13 juin 2024 | International, Sécurité
Why SaaS Security is Suddenly Hot: Racing to Defend and Comply
Are your third-party SaaS risks under control? Discover the four-step process to secure your SaaS ecosystem.
8 janvier 2019 | International, Naval, C4ISR
3 ways the Navy wants to protect its weapons from cyberattacks
By: Justin Lynch
They have been hacked, tricked and stolen from. Now the message is clear -- no more.
The Navy is looking to support research in 36 areas that can help protect weapons systems from cyberattacks, Naval Air Systems Command said in a Jan. 7 update to a broad agency announcement.
“It's not necessarily cutting edge research, but it is the first step in cybersecurity quality control that should have already been done,” said Bryson Bort, the founder and chief executive officer of Scythe, a cybersecurity platform.
The Navy had admitted as much.
Research into protecting the department's weapons comes amid reports that the American military suffers from sustained cyberattacks. In December, an Inspector General report found that some in the Pentagon were not taking basic cybersecurity steps to protect its ballistic missile system. Although the Pentagon's weapons are worth roughly $1.66 trillion, an October report from the Government Accountability Office found that “nearly all” American missiles, jets, ships and lethal equipment in development are vulnerable to cyberattacks.
The announcement comes after Congress has mandated the Pentagon address its cyber vulnerabilities.
Three of the research areas the Navy is interested are commonly described as the pillars of strong cybersecurity, no matter the institution. They include:
Dynamic reconfiguration
In an effort to confuse attackers, the Navy wants to research “dynamic reconfiguration.” The National Institute of Standards and Technology defines the term as “changes to router rules, access control lists, intrusion detection/prevention system parameters, and filter rules for firewalls and gateways.”
"Organizations perform dynamic reconfiguration of information systems, for example, to stop attacks, to misdirect attackers, and to isolate components of systems, thus limiting the extent of the damage from breaches or compromises,” NIST officials wrote.
Research by the University of Maryland's Christian Johnson found that pairing predictive analytics with dynamic reconfiguration tactics, the new approach can lead to the "successful development of learning models that identify specific classes of malware such as ransomware,” Johnson wrote in a paper for the RSA conference.
Deception tactics
Experts have long used strategies of physical war in digital battles, including with the use of denial and deception tactics. The Navy wants to boost understanding of this area to better secure its weapons systems.
In 2015, researchers at MITRE, which conducts federally funded research, advocated for a 10-step process for planning and executing deception operations.
“Leveraging classical denial and deception techniques to understand the specifics of adversary attacks enables an organization to build an active, threat-based cyber defense,” a team of researchers wrote.
But the Intelligence Advanced Research Project Activity, the intelligence community's research arm, says that the use of deceptive software and hardware in cybersecurity is still in its infancy.
“Many techniques lack rigorous experimental measures of effectiveness,” the organization said, adding that “information is insufficient to determine how defensive deception changes attacker behavior.”
Artificial intelligence
If there was a common denominator of the federal government's investment in cybersecurity it is the use or artificial intelligence.
The Navy has embraced artificial intelligence since its Task Force Cyber Awakening project in 2015.
“We see that the more we automate our networks and the more we use machines to do the heavy lifting, the better. Our brains do not have the intellectual capacity to process all of that information,” Rear Adm. Danelle Barrett, Navy Cyber Security Division Director,told Defense Systems, a trade publication, in a 2017 interview.
More than half of the challenges and research opportunities announced by IARPA in 2018 involved machine learning, according to an analysis by Fifth Domain.
Cyber Command has embraced the technology in a short time period, Capt. Ed Devinney, director of corporate partnerships at the body, said during the November Cyber Con conference hosted by Fifth Domain.
“If you talked to anyone at the command two or three years ago about a system that would be all autonomous, you probably wouldn't get much traction. But I think there is a growing understanding and consensus that we need to operate at machine speed, especially when talking about active defense of the network,” Devinney said.
He said that everyone likes to use the phrases “artificial intelligence” and “machine learning,” however “there aren't that many people who do AI very well.”
