Retour aux nouvelles

27 avril 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

In chaos, there’s opportunity … and that’s bad news

James Yeager

This year is only four months old and it's already one for the history books — and not in a great way.

As the defense community works in tandem with the broader government to keep citizens safe and healthy, cybersecurity threats are only becoming more aggressive.

If we've learned anything about cyber adversaries, it's that they will seize on any opportunity to gain an advantage in targeting their victims, including exploiting the fears of the public during a global pandemic. As COVID-19 has moved from the East to the West, adversaries have followed suit, using lures that play into people's desperation for information on the disease. In “The Art of War,” Sun-Tzu said“In the midst of chaos, there is also opportunity.”

The COVID-19 virus is infecting more than just people. The pandemic has created chaos and handed adversaries an irresistible opportunity to exploit the situation to gain entry into our networks, whether that's to steal intellectual property, disrupt operations, or gain a strategic advantage if they are a nation-state actor.

Already, we are seeing an increase in phishing campaigns using COVID-19 as a hook to launch malware in emails disguised as alerts. Particularly vulnerable are the thousands of remote workers — government employees and contractors alike — who are using their own home networks, which are largely less sophisticated and secure than their work environments.

The stakes are high, particularly for those in defense jobs, where an errant click can have devastating consequences. Coincidently, 2020 is the year when the DoD's Cybersecurity Maturity Model Certification has grown teeth and will force more than 300,000 defense contractors to up their cybersecurity game or face bottom-line consequences. Now is not the time to make mistakes.

In CrowdStrike's recent Global Threat Report, we captured and analyzed real-world inputs from observed trends in cyber-attacks on commercial and government enterprises. The following are some of the notable attack vectors and trends we observed across the public sector during 2019:

  • An escalation in ransom demands, including ransomware attacks on defense supply chain providers, schools and local municipalities.
  • Surpassing the volume of malware attacks are malware-free attacks that use code which executes from memory or stolen login credentials.
  • Continued state-sponsored targeted intrusions aimed at the government and defense sector. In fact, we have witnessed adversaries exploiting fear around COVID-19 to socially engineer their way to user credentials and sensitive data.

In the months ahead, I contend we'll see many more of the same tactics from the same bad actors: Russia, China and newer players on the block, such as Iran, which has leveraged U.S. social media platforms to develop information operations campaigns.

Amidst massive change, periodic chaos and long-term disruption, the defense community — government and industry — must put a premium on speed. Speed to detect. Speed to investigate. Speed to mitigate. We recommend that agencies and companies implement cybersecurity practices that follow the 1-10-60 Rule: detect intrusions within 1 minute; investigate and gain a comprehensive understanding of the attack within 10 minutes; and contain and remove the threatening adversary from the network within 60 minutes.

This benchmark will limit the damage caused by inevitable attacks. Yes, inevitable. Cyberattacks are a constant and while building a bigger, wider and thicker wall may help keep bad actors out, they are persistent and determined enough to eventually get in, and when they do, you're on the clock.

This year will only get worse as the impacts of COVID-19 will be deep, damaging and long-lasting. We're all faced with loss and uncertainty as we attempt to recover from the global pandemic. For the defense community, there is no time to recover and regroup. You are already on the clock, as those who wish to do our nation harm are already hard at work.

https://www.fifthdomain.com/opinion/2020/04/24/in-chaos-theres-opportunity-and-thats-bad-news/

Sur le même sujet

  • Contract Awards by US Department of Defense - June 7, 2019

    10 juin 2019 | International, Aérospatial, Naval, Terrestre, Sécurité, Autre défense

