Back to news

September 3, 2019 | International, Security

What’s changing in the cyber domain? We ask industry experts

By: Andrew Eversden

“What are you talking about now in cybersecurity that you weren't talking about six months ago?”

Fifth Domain posed this question to cybersecurity experts at Black Hat, a cybersecurity conference in Las Vegas, Nevada, that ran from Aug. 3-8. With the cyber domain rapidly evolving, we wanted to know how conversations within the cyber community are changing.

Some pointed to a new focus on utility systems and web-connected devices that sit on critical infrastructure.

“It's only a matter of time until there's another major disruption in an electric utility somewhere in the world, probably not in the U.S., but elsewhere,” Sergio Caltagirone, threat intelligence director at Dragos, said at the conference Aug. 5. “But oil and gas has the higher likelihood of a major destructive and loss-of-life event. And I think most people did not realize how close to that we actually were.”

Caltagirone was referring to the TRISIS event, malware that struck industrial control systems at a Saudi Arabian petrochemical plant and could've caused physical harm. He said that in the aftermath of that attack, threat researchers diving into the details realized just how bad it could've been.

“We started finding a lot of stuff which hadn't been found before,” Caltagirone said. “Which made us realize very quickly how close that space is to a major event.”

Dave Weinstein, chief security officer at Claroty, pointed to an “explosion” of devices connected to the internet of things..

“It's really a product of this general consensus among industrial organizations that the benefits exceed the costs in terms of embracing this type of digital transformation," Weinstein said Aug. 8, adding that organizations must be “mindful” of these devices and have a plan to mitigate their potential vulnerabilities.

Brian Costello, a senior vice president at Flashpoint, told Fifth Domain on Aug. 8 that he is more often than before focusing on targeted cyberattacks from bad actors. That's a shift away from “campaign-based” attacks that tracked.

There's “more planning out, more scoping out of targets and taking long-term planning to go after [a] particular target with a specific asset in mind,” Costello said.

Along that same vein, Julian Zottl, a senior cyber architect at Raytheon, said he's noticing more inclusion of all-source intelligence in threat analysis.

“We're looking at ... all the sources and trying to figure out indicators,” Zottl said Aug. 7. “[We're] even trying to do predictive analytics now, where it's like, ‘Oh, we see this threat might be coming.' I think that's something that we're starting to talk about more and more.”

Several cybersecurity professionals interviewed by Fifth Domain said the U.S. government is moving away from the classic cyber kill chain and over to the MITRE ATT&CK framework, which dives deeper into potential threats to information security.

“They used to think the hackers would just come in to steal secrets, conduct espionage and then leave,” said Tom Kellermann, chief cybersecurity officer at Carbon Black and a former commissioner on the Commission on Cyber Security for then-President Barack Obama.

“In fact, they're maintaining persistence in these systems. They're manipulating the integrity of data and then they're using federal government agencies themselves and personnel's devices themselves to target anyone who implicitly trusts that person, that agency, that department.” he told Fifth Domain on Aug. 6.

Chris Kennedy, chief information security officer at AttackIQ and a former official with the Treasury Department and the Marine Corps, said these new frameworks in use along with federal continuous monitoring programs allow for more attacker emulation, essentially simulating the attack agencies could face.

“Agencies are starting to realize the value of attacker emulation as a way to measure and benchmark the effectiveness of their security controls,” Kennedy said on Aug. 7.

And with government agencies in different stages of cloud migration, agencies will need to learn how that fits into their cybersecurity posture. Marten Mickos, CEO of white hat hacking company HackerOne, said this a new discussion. He also said the conversation surrounding the use of ethical hackers in government environments has evolved: The word “hacker” is becoming more accepted.

“I do think it signals a shift in mindset," Michos said. There's a realization that "those people who portray themselves as hackers are actually those who will rescue us, not those who will destroy us.”

Despite all the changing technology and evolving threats, one aspect of cybersecurity remains set in stone, said M. K. Palmore, a field chief security officer for the Americas at Palo Alto Networks and a recently retired FBI cyber agent.

