Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

Sur le même sujet

• 

  3 septembre 2019 | International, C4ISR

  DoD ‘Office’ Functions Move To Cloud In Multi-Billion-Dollar Contract

  By BARRY ROSENBERG WASHINGTON: Overshadowed by the dispute with DoD's planned single-award JEDI cloud contract is another multi-billion-dollar single-award cloud contract awarded today that will actually determine the software that military personnel and civil servants use every day. Under the $7.6 billion 10-year Defense Enterprise Office Solutions (DEOS) cloud contract, the Pentagon will use Microsoft productivity tools such as word processing, spreadsheets, email, collaboration, file sharing, and storage — Office 365. Those applications presently reside mostly on legacy desktop computers, and will transition to a cloud-based solution across all military services. The result should be improved cybersecurity, for one thing. “The notion is that if you have it professionally and centrally managed it should be better patched and configured than having hundreds of individually managed servers,” said David Mihelcic, former chief technology officer at the Defense Information Systems Agency (DISA) and now a consultant with DMMI. “This seems reasonable, but I don't think there is any cyber magic in DEOS either.” The joint General Services Administration/Defense Department DEOS blanket purchase agreement was awarded to CSRA (acquired by General Dynamics in April 2018 for $9.7 billion) and its subcontractors Dell Marketing (a wholesale distributor of computers, peripherals, and software) and Minburn Technology (a value added reseller that specializes in Microsoft enterprise software agreements). The award includes a five-year base period with two two-year options and one one-year option. “DOD's cloud strategy includes both general purpose and fit-for-purpose clouds (and) DEOS is a great example of a fit-for-purpose cloud that supports our multi-cloud strategy,” said DOD Chief Information Officer Dana Deasy in a statement. “DEOS will streamline our use of cloud email and collaborative tools while enhancing cybersecurity and information sharing based on standardized needs and market offerings. “The journey to the cloud has been, and will continue to be, an iterative learning process. All lessons learned from pilot programs and the department's early cloud adopters have been rolled into this solution. DEOS takes advantage of technical, security and contractual lessons from these ongoing pilots, while military services are leveraging them to assess the readiness of their infrastructure to support migration to DEOS.” DEOS includes voice, video, and text collaboration capabilities, which the DoD already has with capabilities under enterprise services like: Defense Collaboration Services (DCS), which provides secure web conferencing and instant messaging services on the Non-secure Internet Protocol Router Network (NIPRNet) and Secure Internet Protocol Routing Network (SIPRNet), and Extensible Messaging and Presence Protocol (XMPP) chat. “Will it be an improvement over the current capabilities? I guess we will see,” said Mihalcic. “I can't say I found the collaborative capabilities of O365 better than what we had in DoD.” While DEOS on the surface appears to provide a back-office function, it can also be considered a weapon system given that it will provide common enterprise applications at local base, post, camp, and station levels — including deployed and afloat organizations — over the sensitive but unclassified NIPRNet and the secret SIPRNet, to include operations in Denied, Disconnected, Intermittent, and Limited Bandwidth (D-DIL) environments. “I would say almost certainly (DEOS is a warfighting capability), especially the SIPR instance,” said Mihelcic. “DoD uses email, chat, and DCS collaboration in support of warfighting today and this will now take on those needs. “As for DIL environments, DISA had threshold requirements for deployable instances in the draft RFP. The vendor most likely will satisfy with existing MS Exchange and Sharepoint software on deployable servers. To be honest, I think that most tactical units, including deployed Marines and Navy afloat, will stick with what they have.” https://breakingdefense.com/2019/08/dod-office-functions-move-to-cloud-in-multi-billion-dollar-contract/

• 

  18 septembre 2019 | International, Aérospatial

  New deal moves Britain’s Protector drone closer to civilian airspace approval

  By: Sebastian Sprenger COLOGNE, Germany — General Atomics has nabbed a $125 million contract from the United Kingdom to make that country's Protector military strike drone certifiable to fly alongside civilian traffic, pushing the company's agenda to be first in Europe with such a system. The money will help “complete” test and evaluation activities needed to demonstrate all safety features leading up to an eventual certification of the aircraft by British authorities, the company said in a statement. Pairing drones with civil aviation in the same, unrestricted airspace involves a complex field of still-evolving regulations. In short, unmanned planes must be equipped with sensors and controls — collectively known under the name “detect-and-avoid” — to be able to avert midair collisions just a like a human pilot would. “This completes another important milestone as we work towards the delivery of Protector to the Royal Air Force (RAF),” General Atomics CEO Linden Blue is quoted as saying in a company statement. “We have completed more than 100 qualification test flights using our two company-owned SkyGuardian.” The British Royal Air Force is slated to receive the first Protector drones in 2024, according to a service statement released during the DSEI defense exhibit in London last week. Installing a detect-and-avoid package on the aircraft became an explicit objective of the program early this year. General Atomics officials said they are working toward a so-called military-type certification by the British authorities in the summer of 2023. According to General Atomics, the company's detect-and-avoid system consists of a “due-regard” air-to-air radar and processor, which is integrated with a “Traffic Alert and Collision Avoidance System (TCAS II),” and an “Automatic Dependent Surveillance-Broadcast (ADS-B).” The Protector also will feature all-weather performance with lightning protection, damage tolerance and a de-icing system, the statement reads. The company hopes the sale of certification-ready drones to the U.K., plus a similar deal with Belgium, will jump-start sales on the continent just as unmanned aviation reaches further into military and everyday life. While General Atomics believes its previous work with the U.S. Federal Aviation Administration will translate into a tangible advantage, European manufacturers are busy readying their own drones for the challenge. One industry insider, speaking on condition of anonymity, said there is a trans-Atlantic rift emerging when it comes to the regulatory framework for integrating large military drones into routine air traffic. On one side, companies like General Atomics are pushing toward a unified approach on both sides of the Atlantic, while manufacturers in Europe are circling the wagons to push a uniquely European path that could make it difficult for the Americans to gain a foothold. https://www.defensenews.com/digital-show-dailies/dsei/2019/09/17/new-deal-puts-britains-protector-drone-closer-to-civilian-airspace-approval/

• 

  15 mars 2021 | International, Aérospatial, C4ISR

  Raytheon wins $178 million contract to support Air Force intel-sharing system

  In addition to providing field support to the Air Force's Distributed Common Ground System, Raytheon will help transition the system of systems to an open architecture.