November 2, 2024 | International, C4ISR, Security
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Discover how the new Xiū gǒu phishing kit threatens users in multiple countries since September 2024.
January 21, 2021 | International, C4ISR, Security
After huge hack, Biden security picks want more cyber coordination with industry
WASHINGTON — Two top national security nominees advocated Tuesday for stronger federal cybersecurity and increased collaboration with contractors in the aftermath of a supply chain breach that infiltrated numerous federal agencies.
If confirmed, retired Army Gen. Lloyd Austin and Avril Haines, President-elect Joe Biden's nominees for defense secretary and director of national intelligence, respectively, would start their jobs in the middle of the national security community's assessment of damage from a cybersecurity breach pinned on Russian hackers. They gained access through software from SolarWinds, a major government contractor.
“We must elevate cybersecurity as an imperative across the government in order to defend the American people and U.S. critical infrastructure,” Austin told the Senate Armed Services Committee in his answers to the lawmaker's advance policy questions. “Additionally, the government must continue to strengthen its partnership with the private sector to foster greater information sharing and collaboration.”
So far, federal investigators have discovered breaches at “fewer than 10” federal agencies, though the Pentagon and intelligence community haven't confirmed whether their offices were among the victims. Haines, who served as deputy CIA director and deputy national security adviser to President Barack Obama, found it concerning that the breach first came to light through cybersecurity company FireEye, instead of through U.S. government cybersecurity operators.
“[I] absolutely share ... concern that we're actually able to detect these because that's obviously absolutely critical to us protecting against them,” Haines said before the Senate Select Committee on Intelligence. “I think ... it was pretty alarming that we found out about it through a private company as opposed to our being able to detect it ourselves to begin with.”
In response to the breach, Austin committed to reviewing the DoD's cyber posture and emphasized that Russia must be punished for infiltrating federal networks. In the advance questions, Austin stopped short of calling the breach an act of war, arguing that designation “requires a case-by-case and fact-specific determination.”
“For example, malicious cyber activities could result in injury, death or significant property destruction,” Austin wrote. “These activities would need to be considered in their totality.”
An early January announcement from several federal investigators, including the NSA and Office of the Director of National Intelligence, stated that the breach was believed to be an espionage campaign and “likely Russian in origin.”
“If that's the case, I think Russia should be held accountable,” Austin said at the hearing. “That's my personal belief.”
Sen. Jack Reed, D-R.I., who sits on both SASC and SSCI, called the breach “the greatest cyber intrusion in the history, I think, perhaps, of the world” and said that the stovepiped nature of the U.S. national security apparatus needed to be addressed. Reed said one challenge for Haines will be developing a “more coherent, cohesive, integrated approach” to dealing with cybersecurity threats, particularly from advanced nation-state actors.
Under questioning from senators, Haines said the SolarWinds supply chain hack was a “grave threat,” and the government needs new to improve its defenses against such attacks, though she noted that she hasn't received a classified briefing on the intrusion. In 2019, a report from ODNI warned of growing software supply chain hacks that provide an “efficient way to bypass traditional defenses and compromise a large number of computers.”
“To prevent a recurrence of this kind of attack, we need to close the gap between where our capabilities are now and where they need to be in order to deter, detect, disrupt and respond to such intrusions far more effectively in the future,” Haines wrote in her questionnaire. “If confirmed as DNI, I will review the expert conclusions from the SolarWinds incident and the current intelligence about supply chain vulnerabilities and what steps may be taken to address any vulnerabilities.”
Haines told senators that she would assess how the intelligence community can improve its cybersecurity partnerships with industry and the whole federal government.
“I believe that the IC plays an integral role in detecting and warning against nation-state targeting of U.S. networks and infrastructure,” she wrote. “If confirmed, I will examine how better collaboration between the IC and the rest of the U.S. government, coupled with closer partnerships with the private sector and our international allies, can enhance our ability to deter, detect, and mitigate cyberattacks.”
Haines will review whether the intelligence community is allocating resources properly to face advanced cyber threats and will examine the adequacy of the IC's existing authorities to protect the digital infrastructure of the United States, she said. Austin pointed to a cyber-threat sharing partnership the department has with the defense industrial base and stated that the department should “continue to look for ways to better integrate with interagency partners and the private sector.”
