22 décembre 2024 | International, Naval
14 avril 2022 | International, Naval
HII wants to highlight its growing offerings in the unmanned, AI and big data areas, not just the large warships it's known for building.
22 décembre 2024 | International, Naval
8 août 2019 | International, Sécurité
By: Andrew Eversden The Air Force invited ethical hackers into its IT networks again this spring, allowing good guys the chance to infiltrate its enterprise-wide Air Force Common Computing Environment in search of vulnerabilities, the white hat hacking company Bugcrowd announced Aug. 6. The bug bounty program, done in a partnership with Bugcrowd and the Air Force's CCE program office, found 54 vulnerabilities. Bug bounties work under the assumption that the customer, in this case the Air Force, will now close the loopholes the hackers found, making the system more secure. The CCE cloud uses Amazon Web Services and Microsoft's Azure commercial cloud. The service plans to migrate more than 100 applications to that cloud environment, Bugcrowd executives said. The largest payout from the bug bounty totaled $20,000. The event ran from March 18 to June 21 at Hanscom Air Force Base in Massachusetts. Casey Ellis, Bugcrowd founder and CTO, said it was the first time Bugcrowd has worked with the Air Force. The Air Force has completed several other white hat hacking events with the firm HackerOne. Ellis said that moving to the cloud from on-premise environment represents a “paradigm shift” for many organizations. Penetration testing is an important part of keeping that environment secure, he said. Bugcrowd conducted such tests in six phases: source code analysis, AWS environment testing, Azure environment testing, black box network authentication assessment, social engineering engagement and Air Force portal testing. Bugcrowd declined to discuss how many vulnerabilities were found throughout each stage of the process. According to a news release from the Air Force from April, the CCE currently houses 21 Air Force applications and "has room for countess more.” The computing environment allows the Air Force to have a cloud to host its applications that reside on its Global Combat Support System, which is a centralized, cohesive enterprise resource planning system. The Air Force said in the April release that each migration costs $446,000 and that the service has spent more than $136 million on the program since 2016. https://www.fifthdomain.com/dod/air-force/2019/08/06/the-air-force-sends-good-guys-in-to-hack-its-cloud/
9 décembre 2020 | International, C4ISR, Sécurité
Mark Pomerleau WASHINGTON — The U.S. military and Australia announced a first-of-its-kind agreement to develop a virtual cyber training range together. U.S. Cyber Command will incorporate Australian Defence Force feedback into the Persistent Cyber Training Environment (PCTE), per a Cyber Training Capabilities Project Arrangement signed Nov. 3. This agreement is valued at $215.19 million over six years and provides the flexibility to develop cyber training capabilities for the future, Cyber Command said in a release Dec. 4. PCTE is an online client that allows Cyber Command's warriors to log on from anywhere in the world to conduct individual or collective cyber training and mission rehearsal. In the physical world, military forces regularly go to a training facility, such as the National Training Center at Fort Irwin, to work on particular concepts or rehearse before deploying. But a robust environment has not existed for the Department of Defense's cyber warriors, creating readiness gaps. The program is run by the Army on behalf of the joint cyber force. “Australia and the U.S. have a strong history of working together to develop our cyber capabilities and train our people to fight and win in cyberspace,” said Australian Army Maj. Gen. Marcus Thompson, the Australian signatory and head of Information Warfare for the Australian Defence Force. “This arrangement will be an important part of the ADF's training program, and we look forward to the mutual benefits it will bring.” In the past, the two countries created cyber training ranges separately, which could take months and stymied cooperation efforts, Cyber Command noted. U.S. officials have long held that the military will never fight alone, and this extends to cyberspace. “This project arrangement is a milestone for U.S.-Australian cooperation. It is the first cyber-only arrangement established between the U.S. Army and an allied nation, which highlights the value of Australia's partnership in the simulated training domain,” said Elizabeth Wilson, U.S. signatory and Deputy Assistant Secretary of the Army for Defense Exports and Cooperation. “To counter known and potential adversarial threats, the Army has recalibrated our strategic thinking; we've made smart decisions to refocus our efforts to invest in the new, emerging and smart technologies that will strengthen our ability to fight and win our nation's wars.” Gen. Paul Nakasone, head of Cyber Command and the National Security Agency, has made partnerships — with other nations, private sector actors and academia — a key pillar of his tenure. Cyber Command has deployed personnel to other nations to conduct what it calls hunt forward missions, which serve the dual role of helping shore up defenses of partners while allowing U.S. cyber personnel to potentially uncover tools used by adversaries to better understand their techniques. Congress, in the annual defense policy bill for fiscal 2021, also authorized a pilot program with Vietnam — which many cyber experts assert is rapidly growing its cyber capabilities — Thailand and Indonesia to enhance their cybersecurity, resilience and readiness of military forces. https://www.c4isrnet.com/cyber/2020/12/04/dod-and-australia-ink-first-ever-cyber-training-partnership/