“It's about adhering to cybersecurity fundamentals,” Palmore said. “That message hasn't changed regardless of my position or where I'm located.”

https://www.fifthdomain.com/show-reporters/black-hat/2019/08/30/whats-changing-in-the-cyber-domain-we-ask-industry-experts

On the same subject

  • BAE teams up with Elbit on combat vehicle tech

    October 22, 2020 | International, Land, C4ISR

    BAE teams up with Elbit on combat vehicle tech

    Jen Judson BAE Systems is teaming up with Elbit Systems of America to develop combat vehicle technology, according to an Oct. 21 BAE statement. “The arrangement is focused on validating and integrating new technologies on combat vehicle systems to deliver advanced warfighting capabilities,” the statement reads. On the eve of the start of the Army's second attempt to hold a competition to replace its Bradley Infantry Fighting Vehicle with an Optionally Manned Fighting Vehicle (OMFV), the announcement could signal BAE's plans to take a shot in the new effort. BAE Systems — Bradley's manufacturer — opted out of the previous OMFV competitive effort because the company felt the requirements and timeline to design, develop and field a new vehicle wasn't realistic. And the Army ended up withdrawing its first solicitation in that competition because just one competitor was able to deliver a physical bid sample within the required timeline. BAE has been quiet about whether it plans to invest its time and money into the new OMFV competition, but a partnership with Elbit, which is a leader in advanced turret solutions, could be a sign that it will participate this time around. “The teaming arrangement will explore crew automation, vehicle protection systems and other defensive and offensive systems for integration into turrets of various cannon calibers and supporting weapon systems for combat vehicles,” according to the statement. “BAE Systems and Elbit America are investing in transformational combat vehicle technologies and turret solutions that will greatly enhance the lethality and survivability of next-generation combat vehicles for the U.S. and international militaries,” Jim Miller, director of business development at BAE Systems, said. “Our relationship demonstrates a commitment to provide our customers with solutions for future battlefields based on our collective combat vehicle expertise.” The day before the announcement, Rheinmetall put out a statement saying it was teaming with Textron Systems to pitch its Lynx41 vehicle for the OMFV competition. Rheinmetall made an unsuccessful attempt last year to enter the OMFV competition with Raytheon as a US-based partner, but said it was unable to get its single Lynx vehicle in existence to the United States by the Army's due date to deliver a physical bid sample. General Dynamics Land Systems is also expected to compete in the OMFV competition. It was the only company to deliver physical bid sample in the last go-around. The Army is not requiring a bid sample in the new OMFV competition. The Army put out a draft solicitation in July and plans to release its request for proposals to industry in December. The service plans to request whitepapers and then choose five prime contractor teams to design rough digital prototypes. The service will then award up to three contracts for a detailed design and prototype phase that will include options for low-rate initial production. One vendor will be selected to go into production. https://www.defensenews.com/land/2020/10/21/bae-teams-up-with-elbit-on-combat-vehicle-tech/