    Contract Awards by US Department of Defense - June 7, 2019

    NAVY Lockheed Martin Corp., Lockheed Martin Aeronautics Co., Fort Worth, Texas, is awarded a $1,808,545,655 cost-plus-incentive-fee, cost-plus-award-fee, cost-plus-fixed-fee contract for continued design maturation and development of Block 4 capabilities in support of the F-35 Lightning II Phase 2.3 Pre-Modernization for the Air Force, Navy, Marine Corps; and non-U.S. Department of Defense (DoD) participants. Work will be performed in Fort Worth, Texas, and is expected to be completed in August 2026. Fiscal 2019 research, development, test and evaluation (Air Force, Navy, and Marine Corps); and non-U.S. DoD participant funds in the amount of $98,998,910 will be obligated at time of award, none of which will expire at the end of the current fiscal year. This contract combines purchases for the Air Force ($732,460,990; 40.50 percent); Navy ($371,475,278; 20.54 percent), Marine Corps ($345,974,784; 19.13 percent) and non-U.S. DoD participants ($358,634,603; 19.83 percent). This contract was not competitive procured pursuant to U.S. Code 2304(c)(1). The Naval Air Systems Command, Patuxent River, Maryland, is the contracting activity (N00019-19-C-0010). Northrop Grumman Systems Corp., Baltimore, Maryland, is awarded a $958,049,562 firm-fixed-price contract for the procurement of 30 full-rate production Ground/Air Task Oriented Radar units under the portfolio management of Program Executive Officer Land Systems, Quantico, Virginia. This procurement also includes spares parts and retrofit kits. Work will be performed in Linthicum, Maryland (37 percent); East Syracuse, New York (28 percent); Stafford Springs, Connecticut (7 percent); Tulsa, Oklahoma (6 percent); Syracuse, New York (4 percent); Valencia, California (3 percent); San Diego, California (3 percent); Richardson, Texas (3 percent); Farmingdale, New York (2 percent); St. Paul, Minnesota (2 percent); Gilbert, Arizona (1 percent); Phoenix, Arizona (1 percent); Lowell, Massachusetts (1 percent); Littleton, Colorado (1 percent); and Durham, North Carolina (1 percent), and is expected to be complete by Jan. 13, 2025. Fiscal 2019 procurement funds (Marine Corps) in the amount of $194,748,327 will be obligated at the time of award and will not expire at the end of the current fiscal year. This contract award was not competitively procured in accordance with Federal Acquisition Regulation 6.302-1 and 10 U.S. Code § 2304(c)(1). The Marine Corps Systems Command, Quantico, Virginia, is the contracting activity (M67854-19-C-0043). Bath Iron Works, Bath, Maine, is awarded a $61,697,197 cost-plus-award-fee modification to previously-awarded contract N00024-18-C-2313 to exercise options for accomplishment of lead yard services (LYS) for the DDG 51-class destroyer program. LYS provides necessary engineering, technical, material procurement and production support; configuration; class flight and baseline upgrades and new technology support; data and logistics management; lessons-learned analysis; acceptance trials; post-delivery test and trials; post-shakedown availability support; reliability and maintainability; system safety program support; material and fleet turnover support; shipyard engineering team; turnkey; crew indoctrination, design tool/design standardization, detail design development, and other technical and engineering analyses for the purpose of supporting DDG 51 Class ship construction and test and trials. In addition, DDG 51 Class LYS may provide design, engineering, procurement and manufacturing/production services to support design feasibility studies and analyses that modify DDG 51-class destroyers for foreign military sales programs sponsored by the Department of the Navy and the Department of Defense. Work will be performed in Bath, Maine (95 percent); Brunswick, Maine (4 percent), and other locations below one percent (1 percent) and is expected to be completed by June 2020. Fiscal 2015, 2016 and 2017 shipbuilding and conversion (Navy) funding in the amount of $58,345,440 will be obligated at time of award and will not expire at the end of the current fiscal year. The Naval Sea Systems Command, Washington, District of Columbia, is the contracting activity. L3 