August 27, 2024 | International, C4ISR, Security
Chinese hackers exploit zero-day flaw in Versa Director, targeting US firms with sophisticated web shell for credential harvesting and potential suppl
https://thehackernews.com/2024/08/chinese-volt-typhoon-exploits-versa.html
March 10, 2024 | International, Land
The MOU is aimed at setting out the principles for discussions which will mainly focus on investigating new opportunities with the Alexandria Shipyard for new vessels to be built by...
August 24, 2020 | International, Naval
Geoff Ziezulewicz While the U.S. Navy has spent nearly $3 billion to improve shipyard maintenance performance in recent years, “the shipyards continue to face persistent and substantial maintenance delays that hinder the readiness of aircraft carriers and submarines,” according to a government watchdog report released this week. Three-quarters of the 51 aircraft carrier and submarine maintenance periods from fiscal 2015 to 2019 were completed late, resulting in 7,425 days of delays, according to the report by the Government Accountability Office. The Navy's four shipyards — in Portsmouth, Virginia; Kittery, Maine; Honolulu, Hawaii; and Bremerton, Washington — provide vital maintenance that includes ship overhauls, nuclear refueling, alterations and refits, among other duties. The aircraft carrier maintenance periods that ended late exceeded their deadlines by an average of 113 days, the GAO reports, while submarine maintenance periods ending late missed the mark by an average of 225 days. Such availabilities last anywhere from six months to three years, and when they don't end on time, it gums up the entire system, delaying other maintenance periods, deployments and other needs. The main factors leading to the tardiness had to do with shipyard workforce performance and having enough people to perform the vital work, the GAO found. Unplanned work, or tasks identified after finalizing maintenance plans, was also cited as a significant factor resulting in the delays. While the Navy has taken steps to address such delays, the sea service has yet to fully address the unplanned work and workforce factors causing the majority of delays, according to the GAO. https://www.navytimes.com/news/your-navy/2020/08/21/watchdog-75-percent-of-sub-and-aircraft-carrier-maintenance-ended-late-in-recent-years/
December 19, 2018 | International, C4ISR
By: Mark Pomerleau The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report. The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones. The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found. Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications. Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications. The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements. The IG made three recommendations for the CIO, who did not provide a response to draft recommendations: Develop an enterprisewide process for conduction software application rationalization throughout DoD; Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications. https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks