Nextgov/FCW - Authors - Dawn Lim

Air Force Casts a Wide Net For Cyber Warfare Tools

Dawn Lim — Mon, 20 May 2013 08:12:14 -0400

The Air Force is scanning the market for “cyber warfare systems” tools, in an acknowledgment of the need to open up the opaque and inaccessible space to new players, documents show.

The acquisition unit for Air Force cyber operations known as the Network Warfare Systems Branch, posted a request for information from firms that could offer software and services to support cyber operations. “The objective of this effort is to overcome restricted competition barriers in subsequent acquisitions for cyber warfare systems supplies and services resulting from legacy security policies, practices, and guidance,” according to the document released Friday. The market research will influence whether the service should bid out contracts openly and set aside some to small businesses.

A more transparent bid process would engage more start-ups when the work of supporting the Defense Department’s classified surveillance and offensive security machinery has typically fallen to the largest defense contractors, even with cheaper products in an increasingly-crowded market.

The document, obliquely worded, did not specify what the Air Force was seeking, but said that “CWS [Cyber Warfare Systems] information includes, but is not limited to: source code, installation code, unit test scripts, unit test data, application programming interfaces, data schemas, training material, graphics, and technical manuals.” There was no mention of exploits or vulnerabilities. Only unclassified information will be accepted. The window for responses is narrow: the call for information closes May 30 at 4 p.m.

The Air Force estimates base spending of $9.89 million in fiscal 2014 for unclassified offensive cyber operational support -- including computer infrastructure and software to perform data analysis.

Service officials are open to reviewing classifications around certain cyber operations, a move that would allow firms to bid for the contracts more easily, the Air Force signaled. It plans on “reviewing the system information of existing cyber warfare systems, preparing that information to be transferred to the appropriate (lower) security levels,” the document said.

The move to loosen up the security classifications on these systems coincides with the willingness of the top brass to highlight the administration’s commitment to honing its adversarial computer capabilities, especially in the face of attacks from Chinese and other foreign entities.

When the Air Force began searching for providers to offer hardware and software maintenance on “network warfare operating systems” in 2010, it focused on contractors with clearances in San Antonio, where the 24th Air Force, an operational warfighting unit that protects Air Force networks, is housed at Lackland Air Force Base. General Dynamics, which was tapped for the work, was hindered by unspecified “operational constraints” from completing deployment before the original contract was slated to end and a follow-on order was drawn up, federal databases reveal. The Air Force also indicated that it plans to launch within five years a full and open source selection for subsequent contracts involving logistical support for those network warfare operating systems.

(Image via Orion-v/Shutterstock.com)

]]>

General Dynamics Picked to Patch Network Attack System

Dawn Lim — Mon, 29 Apr 2013 12:56:24 -0400

General Dynamics is rolling out upgrades and logistics support for a classified Air Force network attack system, federal databases indicate.

General Dynamics, the defense firm tapped for the contract from August 2012 to February 2013, is expected to continue servicing the system through the year’s end, as part of a follow-on to its original contract. The Air Force estimates that it will spend an additional $233,800 on patches, upgrades and fixes for the system, according to a justification and approval document.

The Air Force began seeking information on providers able to offer hardware and software maintenance on “network warfare operating systems” in 2010, documents indicate. Raytheon was among the firms that responded to the classified request for information targeting offerors in San Antonio, where the cyber-focused 24th Air Force is housed at Lackland Air Force Base.

The Air Force expects to launch a full and open source selection for the logistical support in five years, according to the document. The Air Force, for this effort, “plans to require more thorough computer software, system documentation, training materials and software transition plans.” The Pentagon has become more open over the past year about its funding of offensive cyber capabilities, a move that could signal more transparency for firms looking to bid on contracts.

]]>

Congressional commission to look closer at China cloud computing

Dawn Lim — Tue, 22 Jan 2013 14:37:28 -0500

The U.S.-China Economic and Security Review Commission, an advisory group to Congress, is putting more scrutiny on national security threats posed to American businesses by Chinese cloud computing companies.

The group, tasked by Congress to monitor the risks of trade with China, is commissioning a report on the ties of state enterprises to the Chinese cloud computing industry and potential espionage risks from cloud infrastructure situated in the country, according to government officials.