Communications MariPro Inc., Goleta, California, is awarded a $41,440,334 cost-plus-fixed-fee, indefinite-delivery/indefinite-quantity, sole-source contract to provide support services to sustain U.S. and allied navy training and test and evaluation ranges around the world. L3 will repair or replace original equipment manufacturer systems. Services and associated deliverables include the design, production and installation of both shore electronic systems and ocean sensor system hardware assemblies; operation and maintenance of the delivered hardware to support operational test events of the delivered system, and data products identified in the contract data requirements lists. Other services under this requirement include operating, maintaining, repairing, performing logistics support, refurbishing, modernizing, upgrading, revising, improving, performing information assurance and expanding of range hardware, software and its performance. Work will be performed at various locations throughout the world and is expected to be completed by June 2024. Fiscal 2019 operation and maintenance (Navy) funding in the amount of $245,477 will be obligated at time of award and will expire at the end of the current fiscal year. This contract was not competitively procured, in accordance with 10 U.S. Code 2304(c)(1) - only one responsible source and no other supplies or services will satisfy agency requirements. The Naval Undersea Warfare Center Division Newport, Newport, Rhode Island, is the contracting activity (N66604-19-D-A900). AIR FORCE EMC Corp., Irvine, California, has been awarded a $74,423,388 firm-fixed-price, indefinite-delivery/indefinite-quantity contract for instrumentation support, configuration, management, development, loading, integration, analysis and decommutation (ILIAD) and flight test instrumentation systems operation. This contract provides for greater mission capabilities by accessing contractor personnel with specialized training and expertise in utilization and troubleshooting of the ILIAD system. Work will be performed at Edwards Air Force Base and Irvine, California, and is expected to be complete by June 6, 2024. This award is the result of a sole-source acquisition. Fiscal 2019 research and development funds in the amount of $109,387 are being obligated at the time of award. The Air Force Test Center, Directorate of Contracting, Test Range and Specialized Contracting Branch, Edwards AFB, California, is the contracting activity (FA9304-19-D-0001). DEFENSE LOGISTICS AGENCY Science Applications International Corp., Fairfield, New Jersey, has been awarded a maximum $90,000,000 firm-fixed-price, 254-day bridge contract for facilities maintenance, repair, and operations items. This was a sole-source acquisition using justification 10 U.S. Code 2304 (c)(1), as stated in Federal Acquisition Regulation 6.302-1. Locations of performance are New Jersey, California, Arizona, Nevada, and Utah, with a Feb. 18, 2020, performance completion date. Using military services are Army, Navy, Air Force, and Marine Corps. Type of appropriation is fiscal 2019 through 2020 defense working capital funds. The contracting activity is the Defense Logistics Agency Troop Support, Philadelphia, Pennsylvania (SPE8E3-19-D0008). ARMY Quantum Spatial Inc., St. Petersburg, Florida (W912GB-19-D-0021); and Woolpert-Black & Veatch, Beavercreek, Ohio (W912GB-19-D-0022) will compete for each order of the $49,000,000 firm-fixed-price contract for surveying and mapping services. Bids were solicited via the internet with 10 received. Work locations and funding will be determined with each order, with an estimated completion date of June 6, 2024. U.S. Army Corps of Engineers, Wiesbaden, Germany, is the contracting activity. Encanto Facility Services 2 LLC,* Albuquerque, New Mexico, was awarded a $45,000,000 firm-fixed-price contract for maintenance, repair, upgrade and minor construction of real property facilities at Fort Hood, Texas. Bids were solicited via the internet with 10 received. Work locations and funding will be determined with each order, with an estimated completion date of June 7, 2022. U.S. Army Corps of Engineers, Fort Worth, Texas, is the contracting activity (W9126G-19-D-0031). Exp