6 septembre 2023 | International, Terrestre
Defence Minister Bill Blair to visit Halifax for Inaugural Halifax International Fleet Week
The Honourable Bill Blair, Minister of National Defence, will visit Halifax from September 6-7, 2023.
27 avril 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité
In chaos, there’s opportunity … and that’s bad news
James Yeager
This year is only four months old and it's already one for the history books — and not in a great way.
As the defense community works in tandem with the broader government to keep citizens safe and healthy, cybersecurity threats are only becoming more aggressive.
If we've learned anything about cyber adversaries, it's that they will seize on any opportunity to gain an advantage in targeting their victims, including exploiting the fears of the public during a global pandemic. As COVID-19 has moved from the East to the West, adversaries have followed suit, using lures that play into people's desperation for information on the disease. In “The Art of War,” Sun-Tzu said“In the midst of chaos, there is also opportunity.”
The COVID-19 virus is infecting more than just people. The pandemic has created chaos and handed adversaries an irresistible opportunity to exploit the situation to gain entry into our networks, whether that's to steal intellectual property, disrupt operations, or gain a strategic advantage if they are a nation-state actor.
Already, we are seeing an increase in phishing campaigns using COVID-19 as a hook to launch malware in emails disguised as alerts. Particularly vulnerable are the thousands of remote workers — government employees and contractors alike — who are using their own home networks, which are largely less sophisticated and secure than their work environments.
The stakes are high, particularly for those in defense jobs, where an errant click can have devastating consequences. Coincidently, 2020 is the year when the DoD's Cybersecurity Maturity Model Certification has grown teeth and will force more than 300,000 defense contractors to up their cybersecurity game or face bottom-line consequences. Now is not the time to make mistakes.
In CrowdStrike's recent Global Threat Report, we captured and analyzed real-world inputs from observed trends in cyber-attacks on commercial and government enterprises. The following are some of the notable attack vectors and trends we observed across the public sector during 2019:
- An escalation in ransom demands, including ransomware attacks on defense supply chain providers, schools and local municipalities.
- Surpassing the volume of malware attacks are malware-free attacks that use code which executes from memory or stolen login credentials.
- Continued state-sponsored targeted intrusions aimed at the government and defense sector. In fact, we have witnessed adversaries exploiting fear around COVID-19 to socially engineer their way to user credentials and sensitive data.
In the months ahead, I contend we'll see many more of the same tactics from the same bad actors: Russia, China and newer players on the block, such as Iran, which has leveraged U.S. social media platforms to develop information operations campaigns.
Amidst massive change, periodic chaos and long-term disruption, the defense community — government and industry — must put a premium on speed. Speed to detect. Speed to investigate. Speed to mitigate. We recommend that agencies and companies implement cybersecurity practices that follow the 1-10-60 Rule: detect intrusions within 1 minute; investigate and gain a comprehensive understanding of the attack within 10 minutes; and contain and remove the threatening adversary from the network within 60 minutes.
This benchmark will limit the damage caused by inevitable attacks. Yes, inevitable. Cyberattacks are a constant and while building a bigger, wider and thicker wall may help keep bad actors out, they are persistent and determined enough to eventually get in, and when they do, you're on the clock.
This year will only get worse as the impacts of COVID-19 will be deep, damaging and long-lasting. We're all faced with loss and uncertainty as we attempt to recover from the global pandemic. For the defense community, there is no time to recover and regroup. You are already on the clock, as those who wish to do our nation harm are already hard at work.
https://www.fifthdomain.com/opinion/2020/04/24/in-chaos-theres-opportunity-and-thats-bad-news/
Sur le même sujet
-
-
4 juin 2021 | International, Aérospatial
Multibeam antenna to improve communication passes first Air Force trials
The prototype antenna will be able to connect to multiple satellites simultaneously in different orbital ranges.