Cloud computing generally refers to the delivery of a variety of computing resources – from Web-based services to storage space -- over the Internet. The commission is interested in “how information stored by Chinese cloud computing services might be susceptible to theft or exploitation, or how cloud computing infrastructure might be used to launch or enable cyberattacks,” according to a solicitation for proposals that closed earlier this month. The group is looking into how many people in the U.S. are using cloud infrastructure owned or operated by Chinese entities, as well as “Chinese-developed, owned, or operated cloud infrastructure outside of China.” The report is likely to be available to Congress by the middle of the year, according to the officials, who spoke on condition of anonymity because they weren't authorized to discuss it.

Any findings could potentially direct further congressional scrutiny over manufacturers such as Huawei and ZTE that sell technology and infrastructure that support cloud computing. The advisory commission has previously enlisted defense contractor Northrop Grumman for a report on the impact of the rise of offensive computer abilities by Chinese entities. The commission, in its 2012 report to Congress, suggested that the rise of cloud computing in China could facilitate government surveillance and censorship.

Chinese cloud computing is still in infancy but is a fast-growing industry that has been slated for government venture capital. The size of China’s public cloud services market – which generally targets individual consumers -- is expected to reach over $2 billion in 2015 from roughly $1.25 billion in 2013; while private cloud-related spending – which generally caters to enterprises -- is expected to hit over $1.2 billion in 2015 from just south of $800 million in 2013, according to research analyst group IDC.

U.S. companies have begun to jump to capture a slice of this growth. IBM has partnered with Chinese tech firm Range Technology Development Co. to build by 2016 what is slated to be Asia’s largest cloud computing data center. Microsoft planned in 2011 to develop cloud enterprise products in China alongside local partner China Standard Software Co.

(Image via Shutterstock.com)

]]>

Can you predict the future by reading Twitter? The Pentagon thinks maybe.

Dawn Lim — Mon, 14 Jan 2013 08:06:15 -0500

The Defense Department wants new computer tools to analyze mounds of unstructured text, blogs and tweets as part of a coordinated push to help military analysts predict the future and make decisions faster.

The search is part of the Office of Naval Research’s “Data to Decisions” program, a series of three-to-10-year initiatives that will address the volume of information that threatens to overwhelm planners in the digital age, contract databases indicate. The goal is to build an open source system that can unite various tools that collect, manage and draw relationships between data sets.

In a program announcement, ONR is calling for computer algorithms to predict events, fuse different forms of information and offer context on unfolding events. The office expects to spend $500,000 each year in funding. “The Department of Defense recognizes the potential for text analytics to play a vital role in future capabilities that inform timely and accurate situational awareness in time-constrained, uncertain, and complex environments,” the tender reads.

Defense is seeking ways to predict the future by monitoring Twitter, blogs and news, and determining the “frequency of contacts between nodes or clusters.” As networks grow larger and more complex, researchers have found it harder to monitor group behavior. ONR also wants researchers to discover networks that could be hidden within networks, and how information and money flows through a community.

Officials also want tools that fuse and assimilate multiple, incomplete data sets on agriculture, weather, terrain, demographics and economic indicators to find patterns. ONR is especially interested in ways to comb text-based information to provide more nuanced views of how groups, such as terrorists, operate by extrapolating the “stated values and beliefs that motivated behaviors of interest,” “community structure and clusters of social networks” and the level of “emotional support expressed towards topics or persons.”

The office also seeks better technologies for machine translation and processing -- translating physical characters or sounds -- into one machine-readable language.

Proposals are due Jan. 15 and funding decisions will be made by Feb. 15, contract documents indicate. Carey Schwartz, an ONR program officer and researcher affiliated with the Applied Research Laboratory at Pennsylvania State University, spearheads the program. So far, Clifton Park, N.Y.-based Kitware, which develops algorithms to analyze battlefield imagery, has been slated for funding, in partnership with software developer SOARTech, data-focused firm Signal Innovations Group, sensor processing company Systems Technology Research, defense giant Lockheed Martin Corps. and University of Southern California.