In light of the SolarWinds breach, the senators on SSCI wrote that they are worried about a “lack of mandatory threat information sharing between the private sector and government,” adding that any information sharing from the private sector after the breach is voluntary. Haines would review the relationship.
“Information sharing between the IC and the private sector is increasingly important to ensure that our data systems and networks are secure,” she wrote. “If confirmed as DNI, I look forward to reviewing the Intelligence Community's data sharing and information exchange relationship with the private sector, to engaging with IC experts and private sector leaders on what information is currently being shared, and to examining the efficacy of the current framework for sharing threat information.”
The incoming Biden administration has signaled that it will prioritize cybersecurity in the aftermath of the SolarWinds breach. The Biden team named Anne Neuberger, the NSA's cybersecurity director who worked to improve information sharing with the private sector, to National Security Council as deputy national security adviser for cyber and emerging technology.
Haines wrote that she will “ensure” that the intelligence community has a “robust data sharing and information exchange relationship” with private companies and said that she will be “studying current information sharing to determine how it can be improved and what types of information can be shared to enhance cybersecurity protections.”
“The private sector has unique insight and expertise on malicious activity occurring within its networks,” Haines said. “Real-time integration of private sector and government data could lead to more effective prevention and mitigation outcomes.”
Cyber norms and deterrence
For the last few years, the U.S. government wrestled with the concept of deterrence in the cyber domain, a complex challenge that including resilient defenses, risk management and strong international partnerships. As the SolarWinds breach demonstrated, deterring adversaries from hacking, which is seen as below the threshold of an armed response, is difficult.
In response to a question from Sen. John Cornyn, R-Texas, about how to approach cyber deterrence, Haines pointed to many of the same tenets of current U.S. cyber deterrence, including imposition of costs for malicious actors' behavior, bringing foreign allies together to impose those costs, building resilient systems that are hard to hack, developing norms and creating strong relationship with the private sector.
Haines wrote that setting norms should include outlining sanctionable behavior with the agreement from allies. A cornerstone to sanctioning is attributing cyberattacks to actors, a challenging undertaking in the cyber realm. Sen. Mark Warner, D-Va., said he wanted Haines to be more forthcoming with attribution of cyberattacks, stating that he found it “extraordinarily concerning” that the “[Trump] White House underplay[ed] attribution on Russia.”
Attribution, Haines said, would be a major piece of the ODNI's role in deterrence.
“Something we [ODNI] can do is promote the ability to detect when adversaries are engaging in such activity so as then to provide information about attribution, for example. And then hold adversaries to account through that.”
On the same subject
-
-
November 15, 2021 | International, Aerospace
US Air Force will buy E-7 Wedgetail in 2022, Boeing exec claims
“I’m very confident that the Air Force is choosing the E-7 to replace its E-3 fleet,” Mike Manazir, Boeing’s vice president for defense business development, said during a news conference ahead of the Dubai Airshow.
-
July 23, 2019 | International, Aerospace, Naval, Land, C4ISR, Security, Other Defence
Fixing relationships: How US Army Futures Command is working with small biz, academia
By: Jen Judson WASHINGTON — U.S. Army Futures Command is laying the groundwork to strengthen collaboration with academia and small businesses to solve some of the service's most major problems. The Army has struggled with relationships outside of the established defense industry, particularly with small businesses and Silicon Valley. Small businesses have expressed concerns about working with the government, mostly in regard to the time it takes to secure a contract award as well as the complex and cumbersome government-contracting process. The Government Accountability Office issued a report last week that found Army Futures Command could improve how it works with small businesses. The report was released on the eve of AFC's declaration of full operational capability, which is officially set for July 31. “The funny thing is if I talk to defense primes, they are convinced all we are working with is small business, and I talk to small business all they are convinced ... we are working with the defense primes,” Gen. Mike Murray, AFC commander, said during a July 18 press briefing at the Pentagon. “It's going to take a combination of both for us to accomplish our mission, and in many ways a combination of both working together” to achieve the command's goals in modernizing the Army, he said. But Murray agreed there is more to be done. To its credit, the command was built from scratch and was a “blank canvas” just a year ago, Murray said. The command went from 24 pioneers on the ground at its headquarters in Austin, Texas, to 24,000 soldiers and civilians in 25 states and in 15 countries, over the course of the past year. Since landing in Austin, the AFC has established “focused relationships” with industry and academia, he added. Engaging small businesses One critical step