-
4 février 2021 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité
As mission-capable rates languish, Pentagon should embrace digital engineering
Ben Kassel and Bruce Kaplan While many Pentagon initiatives face a change of course under new Defense Secretary Lloyd Austin, its digital engineering strategy deserves a push forward. The strategy, issued in 2018 by then-Under Secretary of Defense for Research and Engineering Michael Griffin, aimed to help military services harness modern sustainment methods like additive manufacturing, digital twin and augmented reality. For the Department of Defense, enterprisewide implementation of these techniques would lower costs, increase weapon systems' mission-capable rates and afford flexibility in fleet modernization. But digital engineering requires digital, 3D data — and the DoD doesn't have enough. Modern sustainment practices hinge on the availability of what's known as the model-based definition, 3D models and digitized descriptive information for a system or component. Using computer-aided design programs, engineers can manipulate the data to enable practices like condition-based maintenance, eliminating weapon systems' unnecessary downtime. Digital data can facilitate seamless transit from original equipment manufacturers, or OEM, to procurers and sustainers in the field and at maintenance depots worldwide. However, the technical data for most weapons systems remains elusive to the services and their program management offices, or PMO, or the datasets are available only in 2D documentation, such as blueprints. Meanwhile, readiness suffers. Of 46 weapons systems reviewed by the Government Accountability Office, only three achieved annual mission-capable targets at least five times between 2011 and 2019. More than half (24) failed to meet their goal even once, according to GAO's November 2020 report. The KC-13OJ Super Hercules air refueler and the MV-22B Osprey tiltrotor were among the programs to miss their target all nine years. GAO cited inaccessible technical data as a contributing factor for both programs. Of the Super Hercules, the report says: “The Navy and Marine Corps were unable to obtain the technical data of the aircraft ... the lack of the technical data compromises [their] ability to analyze and resolve sustainment issues.” Similar concerns were raised about the P-8A Poseidon anti-submarine aircraft, saying “technical data needed for maintenance has not been readily available to the Navy.” Dozens of systems, including the F-35 fighter jet, face similar obstacles. Notably, the GAO report referred not to 3D, model-based data but rather legacy incarnations: blueprints and documents that may have been converted “digitally” into PDFs. This is a far cry from the machine-readable formats required to use digital engineering technologies across the enterprise. The GAO cited the production of 170 “structural repair manuals” as a means of narrowing the Osprey's technical data gaps. The labor-intensive replication of physical documents — the PMO projected five years to deliver all of them — is a piecemeal solution, at best. Troublingly, modern sustainment methods seem beyond the reasonable expectation of not just PMOs but even forward-looking organizations like the GAO. To foster its DoD-wide implementation, the digital engineering strategy needs reinforcement, which could take the following forms: Champion the availability of model-based technical data in policy. Modern sustainment requires a shift from decadesold practices. Paper data that supports secondhand manuals and haphazard 2D-to-3D conversion should no longer be the norm. Services cannot lead this transition on their own, however. Federal guidance on the acquisition, creation, use and management of authentic, model-based technical data would jump-start the movement toward digital sustainment. Educate PMOs to acquire technical data rights strategically. Policy must be partnered by the right mindset. One reason PMOs don't have technical data is that sometimes they never asked for it. An afterthought at the time of procurement, technical data is often overlooked until maintenance is needed. Then it's too late — or too expensive — to acquire the needed rights. Leadership can encourage PMOs to identify potential sustainment solutions — and the technical data rights needed to execute them — at the time of acquisition. Assert the government's rights to model-based technical data. A sea change in sustainment depends on building unprecedented trust between OEMs and PMOs. OEMs understandably need to protect intellectual property, but their grip on model-based technical data must loosen for digital sustainment to flourish at scale. This can be accomplished without OEMs surrendering their competitive advantage. In many cases, OEMs need not transfer custody of the data itself for sustainment activities. Limited-rights agreements and trusted third-party arrangements can be tailored to enable data availability only when needed or to execute specific solutions. Giving OEMs confidence in these approaches will entail extensive dialogue and commitment by DoD leaders. Given the GAO's assessment, seeking a breakthrough is worth the attempt. Operationalizing the DoD strategy requires work in other areas as well, particularly in removing intra- and inter-organizational stovepipes, and securing the data's transmission and storage. But the first step toward a model-based sustainment enterprise is ensuring the availability of modern technical data. This need will only grow more crucial. Today's sustainment practices too closely resemble those of 30 years ago, not what they should be 30 years from now. We're already playing catch up. It's time to view sustainment with 3D glasses. Ben Kassel is a senior consultant at LMI. He previously worked with the U.S. government on defining and exchanging technical data used for naval architecture, marine and mechanical engineering, and manufacturing. Bruce Kaplan is a fellow at LMI. He previously served as technical director of logistics for research and development at the Defense Logistics Agency. https://www.c4isrnet.com/opinion/2021/02/03/as-mission-capable-rates-languish-pentagon-should-embrace-digital-engineering/