Back to news

September 3, 2019 | International, Security

What’s changing in the cyber domain? We ask industry experts

By: Andrew Eversden

“What are you talking about now in cybersecurity that you weren't talking about six months ago?”

Fifth Domain posed this question to cybersecurity experts at Black Hat, a cybersecurity conference in Las Vegas, Nevada, that ran from Aug. 3-8. With the cyber domain rapidly evolving, we wanted to know how conversations within the cyber community are changing.

Some pointed to a new focus on utility systems and web-connected devices that sit on critical infrastructure.

“It's only a matter of time until there's another major disruption in an electric utility somewhere in the world, probably not in the U.S., but elsewhere,” Sergio Caltagirone, threat intelligence director at Dragos, said at the conference Aug. 5. “But oil and gas has the higher likelihood of a major destructive and loss-of-life event. And I think most people did not realize how close to that we actually were.”

Caltagirone was referring to the TRISIS event, malware that struck industrial control systems at a Saudi Arabian petrochemical plant and could've caused physical harm. He said that in the aftermath of that attack, threat researchers diving into the details realized just how bad it could've been.

“We started finding a lot of stuff which hadn't been found before,” Caltagirone said. “Which made us realize very quickly how close that space is to a major event.”

Dave Weinstein, chief security officer at Claroty, pointed to an “explosion” of devices connected to the internet of things..

“It's really a product of this general consensus among industrial organizations that the benefits exceed the costs in terms of embracing this type of digital transformation," Weinstein said Aug. 8, adding that organizations must be “mindful” of these devices and have a plan to mitigate their potential vulnerabilities.

Brian Costello, a senior vice president at Flashpoint, told Fifth Domain on Aug. 8 that he is more often than before focusing on targeted cyberattacks from bad actors. That's a shift away from “campaign-based” attacks that tracked.

There's “more planning out, more scoping out of targets and taking long-term planning to go after [a] particular target with a specific asset in mind,” Costello said.

Along that same vein, Julian Zottl, a senior cyber architect at Raytheon, said he's noticing more inclusion of all-source intelligence in threat analysis.

“We're looking at ... all the sources and trying to figure out indicators,” Zottl said Aug. 7. “[We're] even trying to do predictive analytics now, where it's like, ‘Oh, we see this threat might be coming.' I think that's something that we're starting to talk about more and more.”

Several cybersecurity professionals interviewed by Fifth Domain said the U.S. government is moving away from the classic cyber kill chain and over to the MITRE ATT&CK framework, which dives deeper into potential threats to information security.

“They used to think the hackers would just come in to steal secrets, conduct espionage and then leave,” said Tom Kellermann, chief cybersecurity officer at Carbon Black and a former commissioner on the Commission on Cyber Security for then-President Barack Obama.

“In fact, they're maintaining persistence in these systems. They're manipulating the integrity of data and then they're using federal government agencies themselves and personnel's devices themselves to target anyone who implicitly trusts that person, that agency, that department.” he told Fifth Domain on Aug. 6.

Chris Kennedy, chief information security officer at AttackIQ and a former official with the Treasury Department and the Marine Corps, said these new frameworks in use along with federal continuous monitoring programs allow for more attacker emulation, essentially simulating the attack agencies could face.

“Agencies are starting to realize the value of attacker emulation as a way to measure and benchmark the effectiveness of their security controls,” Kennedy said on Aug. 7.

And with government agencies in different stages of cloud migration, agencies will need to learn how that fits into their cybersecurity posture. Marten Mickos, CEO of white hat hacking company HackerOne, said this a new discussion. He also said the conversation surrounding the use of ethical hackers in government environments has evolved: The word “hacker” is becoming more accepted.

“I do think it signals a shift in mindset," Michos said. There's a realization that "those people who portray themselves as hackers are actually those who will rescue us, not those who will destroy us.”

Despite all the changing technology and evolving threats, one aspect of cybersecurity remains set in stone, said M. K. Palmore, a field chief security officer for the Americas at Palo Alto Networks and a recently retired FBI cyber agent.