Government agencies have been pushing technologists to refine techniques to sift through open source intelligence or publicly available data sets. The CIA, responding to mounting calls that such information needed to be systematically collected and better analyzed, created the National Open Source Center in suburban Northern Virginia around 2005 to acquire and analyze the information to support intelligence agencies. The Defense Advanced Research Projects Agency, the Pentagon’s research arm, in 2012 sought out research ideas on computer programs that predict “cyber terrorism events” by detecting how criminal groups and hackers interact on the Internet.

]]>

Navy denies that Iran captured intelligence drone

Dawn Lim — Tue, 04 Dec 2012 11:32:44 -0500

The U.S. military refuted claims by Iran that it captured an intelligence drone being flown over the Persian Gulf, Reuters reports.

Iranian state television broadcast images of a ScanEagle being inspected by Rear Adm. Ali Fadavi, the commander of the Revolutionary Guards Corps naval forces, reports said. The drone, a 4-foot off-the-shelf model built by Boeing, was displayed in front of a sign that read, “We will trample the U.S. under our feet.”

A spokesman for Naval Forces Central Command said no U.S. drone had gone missing in the region recently, Reuters said.

The rhetoric comes at a particularly delicate moment. The United States has stepped up spying operations on Iran's Bushehr nuclear reactor in the past two months, the Wall Street Journal reported Sunday. The increased surveillance, conducted in part with drones flown over the Persian Gulf, has been driven by new concerns after nuclear engineers began moving fuel rods out of the facility in October, the report said. Iranian warplanes shot at a U.S. Predator drone flying over the Persian Gulf early this month. The shooting involved two Russian-made Su-25 jets known as Frogfoots, according to reports.

]]>

Pentagon directive targets fake parts, vulnerabilities in arms systems

Dawn Lim — Mon, 03 Dec 2012 08:29:35 -0500

A new Pentagon directive is calling for new safeguards against fake parts and software vulnerabilities in arms and information systems. The mandate, which took effect Nov. 5, is likely to bring new momentum to funding of technology to protect military supply chains.

Signed by Teresa Takai, defense chief information officer, and Frank Kendall, under secretary of Defense for acquisition, technology and logistics, the directive asks for guidance, mechanisms and systems to control the security and configuration of software and hardware. It asks defense to push for new technology for “creating and identifying non-cryptologic software and hardware that is free from exploitable vulnerabilities and malicious intent.”

It calls for heads of defense units to come up with best practices to reduce occurrence of fake or compromised products. The order also asks for a way to give all critical components in systems an item unique identification so fakes can be better weeded out, and requires the implementation of test and evaluation protocols.

The number of so called “high-risk suppliers” to the U.S. government -- such as those reported to have sold suspect counterfeit products to military and commercial electronics channels -- rose 63 percent from 5,849 companies in 2002 to 9,539 in 2011, according to IHS iSuppli market research.

Multiple pushes have been brewing across Defense to address the security of weapons supply chains.

The Pentagon venture wing is holding briefings in anticipation of a funding drive called the Vetting Commodity IT Software and Firmware program. The Defense Advanced Research Projects Agency initiative aims to develop technology that can scan whether mobile phones, desktops and other devices are free of backdoors and other hidden malicious functionality. DARPA has noted the limitations of the technology available to execute this. “The goal of making this determination for every new device in a timely fashion at scale across all of DoD is beyond presently deployed techniques,” the agency stated in contracting documents.

Separately, the Defense Logistics Agency is mandating that suppliers of electronic microcircuits mark their items with deoxyribonucleic acid markings, according to an August directive. The suppliers would have to imprint their devices with SigNature DNA marking, which is developed by a company called Applied DNA Sciences. The system would allow electrical components in a device to be traced back to its supplier. The requirement applies to DLA procurements, the agency said.

]]>

Raytheon nabs $422 million precision-guided munitions contract

Dawn Lim — Fri, 30 Nov 2012 16:28:00 -0500

Raytheon Co. nabbed a $422 million precision-guided munitions contract, it announced.

The defense contract is for its Paveway GPS and laser-guided bomb technology, which are deployed by 43 customers. The company did not reveal who it closed the deal with, saying only it was a “direct commercial sale from an international customer.”

Separately, Raytheon was tapped for an $8.7 million award from the U.S. Air Force to develop a protected tactical military satellite communication system, the company said. The contractor will design terminal components and support waveform development for the project.