toward engagement with small businesses was the creation of the Army Applications Laboratory in Austin's Capital Factory — an innovation hub for entrepreneurs in the heart of the city's downtown. The venue, with more than 100 Army personnel, is to identify novel solutions to benefit the Army's modernization priorities. For example, the lab is kicking off a major effort this week to discover out-of-the-box solutions for an autoloader for its Extended Range Cannon Artillery system in development under its top priority — Long Range Precision Fires. Additionally, a capability the Army was eyeing a year ago — discovered at the Capital Factory — will be tested at the flight school at Fort Rucker, Alabama, as the service refines its new lot of virtual reality trainers being tested in a pilot program. The Senseye technology is software that can track a pilot's irises during flight simulation training to determine when a person has neurologically learned a task. The Air Force has already incorporated this technology into its simulators. The commander of the Aviation Center of Excellence at Fort Rucker said in April at the Army Aviation Association of America symposium that the technology is promising. If all goes well, the commander added, the tech could be used as part of the Army's Synthetic Training Environment. The Army has a cross-functional team, or CFT, within Futures Command focused on such an environment. The GAO recommended the AFC use its cross-functional teams to enhance small business engagement. The Army Applications Lab was also recently at Fort Hood, Texas, working with soldiers on the ground to identify problems that could be solved by small businesses. The lab also completed a trip overseas, Murray noted, but he would not discuss specifics on the location. “I'm not going to say particularly where. There was some specific re-coding of some mission command systems, which significantly helped,” he said. The GAO also recommended the command focus on better engaging small businesses for research and development programs. The command has established four related initiatives, according to the report: It set up the Army Research Laboratory Open Campus 2.0, which transitions scientific research from universities to Army technology development efforts. The command set up the Army Capability Accelerator to help small businesses mature concepts into prototypes and validate early-stage technology. This is managed within the Army Applications Lab. The Army Strategic Capital restructures a prior effort that takes venture capital to offset Army development costs by investing in existing Army Small Business Innovation Research and Small Business Technology Transfer programs. Lastly, Halo is an effort to accelerate the “adaptation and transition of commercial and startup-derived products to Army applications and programs,” according to the GAO report. The Army Applications Lab will also manage the effort. Murray is in the process of hiring a lead for a small-business office within AFC. While the Army already has a servicewide small-business office, the GAO recommended AFC interface and use that office to improve relations with small businesses. The office will “make sure that we are at least knowledgeable focusing on capitalizing on anything that small businesses have to offer,” Murray said. AFC is also in the preliminary stage of arranging an event in Austin to establish relationships between small businesses and defense primes, Murray said. “One thing I worry about with small business is the ability to scale,” he said, “so there are a lot of ways they can scale, and one of the ways is working with a defense prime.” While defense primes have relationships with small business, Murray noted, the effort would foster new ones that might not exist. Academic pursuits AFC has also established the University Technology Development Division, which serves as the primary link between the command and its academic partners, Murray said. “That is taking root in several key places,” he explained, including Vanderbilt University, which is partnering with the 101st Airborne Division; Carnegie Mellon University, the home of the Army's Artificial Intelligence Task Force; and the University of Texas as well as Texas A&M, where the command is beginning work on several key programs. In addition to providing the building for AFC's headquarters and offering up roughly 10,000 square feet of office space and labs at its Cockrell School of Engineering, the University of Texas is building a robotics institute for the Army by converting an old building into a lab “at fairly significant cost,” Murray said. Murray has tasked engineers at the University of Texas to study the utility of robotics taking over the dirty and dangerous work while keeping soldiers out of harm's way, even bringing a leading engineering professor from the school on a recent trip to Yakima Air Force Base in Washington state to witness a robotic breach experiment that was part of the service's Joint Warfighting Assessment. The lab will also work on battery technologies, Murray added. The inventor of the lithium battery works at the University of Texas. Texas A&M is focused on hypersonics and directed-energy research, according to Murray. The university will eventually build a soldier-development facility at its RELLIS campus“where we will be able to marry up soldiers with graduate students and faculty to go into some agile development capability in solving problems for soldiers,” he said. https://www.defensenews.com/land/2019/07/22/can-futures-command-change-the-armys-relationship-with-academia-and-small-business/