“It's about adhering to cybersecurity fundamentals,” Palmore said. “That message hasn't changed regardless of my position or where I'm located.”

https://www.fifthdomain.com/show-reporters/black-hat/2019/08/30/whats-changing-in-the-cyber-domain-we-ask-industry-experts

On the same subject

  • US Army’s tactical network team looks to satellites for next iteration of tools

    September 4, 2020 | International, C4ISR

    US Army’s tactical network team looks to satellites for next iteration of tools

    Andrew Eversden WASHINGTON — The U.S. Army's tactical network modernization team is considering using satellite communications as a service capability for the next iteration of new network tools set for delivery in fiscal 2023. The Army's Network Cross-Functional Team as well as Program Executive Office Command, Control, Communications-Tactical held a technical exchange meeting Sept. 2 to discuss with industry focus areas and goals for Capability Set '23, the next round of new network tools the Army plans to deliver to soldiers every two years. Col. Shane Taylor, program manager for the tactical network at PEO C3T, outlined several priority areas for his program office, including a satellite-as-a-service need that he said provides a “wide gamut of opportunity.” “The opportunity there is it could be anywhere from just leasing terminals to a cradle to [a] grave solution where we just say: 'All right, industry, if I need this capability in this location, what would that look like?' And so the challenge really in the near term is it's such a wide opportunity,” Taylor said. “There's a lot of work that you'll see us ask for some assistance going forward on that.” While Capability Set '21 centered on delivering technology to soldiers to address immediate network gaps, Capability Set '23 is working to increase capacity, bandwidth and resiliency of the Army's tactical network. Satellite communications is critical to that effort, Taylor said. “I'll keep hearkening back to resiliency, thickening, multi-path. SATCOM as a service also has a huge play in that role, and what I mean by that is it gives us just another opportunity to provide capability to the war fighter,” Taylor said. Brig. Gen. Rob Collins, head of PEO C3T, said at the meeting that satellites will be a major focus for cooperative research and development agreements with Combat Capabilities Development Command's C5ISR Center — or Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance, and Reconnaissance Center. The Army is interested in the networking capabilities that satellites can provide. Collins said in August that the service expects low- and medium-Earth orbit satellites to reach technical maturity in 2025 or 2027. While the Army's tactical network team is exploring LEO and MEO capabilities, Taylor assured industry that traditional geosynchronous systems will still have a role to play. “I think they all have a role,” Taylor said. “But where we need industry's help is getting after the ability to leverage each of those capabilities without having to leverage three different types of systems.” Preliminary design review for Capability Set '23 is scheduled for April next year, with critical design review one year after that. Taylor said his team is also focusing on scalable and multi-band antennas so soldiers don't have to change out “feed horns” to change bands. The team also wants to automate the primary, alternate, contingency and emergency, or PACE, decision-making process based on network quality, metrics and availability, Taylor said. Project Manager Tactical Network is focusing on next-generation line-of-sight and beyond-line-of-sight communications capabilities as part of a pushing by PEO C3T is to improve low-probability intercept/low-probability detect for Capability Set '23. Additionally, Taylor said his team will “always” be looking for industry's help reducing cost, size, weight and power for the baseband. Taylor's program is also looking for solutions to system provisioning for the next iteration of network tools. “The initialization of the routers and switch[ing] the firewall [configurations] and then how we automate that process and move that out across the network continues to be a challenge.” https://www.c4isrnet.com/battlefield-tech/it-networks/2020/09/03/us-armys-tactical-network-team-looks-to-satellites-for-next-iteration-of-tools/