]]>

Pentagon, Lockheed, move closer on next F-35 contract

Dawn Lim — Thu, 29 Nov 2012 16:21:40 -0500

Lockheed Martin and the Defense Department are nearing consensus on a long-delayed contract for a fifth batch of F-35 fighter jets, Reuters reports.

Defense Undersecretary Frank Kendall told Reuters the Pentagon was “getting close” to an agreement. The $396 billion F-35 program is the Pentagon's largest weapons program.

Defense and Lockheed have been locked in an argument over the cost of the plane for a year, according to a defense consultant. The involvement of Lockheed President Marillyn Hewson helped defuse tensions, the report said. Hewson will become the company's CEO in January, following the ouster of Christopher Kubasik after admission of an affair.

Agreement on the terms would free up funding for work on a sixth set of planes, which Lockheed has funded out of pocket, according to Reuters.

]]>

Pentagon exempts cyber weapons from collateral damage directive

Dawn Lim — Wed, 28 Nov 2012 08:40:48 -0500

The Defense Department does not require developers of computer systems that launch cyber operations to implement the same safeguards required of traditional arms makers to prevent collateral damage.

A Pentagon mandate that autonomous weapons be built and tested so humans won’t lose control over them doesn’t apply to cyber weapons, documents state. The exemption gives military programmers more flexibility to introduce automation into command-and-control infrastructure for cyber operations, allowing military officials to launch computer campaigns more swiftly.

A directive, released Nov. 21, mandated that automated and semi-autonomous weaponry -- such as guided munitions that independently select targets -- must have human machine interfaces and “be designed to allow commanders and operators to exercise appropriate levels of human judgment over the use of force.” The mandate called for “rigorous hardware and software verification and validation” to ensure that engagements could be terminated if not completed in a designated time frame. The goal is to minimize “unintended engagements,” the document states.

The Pentagon is permitting less human control over systems that deploy malware, exploits and mitigation tools, highlighting Defense’s focus on agile responses to computer threats. The document, signed by Deputy Secretary of Defense Ashton Carter, explicitly states that the directive “does not apply to autonomous or semi-autonomous cyberspace systems for cyberspace operations.”

Defense has been pushing to integrate more autonomous capabilities into offensive computer systems, to meet the need to address threats in real time and make up for a lack of specialists that can carry out the exercises manually. This introduces a new threat that mistakes could go unchecked if computer glitches occur.

A central tenet of Plan X -- a Defense funding initiative to build command-and-control architecture that could manage and launch offensive tools -- involves identifying areas for automation and machine assistance in cyber operations. A newly released solicitation document asks respondents to address how a system can be built to allow planners to “mark instructions and actions that could be autonomously executed without operator monitoring” and seeks ideas on how “mission program logic is able to operate autonomously if communications are lost or degraded.”

]]>

Video: Experimental X-47B drone will undergo testing at sea

Dawn Lim — Tue, 27 Nov 2012 16:10:35 -0500

An experimental drone will undergo tests aboard the airship carrier USS Harry S. Truman (CVN 75), the first modern aircraft carrier to host test operations for an unmanned aircraft, the Navy said .

The test will demonstrate how the X-47B drone, which has a 62-foot wingspan, can be integrated into carrier flight deck operations over three weeks. Engineers will use a hand-held controller to remotely steer the aircraft. There were two X-47Bs built at a Northrop Grumman Corp. facility under a $635.8 million contract the Navy awarded in 2007, according to reports.

Capt. Jaime Engdahl , program manager for Unmanned Combat Air Systems program office, signaled in a statement that the tests could broaden the use of unmanned aircraft. "The moment the aircraft set down on Truman's deck was the moment it officially met the fleet," he said.

]]>

Hatching cyberwar: Pentagon incubator will manage weapons

Dawn Lim — Mon, 26 Nov 2012 07:34:07 -0500

This story has been updated to clarify points about the role of the lab.

The Pentagon’s research wing is setting up a technology incubator for Defense-funded developers to stitch together computer code to automate offensive cyber operations.

The Arlington, Va.-based experimental lab, called the Collaborative Research Space, will function as the test grounds for Plan X, a four-year funding drive to build a system to “control a cyber battlespace in real-time,” a newly-released contract document on the initiative reveals. The Defense Advanced Research Projects Agency wants onsite developers to build algorithms and combine code that could make it easier for planners to implement more proactive security measures and launch malware campaigns against adversaries. According to the document, DARPA seeks to build "an end-to-end system that enables the military to understand, plan, and manage cyberwarfare in real-time" and an "open platform architecture for integration with government and industry technologies."

