeing “immediately notified the Army,” Steve Parker, vice president and general manager of Boeing Vertical Lift, said in a statement provided by a company spokesman. “Boeing and the government are jointly reviewing our Mesa quality management processes and procedures,” Parker said. “Flight operations and deliveries will resume when Boeing and the Army are satisfied this issue has been resolved and appropriate corrective action plans have been implemented.” Boeing no longer employs the worker who kept the improper records, according to a person with knowledge of the issue. Boeing's Mesa operation builds new Apaches and overhauls old ones with more modern equipment — a process known as remanufacturing. The company continues to build aircraft amid the delivery stoppage, an industry source said. “The Army will begin acceptance of aircraft once conditions have been satisfied to ensure production processes meet standards for safety and quality and the potential for future quality escapes has been fully mitigated,” Kelley said. “The Army will continue to work with Boeing in reviewing their quality processes and manufacturing of critical safety items and recommend changes as necessary to prevent future delivery of non-conforming product.” Kelley said that soldiers' lives were not put at risk by the issues. It's not the first time the Army has suspended Apache deliveries. From March to August 2018, the service halted acceptances after finding a flaw in a part that holds the helicopter's rotors to the aircraft. Boeing quality-control practices have been called into question by both the commercial industry and the military. The Federal Aviation Administration is investigating potential manufacturing issues on 787 Dreamliner aircraft. The U.S. Air Force had to halt deliveries of KC-46 tankers on numerous occasions after military inspectors found trash, parts, and tools left inside the aircraft. In March 2019, Will Roper, the head of Air Force acquisition, blamed the company's assembly line culture for the issues. The coronavirus pandemic has only made things worse for Boeing and its suppliers as air travel evaporates and airlines cancel plane orders. Earlier this year, executives said the company's $34 billion defense business would outperform its typically lucrative commercial business for the first time in more than a decade. Coronavirus-related factory shutdowns and production slowdowns started taking a toll on Boeing's defense business in the spring. Boeing delivered 54 fewer military aircraft and satellites so far this year when to the first three quarters of 2019, a 31 percent decline, according to company data. This year, Boeing has delivered 10 KC-46 tankers, less than half of the 21 delivered through the third quarter of 2019. https://www.defenseone.com/business/2020/10/army-halts-apache-deliveries-after-boeing-finds-improper-record-keeping-helicopter-factory/169332/

All news