  • UK nears final stage of Skynet competition

    May 25, 2020 | International, C4ISR

    UK nears final stage of Skynet competition

    LONDON — Britain's Ministry of Defence is about to launch the final stage of a competition to manage ground station capabilities for the armed forces Skynet satellite communications network by early June, say industry executives. Release of the invitation to negotiate documents to several industry consortia had been expected last week. Although the date appears to have slipped a little, industry executives, who asked to not be identified, say they still expect the MoD to trigger the final stage of the competition “imminently.” The documents are expected to be issued to selected bidders within the next two weeks. Four bidder groups are in line to be selected for the next stage of negotiations, said people with knowledge of the competition. The ground control elements of the MoD's existing Skynet 5 network are currently managed by Airbus Defence & Space as part of a long running private finance initiative deal with the MoD originally awarded in 2003. Part of that deal is now coming to a close with Airbus's hold on the ground control management of Skynet finishing in August 2022. A one year transition period is expected to kick off in 2021, if Airbus has to handover the role to a challenger. The new competition, for a program known as the service delivery wrap, aims to compete management of the ground control stations until a new generation of communication satellites are launched around 2028. That phase is being called the enduring capability element of the Skynet 6 program. Together the service delivery wrap and the enduring capability competitions are the main parts of a Skynet 6 program, which is aimed at taking Britain's satellite communications into a new era at a cost in the vicinity of £6 billion ($7.3 billion). A new satellite, known as Skynet 6A, is being acquired from Airbus to ensure communication capabilities are not compromised ahead of the new generation of satellites becoming available later in the decade. Negotiations on that deal have been dogged by delays. A new satellite, known as Skynet 6A, is being acquired from Airbus to ensure communication capabilities are not compromised ahead of the new generation of satellites becoming available later in the decade. Negotiations on that deal have been dogged by delays. Airbus were named preferred contractor for Skynet 6A as far back as 2017 but the full contract for that deal has yet to be signed. The company, Britain's biggest space contractor, has been working on long lead components of the satellite in order to stay on track. A contract for the manufacturing of long lead items and preliminary design work was signed, but not announced by the MoD and Airbus in March. A second phase of the Skynet 6A deal covering build, test, launch and deployment is currently working its way through the MoD and wider government approvals process. A spokesman for Airbus told Defense News “We are working on elements of 6A. We are hoping for a full contract mid-year.” With one exception, it's not clear who the runners might be in the final stages of the service delivery wrap competition, as the MoD has insisted all contenders sign a non-disclosure agreement preventing all communication with the media and others. Competing teams are not even allowed to publicly acknowledge they are interested in bidding. The exception is a team made up of service provider Serco, satellite operator Inmarsat, IT specialist CGI UK and the U.K. arm of defense giant Lockheed Martin. It announced its teaming arrangement late last year, just ahead of the MoD bringing the shutters down with its non-disclosure order. The four companies reinforced their bid credentials May 19, announcing they were forming a team known as Athena, after the Olympian god of war and wisdom, to bid for upcoming U.K. and overseas military and civil space capability programs. Kevin Craven, the CEO for Serco UK & Europe, called Athena an “exciting new team that will deliver enhanced space-based technologies and services from the U.K. Athena will boost British capabilities, as well as the economy, via growth in this fast-moving, developing sector. The launch of Athena also ensures diversity and choice in the U.K. space sector for future sustainable development.” There was no mention of Skynet 6 in the Athena announcement. It did however say that Athena will “work on a number of opportunities that leverage space-based technologies, their ground-based systems and end-to-end services as they arise, both in the U.K. and internationally.” A spokesman for Athena declined to comment on whether they were bidding for the service delivery wrap program, but it's clear they are a contender given the announcement of their interest last December when industry prequalification questionnaires had to be returned to the MoD. It remains a matter of speculation for the moment who the other bidders are. Previously Airbus, Babcock, Boeing, BT and Viasat have all been unofficially linked with having an interest in the competition. Companies Defense News tried to contact either declined to comment or didn't return calls. For Serco, who already provide some of the manpower for the current Airbus Skynet ground station operation, the Athena teaming is the latest in a string of announcements over the last few week that have reinforced its position as a space sector services provider here. In short order the company has secured separate contract extensions to continue to operate and maintain key ballistic missile defense radars at Fylingdales, northern England and as part of the Skynet 5 program providing support to the U.S. Air Force Satellite Control Network (AFSCN) at Oakhanger, southern England. The U.S. division of the company announced early April it had been awarded a deal to manage and maintain the U.S. Space Force ground-based electro-optical deep space surveillance (GEODSS) system. https://www.c4isrnet.com/battlefield-tech/space/2020/05/22/uk-nears-final-stage-of-skynet-competition/

  • Les Armées détaillent la feuille de route du porte-avions de nouvelle génération (PANG)

    April 26, 2021 | International, Aerospace, Naval

    Les Armées détaillent la feuille de route du porte-avions de nouvelle génération (PANG)

    DÉFENSE Les Armées détaillent la feuille de route du porte-avions de nouvelle génération (PANG) La coque du futur porte-avions de nouvelle génération (PANG) sera construite et assemblée de 2031 à 2034, avant les essais en mer en 2036 et l'entrée en service en 2038. Il semblerait que la configuration avec deux catapultes électromagnétiques EMALS de General Atomics soit privilégiée par le ministère des Armées. En ce sens, d'ici la fin de la décennie, un Rafale Marine (Dassault Aviation) doit vérifier sa compatibilité avec cette EMALS (Electromagnetic Aircraft Launch System) et les brins d'arrêt américains. La valeur des équipements américains serait évaluée à 3 milliards de dollars (trois avions-radar Northrop Grumman E-2D, catapultes électromagnétiques de General Atomics, brins d'arrêt et aides à l'appontage). Se poserait donc la question des offsets. A l'occasion de l'achat des trois E-2C dans les années 90, l'entreprise Potez Aéronautique est devenue sous-traitante à part entière dans le programme. Air & Cosmos, 22 avril

All news