Plan X, also called “foundational cyberwarfare,” signals an increasingly aggressive turn in the Defense Department’s approach to addressing threats to its networks. The laboratory, a designated Collateral Secret area, is described as a collaborative space for contractors and the military. “DARPA intends to arrange program interaction with a variety of users from DoD and other government agencies, including onsite military personnel who will be testing and using the Plan X system on a daily basis,” contract databases indicate.

The public call for proposals, released Nov. 20, marks the Pentagon’s growing willingness to advertise its work on cyber weapons. The initiative comes as the National Cyber Range for Defense personnel to hone computer attack capabilities is slated for a multimillion dollar boost as the system transitions from research laboratories into deployment. President Obama in October signed a secret directive giving the military additional leeway to address computer threats, according to reports.

A request for proposals for Plan X had first been scheduled for release at the end of September but was delayed following an unexpected volume of interest from security researchers and contractors. More than 350 participants attended briefings on the program in October, according to DARPA. The DARPA program is spearheaded by Daniel Roelker, who had started defensive security company Sourcefire as well as DC Black Ops unit at Raytheon SI Government Solutions.

Organizations looking to be funded under Plan X should plan on providing one to two full-time developers with Secret security clearances at the incubator, while supporting the individuals off-site. All code created will be incorporated into a full system located at the space.

While explicitly not funding tools to scan networks, DARPA said in the tender it is looking to fund ways to pool information from such tools to create a map of a network – including security infrastructure such as firewalls and intrusion detection systems – that military strategists can rely on to plan computer-oriented campaigns.

A central tenet of Plan X involves identifying areas for automation and machine assistance in cyber operations. “The speed of planning hinges on using machine assistance to automate as much of the process as possible,” the tender states. With algorithms that can help calculate the resources and tools needed to infiltrate networks, assess possible collateral damage from targeting enemy systems, and capabilities to model opponent moves, DARPA hopes that planners will be able to draw up a plans of action more quickly.

Once a cyberwarfare mission plan can be drawn up for an operation, “the next step is to compile or synthesize the plan into a fully encapsulated executable program or script,” according to the tender. DARPA wants researchers to think about how to build “automated techniques that allow mission planners to graphically construct detailed and robust plans that can be automatically synthesized into an executable mission script.” While automation could speed up the response time of the military, moves to reduce human control could raise concerns, especially if computer glitches go unchecked.

DARPA has explicitly stated it is not funding research into computer vulnerabilities or command and control protocols through Plan X. The broad agency announcement, however, indicates that proposers working on run-time environments -- which interpret programming languages and allow them to be executed -- “should leverage public and commercial capabilities such as Metasploit, Immunity CANVAS, and other standard toolkits.” These are pentesting and exploit-related tools that identity vulnerabilities in computer systems.

]]>

Developer of remote capture and measurement devices inks In-Q-Tel deal

Dawn Lim — Wed, 21 Nov 2012 14:12:11 -0500

ikeGPS, which makes remote measurement and 3-D modeling gadgets, has inked a technology development agreement with CIA venture capital wing In-Q-Tel, it announced.

The firm develops handheld tools that allow users to point a device at a remote object -- such as a building -- and capture its global positioning system location, as well as technology that allows you to measure the height of an object such as a pole, even when the base of the object is obscured, the company said. Its tools have been sought after by the Interior Department, contracting databases indicate.

The pact with In-Q-Tel will allow the firm to advance its remote capture and measurement devices, the firm said, without disclosing further details.

]]>

China offers drones to Pakistan

Dawn Lim — Mon, 19 Nov 2012 15:47:30 -0500

China is offering to sell Pakistan armed drones, following Washington’s refusal to supply the weapons, the Associated Press reports.

The Chinese government's offer includes its own CH-3 armed drone, which can carry two laser-guided missiles or bombs, according to report. The CH-4, which is similar to a U.S. Reaper and can carry four laser-guided missiles, is also being offered.

Pakistan has demanded the U.S. provide it with armed drones but Washington has denied the requests, according to the article.