Sur le même sujet
-
-
19 octobre 2020 | International, Aérospatial
Tempest future fighter worth £25bn to UK economy
Harry Lye Analysis from PwC, commissioned by BAE Systems on behalf of Team Tempest, the partnership behind the Tempest future combat air system programme has said that the project to develop a future fighter will contribute at least £25bn to the UK's economy and support an average of 20,000 jobs a year between 2026 and 2050. Team Tempest is a partnership between BAE Systems, Leonardo, Rolls-Royce, MBDA and the Royal Air Force's (RAF) Rapid Capabilities Office, as well as a host of small-medium enterprises and academia. Preliminary findings from the PwC report due to published in full later this year said that the programme including ‘R&D spillover' would add £25.3bn to the UK economy for the first 30 years of the programme and ‘support an average of circa 20,000 jobs every year between 2026 and 2050'. The findings added that for every 100 people directly employed by Team Tempest, a further 270 would be employed across the UK. BAE Systems director combat air acquisition programme Michael Christie said: “Tempest is an exciting and ambitious multi-decade programme that will help to preserve our national security whilst at the same time driving significant economic benefits for the UK. “The initial analysis revealed today demonstrates that Tempest is critical to ensuring the UK can sustain its world-leading Combat Air Sector, preserving the sovereign capability that is essential to retaining military freedom of action for the UK.” rogramme is essential for national security and future prosperity The economic benefits of the programme come alongside the release of more technical details about the future fighter by Team Tempest, which the consortium said can “capture the equivalent of a ‘city's worth of data' in a second”. Tempest is expected to come into service in the mid-2030s and is set to replace the Eurofighter Typhoon within the RAF. The aircraft is set to form part of a broader combat air system that will likely include ‘wingman' uncrewed aerial systems (UAS). ADS chief executive Paul Everitt added: “The Tempest programme is essential for our national security and future prosperity. The high-value design and groundbreaking engineering skills required for success will create a new generation of talent to drive UK industry. “Defence programmes like Tempest offer an invaluable opportunity to secure a recovery from the current Covid-19 crisis. It will embed high-value design and manufacturing skills in the UK for decades to come, sustain thousands of high paying jobs and give apprentices the opportunity to build their career in an iconic programme with massive export potential.” Capture a city's worth of data in a second Team Tempest today also unveiled several insights into the programme including that Leonardo, the programme's electronics lead, was developing new radar systems capable of providing over 10,000 times more data than existing systems. Leonardo director of major air programmes Iain Bancroft said: “The collaborative relationship between Team Tempest and our network of academic and SME partners enables us to bring together the ‘best of the best' engineering talent from across the UK. Crucially, we are embracing new ways of working as an integrated team to dramatically improve efficiency and pace – sharing intelligence and refining our concepts digitally to deliver innovations that will shape the next generation combat air system. “Our new radar technology is a concrete example of the gains this approach has already brought, costing 25% less to develop while providing over 10,000 times more data than existing systems.” The ‘Multi-Function Radio Frequency System' is slated as being able to collect data ‘equivalent to the internet traffic of a large city such as Edinburgh' every second. The new sensor is described as providing a range of ‘abilities beyond traditional radar', with the company having already built complete sub-systems utilising the technology with a path set for airborne demonstrations in the ‘coming years'. On top of this, BAE Systems said it had begun flight-testing components for the aircraft's ‘wearable cockpit' technology. The system will see physical controls in the aircraft replaced with ‘Augmented and Virtual Reality displays projected directly inside the visor of a helmet' allowing them to be configured to meet different missions. A team from MBDA is also working on this technology to ensure the early introduction of weapons concepts. The MBDA team is also looking at how ‘weapons system information and operation' is optimised for pilots. BAE Systems is also exploring the development of a ‘virtual co-pilot' that can take on and automate some of the pilot's responsibilities. ‘Psycho-physiological' technology is also being trialled to measure a pilot's physical and cognitive processes. BAE Systems said this would help better understand ‘increasing exertion, stress, workload and fatigue'. BAE Systems test pilots are currently trialling these technologies on the Typhoon aircraft. Rolls-Royce is working on the programmes ‘advanced combustion system technology'. Team Tempest has said that the next-generation system will need to be ‘hotter than any previous platform' to increase the efficiency of Tempest's engines. The engine manufacturer has also been working on advanced composite materials and additive manufacturing techniques, to produce lighter weight, denser components able to withstand higher temperatures than current parts. https://www.airforce-technology.com/features/tempest-future-fighter-worth-25bn-to-uk-economy/
-
29 septembre 2021 | International, Aérospatial
New UK space strategy sets the stage for defense investments
Britain gave a broad view of where the country is heading in the defense space sector as it launched a national space strategy Sept. 27, but details about London's military ambitions were largely absent from the document.