Federal, Chicago, Illinois (W912GB-19-D-0013); Stanley COWI JV, Muscatine, Iowa (W912GB-19-D-0014); Black & Veatch, Overland Park, Kansas (W912GB-19-D-0012); and WSP USA Inc., Virginia Beach, Virginia (W912GB-19-D-0015) will compete for each order of the $36,000,000 firm-fixed-price contract for general architect and engineering services. Bids were solicited via the internet with five received. Work locations and funding will be determined with each order, with an estimated completion date of June 6, 2024. U.S. Army Corps of Engineers, Wiesbaden, Germany, is the contracting activity. Komada LLC,* Colorado Springs, Colorado, was awarded a $22,090,954 firm-fixed-price contract for repair of Teller Dam at Fort Carson, Colorado. Bids were solicited via the internet with seven received. Work will be performed in Fort Carson, Colorado, with an estimated completion date of Oct. 30, 2020. Fiscal 2019 operations and maintenance Army funds in the amount of $22,090,954 were obligated at the time of the award. U.S. Army Corps of Engineers, Omaha, Nebraska, is the contracting activity (W9128F-19-C-0028). Medvolt Construction Services LLC,* Kansas City, Missouri, was awarded a $18,058,404 firm-fixed-price contract for construction of flood walls, earthen levees, interior storm water piping, tributary channel realignment and bank stabilization, and detention pond with gatewell, at Swope Park Industrial Area in Kansas City, Missouri. Bids were solicited via the internet with three received. Work will be performed in Kansas City, Missouri, with an estimated completion date of Nov. 28, 2022. Fiscal 2019 civil construction funds in the amount of $18,058,404 were obligated at the time of the award. U.S. Army Corps of Engineers, Kansas City, Missouri, is the contracting activity (W912DQ-19-C-1074). The Boeing Co., Ridley Park, Pennsylvania, was awarded a $10,115,993 modification (P00025) to contract W58RGZ-17-C-0059 to support CH-47F Block II Engineering and Manufacturing Development program. Work will be performed in Ridley Park, Pennsylvania, with an estimated completion date of July 27, 2021. Fiscal 2019 research, development, test and evaluation funds in the amount of $10,115,993 were obligated at the time of the award. U.S. Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity. Eco & Associates Inc.,* Tustin, California, was awarded a $10,000,000 firm-fixed-price contract for architect and engineer services. Bids were solicited via the internet with nine received. Work locations and funding will be determined with each order, with an estimated completion date of Dec. 7, 2024. U.S. Army Corps of Engineers, San Francisco, California, is the contracting activity (W912P7-19-D-0004). NWI&T Atkins SB JV LLC,* Idaho Falls, Idaho, was awarded a $10,000,000 firm-fixed-price contract for architect and engineer services. Bids were solicited via the internet with nine received. Work locations and funding will be determined with each order, with an estimated completion date of Dec. 7, 2024. U.S. Army Corps of Engineers, San Francisco, California, is the contracting activity (W912P7-19-D-0005). WASHINGTON HEADQUARTERS SERVICES Copper River Technologies, Anchorage, Alaska, has been awarded a firm-fixed-price, indefinite-delivery/indefinite-quantity with a maximum amount of $21,000,000. The contract is to provide professional-level analytical, communication, event management, and logistics services as well as administrative-level general and executive services to provide continuous process improvement, business process reengineering, and organizational efficiencies support services to Facilities Services Directorate (FSD), Space Portfolio Management Division, other FSD Divisions and satisfy Department of Defense, Office of the Secretary of Defense, and Washington Headquarters Services requirements. Work performance will take place in Arlington, Virginia. Fiscal 2019 operations and maintenance funds in the amount of $3,322,696 are being obligated at time of award. The expected completion date is June 6, 2024. Washington Headquarters Services, Arlington, Virginia, is the contracting activity (HQ0034-19-D-0015). *Small business https://dod.defense.gov/News/Contracts/Contract-View/Article/1870180/source/GovDelivery/