Pakistan has struggled to build up its advanced targeting technology arsenal. Its drones also have a more limited range than American drones as they operate based on radio waves, rather than satellites, according to the AP. ]]>

Cyber Command intel chief named National Maritime Intelligence Center director

Dawn Lim — Mon, 19 Nov 2012 06:41:02 -0500

The top intelligence officer in the Pentagon’s cyber warfare unit has been named director of the National Maritime Intelligence Center and commander of the Office of Naval Intelligence.

The Navy announced Nov. 15 the new assignment of U.S. Cyber Command director of intelligence Rear Adm. Samuel J. Cox. He previously directed the maritime intelligence center from 2010 to 2011, according to his official biography. Capt. Robert V. Hoppa, who currently holds the position, will be promoted to rear admiral (lower half) and assigned as deputy director of operations, J3, at U.S. Cyber Command.

The flag officer moves come as the command, which is subordinate to U.S. Strategic Command, inches towards becoming a unified combatant command, according to some reports. Senior officials believe the boost would give the command more clout, allowing the Pentagon to address cyber-threats more flexibly and boldly.

Rear Adm. Sean Filipowski steps into the position of intel chief at CYBERCOM, the Navy said Oct. 22.

]]>

Developer of sensitive devices to detect diseases, proteins gets In-Q-Tel funding

Dawn Lim — Thu, 15 Nov 2012 16:40:13 -0500

Biotech firm Quanterix raised $18.5 million in a funding round joined by CIA venture capital wing In-Q-Tel, the company announced.

The firm is developing sensitive diagnostic technology that detects diseases and proteins at lower concentrations than other devices can.

French bioMérieux, which led the round, entered a licensing agreement with Quanterix and was granted exclusive rights to deploy its so-called Simoa technology in clinical laboratories. The technology could be applied in medical settings to measure recurrence of prostate cancer in patients, as well as used for security applications such as detecting toxins in the environment. All of the company’s existing venture capital backers, including ARCH Venture Partners, Bain Capital Ventures and Flagship Ventures, participated in the round.

Quanterix nabbed a $250,000 contract from the Homeland Security Department in 2011. The technology was touted by DHS for its potential to identify active agents of bioterrorism.

(Image via Sebastian Tomus/Shutterstock.com)

]]>

Pentagon taps SAIC to build unmanned submarine-spying sea vessel

Dawn Lim — Wed, 14 Nov 2012 16:43:00 -0500

Science Applications International Corp. won a $58 million prime contract from the Pentagon to develop an unmanned sea vessel that spies on enemy submarines while operating with minimal supervision, the defense contractor announced.

The autonomous surface vessel will be able track a diesel-electric submarine for months over thousands of kilometers, the company said. It was funded out of a military venture capital arm initiative called the Anti-Submarine Warfare Continuous Trail Unmanned Vessel program. The Defense Advanced Research Projects Agency experiment aims to create a new maritime drone that can operate with “sparse remote supervisory control,” contract databases reveal.

New autonomous capabilities could expand the use unmanned surface vessel systems at sea. “Current unmanned surface vessel systems and concepts are operated as close adjuncts to conventional manned ships -- they are launched and recovered from manned ships, tele-operated from manned ships and are limited to direct support of manned ship missions,” a December 2011 solicitation document reads.

The technology, if successfully developed, could allow surveillance missions to be carried out with less effort, needing a shore-based operator just “intermittently monitoring autonomous performance.” One challenge DARPA-funded scientists will have to address would be building a machine that can navigate the seas safely without colliding into other ships, a tender indicates.

SAIC’s three-year contract would involve the design and construction of a prototype. SAIC was also funded in an earlier phase of the initiative to draw up a blueprint.

Oregon Iron Works and Christensen Shipyards have been slated for partners in ship design, construction and propulsion, according to the SAIC statement. Carnegie Mellon University was tapped to develop vehicle’s autonomous capabilities, with National Robotics Engineering Center’s Senior Systems Scientist Brett Browning and Associate Director of Operations Pete Rander serving as key investigators, the university said in a statement. NASA’s Jet Propulsion Lab was also picked to team up with SAIC.