  • Army Hopes Microsoft App Will Help Reduce Heavy Soldier Loads

    August 27, 2019 | International, Land

    Army Hopes Microsoft App Will Help Reduce Heavy Soldier Loads

    By Matthew Cox The Army is finalizing a new, web-based modeling app -- developed by Microsoft -- that will allow soldier equipment officials to see how hanging new pieces of kit on close-combat troops could affect a squad's performance. "For a long, long, long time, we have struggled with the ability to be able to show in a quantitative manner how a new component or an upgraded component will affect the effectiveness of a soldier and squad," John Howell, current lead for the Army's new Adaptative Squad Architecture effort, told an audience Tuesday. He spoke at the first industry day for what Army officials hope will lead to a new framework developing future capability sets for dismounted soldiers that are far lighter and more streamlined than today's assortment of tactical gear. While still in its early stages, the Architectural Assessment Tool is designed to be a collaborative tool for project managers and requirements officials to view digital models of soldiers kitted-out in current-issue gear to form a baseline. In a quick demo, Howell made a copy of the squad leader configuration baseline and then replaced his M4A1 with an M249 squad automatic weapon and the accessories needed for it. "This is where you start to get into a little bit of the quantitative assessment piece," he said, showing how the app immediately calculates the weight added from the change. "What you notice immediately is that this special squad leader now weighs 30 pounds more." It's a simple example, "but just to get to this point is quite a big step," Howell said. "In order to treat the soldier as an integrated weapons platform, this is the kind of thing you need to be able to do." Adaptive Squad Architecture is the latest attempt by the Army to treat the soldier as a complete system, breaking away from the long practice of developing individual pieces of equipment and fielding them. "We build the soldier out like a Christmas tree and our products are like ornaments, and we just continue to hang products off our soldiers until the soldier gets so heavy, they can't move," said Brig. Gen. Anthony Potts, head of Program Executive Office Soldier. Potts told the mix of small and large defense companies in attendance that the Army needs a new approach to developing capability sets of equipment that are much lighter than the roughly 120-pound loads dismounted infantrymen carry today. "If I can give you an architecture ... you can look at this and say, 'You know what? I've got an idea that I can combine three of those capabilities into one,'" Potts said. "Those three capabilities might weigh 4.5 today and you go, 'You know, I can bring it to one and I can bring it to you for 2.75 pounds.' "Let me tell you something, if you do that, you have my interest." In addition to the web-based assessment tool, the Army is also conducting evaluations that involve running infantry squads through tactical lanes at Camp Shelby, Mississippi, to build a database of performance data, Potts said. "We are doing a correlation of data on squad performance, how the individual data on that soldier relates to the individual performance and how it relates to the entire squad's performance," he said, adding that he is sending a five-member team to Afghanistan in October to embed with the 75th Ranger Regiment to do more data collection. "We want to be able to make data-driven decisions on some of the places we are going for in materiel development in the future," Potts said. Under the soldier lethality priority in the Army's new modernization strategy, the service is developing advanced new kit such as the Integrated Visual Augmentation System, or IVAS, a Microsoft technology that will let soldiers view their weapon's sight reticle and other tactical information through a pair of tactical glasses. The Army is also developing the Next Generation Squad Weapon, a replacement for the M4A1 and M249 that promises to offer significant weight savings on the weapon as well as the ammunition, Army officials have said. But Potts realizes that it's still up to commanders to decide how much weight their soldiers carry into battle. "A commander may believe that if we gave him 20% lighter ammunition or 30% lighter ammunition and he feels like the fight he's going into ... means he can take 20 or 30% [more ammo], that's a commander's call," he said. On the other hand, Potts said a commander may decide "I'm going up a hill at 90 degrees; I'm going to take that 30% weight savings because that's what I think is the most important thing to me." "I think what we are going to do is give commanders more options on what they can do with their formations that they have never had before, because the basic load that we will provide through the architecture will be lighter. ... As we draw down the weight of our body armor, draw down the weight of our ammunition, draw down the weight of our automatic weapons, you are going to free up space in there that's going to make it lighter," Potts said. https://www.military.com/daily-news/2019/08/22/army-hopes-microsoft-app-will-help-reduce-heavy-soldier-loads.html

  • Pentagon to oversee $3 billion effort to strengthen microchip supply

    September 16, 2024 | International, C4ISR

    Pentagon to oversee $3 billion effort to strengthen microchip supply

    The program aims to create a production capability that specifically addresses military requirements for advanced semiconductors.

All news