  • Turkey to make its own maritime missile-launching system after sanctions interrupt Lockheed plans

    6 juillet 2021 | International, Naval

    Turkey to make its own maritime missile-launching system after sanctions interrupt Lockheed plans

    Turkish defense company Roketsan is to develop a vertical launching system for the country’s first locally made frigate, after American sanctions disrupted original procurement plans, said naval platforms acquisition official Alper Kose.

  • New European Defence Agency boss warns against ‘rash’ budget cuts by EU members

    23 juin 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    New European Defence Agency boss warns against ‘rash’ budget cuts by EU members

    By: Martin Banks BRUSSELS — The new head of the European Defence Agency, Jiří Šedivý, has thrown down the gauntlet to European Union member states, telling them: “It is up to you to deliver.” In an interview with Defense News, he said the onus is on EU countries “to use the EDA to its full extent.” Šedivý has extensive experience in the defense domain, having served as defense minister and deputy defense minister of the Czech Republic, NATO assistant secretary general for defense policy and planning, and permanent representative of the Czech Republic to NATO. His term comes amid a fast-changing European defense landscape and new EU defense initiatives that are under increasing pressure to deliver results. How will the COVID-19 health crisis affect European defense spending in the near, mid and long term? Let's be realistic: We are still in the middle of the pandemic and, at this stage, nobody can foresee what its exact repercussions will be. But being realistic also means that we have to anticipate, already now, that national and European defense budgets might come under pressure as a result of the massive economic and financial costs of COVID-19, whether we like it or not. Here our answer should be straightforward: Rather than cutting national defense expenditure rashly, let's coordinate, pool and share our resources and invest more in collaborative capability development because a collective approach is much more cost-effective than national solo efforts. The same goes for defense research where national ministries of defense might face problems to receive the same funding than in the past to finance their individual national programs. The best response to shrinking national budgets for defense research is to join forces and resources and to engage in more cost-effective collaborations at EU level. We therefore should maintain our European defense ambitions, keep course and pursue the implementation of the new EU defense instruments — the Coordinated Annual Review on Defence (CARD), the Permanent Structured Cooperation (PESCO) and the European Defence Fund (EDF) — which are all in place, fit for purpose and ready to be used. The COVID-19 crisis could offer us an unexpected and unique opportunity to reinvigorate defense cooperation in Europe. The defense portion of the proposed EU budget has come under pressure. If the European Defence Fund is indeed curtailed, how do you expect EDA to adjust its objectives? It is too early to speculate about the Fund's future budget allocation as negotiations are still ongoing. Therefore, we have to wait and see. This being said, the EDF will be an essential part of the EU's defense-cooperation toolbox, together with CARD and PESCO. Therefore, it is crucial that the Fund receives the financial means it needs to play its role properly. I thus hope for adequate funding for this important collaborative tool because for the reasons I just explained, we need more defense cooperation in the future, not less. And the Fund will serve not only as an incentive to that end, but also as a point of leverage for economic recovery. In any case, EDA's activities are not directly linked or dependent of the Fund's budget as we are an intergovernmental agency entirely and directly funded by our member states, not through the EU budget. U.S. defense companies want to be allowed to compete for EDF money and PESCO participation. How do you believe it is possible to strengthen intra-EU defense cooperation without shutting out trans-Atlantic ties at the same time? Third-party participation in the EDF is among the topics currently discussed between member states, the Commission and the European Parliament as part of the legislative process on setting up of Fund. So the jury is still out on the outcome of these talks. EDA is not involved in that process and therefore I cannot comment. However, I want to recall a basic underlying principle of European defense cooperation, namely that the European Union is fully committed to working with the U.S. as a core partner in security and defense matters. The EU defense initiatives must be understood in this context: They are not directed against our trans-Atlantic partnership but aim to enhance Europe's contribution to our common trans-Atlantic security by sharing a greater part of the burden. PESCO and EDF will help enhance EU member states' investment in the joint development of defense capabilities and deepen cooperation to make more efficient use of defense spending in the EU. The resulting defense capabilities will not be owned by the EU but by its member states. Which means they will also be available to NATO, at least for those EU member states that are NATO allies. As a result, EU cooperation ultimately also strengthens NATO as well as our trans-Atlantic partners. What is in store for the dozens of PESCO projects currently underway? For example, do you expect new ones to join the roster at some point, or some to be canceled if they fail to deliver? As you know, PESCO is a member states driven initiative. It's therefore up to the 25 participating countries to decide whether they want to launch new collaborative projects in the future. If you ask me, I expect indeed more projects to be added in the future but not this year as it was decided to skip 2020 after three consecutive waves of new projects launched — 47 in total to date — since December 2017, when PESCO was established. Focusing on the project implementation and delivering tangible outputs is thus the priority now. Equally, it is up to the member states involved in a given project to decide about possible changes or adjustments to be made or, to answer your question, even to cancel a project that would fail to deliver. It's the member states who own the projects, so it is up to them to implement them in the way they want. This being said, EDA is available and keen to support them, if they wish, in the implementation. As the European hub for collaborative capability development, we have the expertise and experience needed to do that. We therefore encourage member states to make full use of the Agency and to seek our know-how and support for bringing their PESCO projects forward. And we see that they start to rely more and more on our help. The number of PESCO projects which have been or currently are supported by the agency has constantly increased and now stands at six; two of them (in the areas of CBRN surveillance and deployable underwater capabilities) as EDA projects. Judging from informal expressions of interest received, we have reasons to expect those numbers to further grow in the future. https://www.defensenews.com/global/europe/2020/06/22/new-european-defence-agency-boss-warns-against-rash-budget-cuts-by-eu-members/

Toutes les nouvelles