]]>

Pakistan develops combat drones

Dawn Lim — Tue, 13 Nov 2012 16:55:00 -0500

Pakistan is developing its own unmanned aircraft, the Guardian reports. Military officials briefed Pakistan's allies about army efforts to develop a combat unmanned aerial vehicle during the International Defense Exhibition and Seminar, an arms fair held in Karachi last week.

The aircraft in development does not have the efficiency of the U.S. Predator drone but can be armed and carry a weapon payload, according to the article, which cites an unnamed official.

Pakistan has criticized the United States for drone attacks on its soil. The United States and Israel reportedly have drones that can fire missiles. China and Turkey also are developing combat drones, according to the Guardian.

]]>

Lockheed Martin says cyberattacks up sharply, suppliers targeted

Dawn Lim — Tue, 13 Nov 2012 14:27:41 -0500

Defense contractor Lockheed Martin said the number and sophistication of international cyberattacks on its networks had “increased dramatically over the last several years,” Reuters reports.

Chandra McMahon, Lockheed vice president and chief information security officer, said about a fifth of the threats directed at the company were "advanced persistent threats," prolonged attacks with a specific end goal in mind. An internal review showed that multiple campaigns were linked, according to the report.

McMahon said Lockheed had seen "very successful" attacks against a number of the company's suppliers and was working with them to bolster their security, the article said.

Discuss the future of Federal IT with experts, innovators and your peers on Dec. 3 in Washington at Nextgov Prime, the defining event in the federal technology landscape. Learn more at nextgov.com/prime.

(Image via jcjgphotography/Shutterstock.com)

]]>

Military cyber range moves from laboratory to deployment

Dawn Lim — Mon, 12 Nov 2012 07:57:47 -0500

A test range for Defense personnel to hone computer attack capabilities is slated to receive a multimillion dollar boost as the system transitions from the Pentagon research wing’s laboratories into deployment.

The platform, created under a program called the National Cyber Range, is providing infrastructure for the Pentagon to advance its drive to develop more offensive tools that will hunt down intruders and thwart computer attacks. Defense intends to award $80 million to Lockheed Martin Corp. for five years to support operations at the facility, contract databases indicate.

The range, housed in a “specially architected sensitive compartmented information facility with appropriate security protocols,” is equipped with custom-configured government and Lockheed Martin-owned hardware and software, federal databases reveal. The test lab, a mini-model of the public Internet and other institutional networks, “provides for the modeling of cyber attacks,” a special notice reveals.

The lab will allow the Defense Department to test and evaluate the impact of cyber attacks. The notice, in a signal that the range could plausibly serve as a launchpad for offensive campaigns, notes that it will support efforts to “simultaneously execute parallel events at multiple security levels (unclassified through Top Secret) as required.”

The range, originally developed by the Defense Advanced Research Projects Agency, was transitioned to the Office of the Secretary of Defense Test Resources Management Center for operations this year, federal documents reveal.

The push comes as the Pentagon gears up for a funding initiative called Plan X to support the development of technology that can bolster the government’s attack capabilities in the digital domain. “The objective of the Plan X program is to create revolutionary technologies for understanding, planning, and managing cyberwarfare in real-time, large-scale, and dynamic network environments,” contract documents unearthed by NextGov earlier this year indicated.

The test range has been brewing for at least three years. Then-Deputy Secretary of Defense William Lynn III, had introduced the cyber range as “a model of the internet” that would allow Defense to test capabilities in a 2010 speech in Brussels. In his address, he spoke about the limitations of defensive approaches – such as using intrusion detection services and patching software -- to protecting sensitive networks, and advocated the need for more active approaches that would allow the government to find players infiltrating sensitive networks and neutralize malicious code.

Parties that helped develop the range include Johns Hopkins University, Sparta Inc., and Lockheed Martin, various federal notices indicate.

]]>

David Petraeus resigns as CIA director

Dawn Lim — Fri, 09 Nov 2012 16:00:00 -0500

CIA director David Petraeus resigned on Friday, releasing a statement that he had been involved in an extramarital affair.

“I showed extremely poor judgment by engaging in an extramarital affair,” Petraeus said. “Such behavior is unacceptable, both as a husband and as the leader of an organization such as ours.” Michael Morell, Petraeus' deputy, steps in as acting director.

Newly re-elected President Obama, in a letter accepting his resignation, expressed his gratitude to Petraeus. “By any measure, through his lifetime of service David Petraeus has made our country safer and stronger,” the president said.

The CIA has come under scrutiny following a fatal attack on the U.S. consulate in Benghazi, Libya. A Wall Street Journal report this month, citing unnamed officials, raised questions over whether a lack of adequate security at the facility was a result of “a secret and possibly confused arrangement between the State Department and Central Intelligence Agency.” The CIA reportedly had a presence in the diplomatic compound.

]]>

Boeing reshuffles defense executives as business shrinks

Dawn Lim — Fri, 09 Nov 2012 14:05:11 -0500

Boeing is disbanding its Missiles and Unmanned Airborne Systems division and distributing its duties among other units as demand slows and worldwide defense spending tightens, the Associated Press reports.

The missiles and unmanned planes unit had dedicated finance, human resources and legal staff, according to the AP. Missiles will now be the work of Boeing Military Aircraft's "Global Strike" division. Boeing also will cut down on defense facilities, though it was unclear which facilities would be affected.

Boeing is axing the number of defense executives by 30 percent from 2010 levels, the article said. The last 10 percent of the cuts will come by the year’s end.

]]>

BlackBerry 10 gets FIPS security certification

Dawn Lim — Thu, 08 Nov 2012 17:08:08 -0500

Research In Motion announced that the yet-to-be-launched BlackBerry 10 platform is FIPS 140-2 certified, a move that could remove barriers to entry for use of the company’s smartphones in government agencies concerned about data breaches.

FIPS 140 is issued by the National Institute of Standards and Technology, which helps to rate and certify devices for use by federal government agencies and regulated industries. The move may give the BlackBerry-maker a leg-up as it loses market share to rivals. RIM has constantly touted the BlackBerry’s security standards and certified encryption algorithms as a selling point. This is the first time BlackBerry products have been FIPS certified ahead of launch.

BlackBerry commanded 77 percent of the federal market in 2009 but its market share dropped to less than half the market by late 2011, as Apple’s iPhone and Google’s Android platform gained popularity. The Immigration and Customs Enforcement agency plans to end its eight-year relationship with the BlackBerry in favor of iPhones, NextGov reported in October. ICE gave both Apple and RIM high security scores while Google’s Android got a low grade.

]]>

U.K. intel arm establishes cyber response squad

Dawn Lim — Wed, 07 Nov 2012 17:18:22 -0500

The Government Communications Headquarters, Britain’s intelligence agency, has picked four security companies to help U.K. organizations respond to breaches and computer attacks.

BAE Systems Detica, Cassidian, Context IS and U.S.-based Mandiant were chosen as part of a pilot scheme aimed at protecting the public sector and critical infrastructure, BAE announced. Companies and organizations will pay for any consulting work provided by the group and will get support from GCHQ, according to the Daily Telegraph.

The British government hopes the effort will help set standards for how institutions can address computer intrusions.]]>

Raytheon nabs Navy ship contract

Dawn Lim — Tue, 06 Nov 2012 17:19:36 -0500

Raytheon was awarded a $22.5 million Navy contract for the Ship Self-Defense System, an anti-ship cruise missile technology on carriers and amphibious ships, the defense contractor announced.

The system integrates sensors and weapon systems to provide a response to missile threats. Raytheon, under the contract, will continue developing and testing the system and providing support to units that use it.

The Navy, in addition, announced its intent to increase the current contract ceiling for systems engineering by $50 million to extend services and support for the platform through fiscal 2013, according to the company statement. ]]>

Japan plans development of missile-tracking UAVs

Dawn Lim — Mon, 05 Nov 2012 15:30:55 -0500

Japan’s Defense Ministry plans to develop unmanned aerial vehicles that detect ballistic missiles sooner than existing systems, Japan’s Yomiuri Shimbun reports.

Japan relies on data from U.S. forces' early-warning satellites as well as ground radar and Aegis destroyers to detect missiles, but the technology only allows it to pick up on missiles that have reached a certain altitude. Japanese officials are looking to create a new generation of infrared sensor-equipped drones that can track ballistic missiles at lower altitudes, according to the report, which cites unnamed government sources.

The ministry plans to have a design for a prototype ready by the next fiscal year and introduce the UAVs for deployment in fiscal 2020, according to the report.

]]>