Defense Officials Outline Hypersonics Development Strategy

 Feb. 27, 2021 | BY David Vergun , DOD News

The Defense Department has identified hypersonics as one of the highest priority modernization areas, as Russia and China develop their own capable systems.

Hypersonic systems are able to travel on extended flights within the upper atmosphere — 80,000 to 200,000 feet — at speeds near and above Mach 5, and they're able to maneuver in ways that are hard for defenders to predict.

The high-altitude range creates a gap between air defenses and ballistic missile defenses, Mike White, principal director for hypersonics in the office of the undersecretary of defense for research and engineering, said.

White told attendees of the Air Force Association's virtual Aerospace Warfare Symposium that to address these challenges, the department has developed a hypersonics modernization strategy that accelerates the development and delivery of transformational warfighting capabilities. He said the strategy consists of:

• Developing air-, land-, and sea-launched, conventionally-armed hypersonic strike weapons for highly-survivable, long-range, time-critical defeat of maritime, coastal and inland targets of critical importance on the tactical battlefield.
• Using comprehensive, layered-defeat of an adversary's tactical hypersonic strike missile capability.
• Utilizing reusable, hypersonic systems for intelligence, surveillance, reconnaissance and strike, as well as the first stage of a two stage vehicle for rapid access to space.

White said DOD's strategy has four major phases of implementation:

• Phase 1 is technology development and concept demonstration.
• Phase 2 is weapon system concept prototype development and demonstration.
• Phase 3 is the accelerated fielding of prototype weapon system capability.
• Phase 4 is the creation of acquisition programs and capability phasing plans. 

The hypersonic strategy is being implemented in a highly coordinated set of programs across the military services and agencies and with critical, enabling investments in the industrial base and organic laboratories, as well as working collaboratively with our allies, where appropriate.

"We will deliver strike capability to the warfighter in the early-mid 2020s and a layered hypersonic defense capability — first terminal and then glide phase — in the mid-late 2020s. For reusable systems, our goal is to deliver capability in the early to mid-2030s," White said.

Air Force Brig. Gen. Heath A. Collins, program executive officer for weapons and director of the armament directorate at the Air Force Life Cycle Management Center in the Air Force Materiel Command, said his organization is developing a rapid prototyping program for the AGM-183A air-launched rapid response weapon, dubbed ARRW.

The ARRW program is a boost-glide based hypersonic weapon. Collins said his team is getting ready for the first booster flight test next week. "We're also getting ready to transition into production within about a year on that program, so it will be the first air-launch hypersonic weapon that the Air Force has.

"We're really proud to be in the hypersonics weapon enterprise at this point in this exciting time, and we're just on the cusp of an operational capability," Collins added.

James Weber, senior scientist for hypersonics at the Air Force Research Laboratory, said the lab has a long history in hypersonic science and technology development, beginning in the early 1960s.

Over the last 25 years, DOD has invested some $1.7 billion in hypersonics, he said.

"We have a wide technology portfolio for hypersonics with competencies in test capabilities and thermal propulsion — such as scramjet propulsion and solid rocket motors and liquid rockets, materials, high-temperature materials and structures, manufacturing, guidance control systems and also basic research," Weber said, adding that AFRL works closely with other military services and agencies.

For instance, Weber said the research laboratory is partnering with the Defense Advanced Research Projects Agency on the hypersonic, air-breathing weapon concept program, as well as the tactical boost glider programs. "We are partnered with them to develop and demonstrate critical technologies for launch of hypersonic weapons by FY22."

Weber added that his team is also collaborating with Collins' ARRW project.

Air Force Maj. Gen. Andrew J. Gebara, director of strategic plans, programs and requirements at the Air Force Global Strike Command, said that developing new hypersonics capabilities requires accelerated acquisition strategies once the most promising programs are narrowed down.

Gebara said that over the years, the department has done some amazing testing with hypersonics, but has not followed through to production. What's different this time is that there's a national will to accelerate these programs and get them fielded quickly.

U.S. Access to Space Is a Vital National Interest

 Feb. 25, 2021 | BY Terri Moon Cronk , DOD News

The United States' freedom to maneuver in space is a vital national interest that underpins national security, intelligence efforts, treaty verification and the economy, Chief of Space Operations, Space Force Gen. John W. "Jay" Raymond said.

The general talked about the advantages of U.S. presence in space during a fireside chat today at the Air Force Association's 2021 virtual Aerospace Warfare Symposium.

"There's a significantly growing economy in space between here and the lunar surface [with] estimates of over $1 trillion over the next handful of years. It underpins every instrument of national power," Raymond said.

Spotlight: DOD Space Strategy

The U.S. is concerned with cyberthreats that China and Russia are continuing to develop, Raymond noted. "It's something that we have to protect against today. That's why the establishment of the U.S. Space Force is so important. We are purposely built to stay ahead of that growth" from other countries.

If the nation can deter conflict from beginning, or extending into space, space can deter conflict from spilling over into other domains, the general added.

"Space is a huge force multiplier [that] enables us to do things the other services can do with smaller force structures because they have integrated space to their advantage," he explained. "We cannot afford as a nation to lose. … we're the best in the world of space. We are running fast — the guardians are running fast — to be able to stay ahead of that threat to deter from a position of strength." 

The general said the nation can't just launch a satellite and assume it's going to be there forever; we have to be able to protect and defend it.

"That's the new missionary," he said. "That's why the United States made the decision to stand up both the U.S. Space Command — the operational arm, the warfighting arm — and the Space Force, which is the organized training equipment [arm]."

The National Security Strategy and the National Defense Strategy outline a very complex strategic environment in space, one that has global challenges, multidomain challenges, and challenges that move very fast at great speeds and across great distances, he explained, adding that space is a warfighting domain, just like air, land and sea.

Spotlight: National Defense Strategy

And as a warfighting domain, the nation now has a service focused on protecting and defending that domain, he added.

With space, the U.S. has an opportunity with its allied partners, Raymond pointed out. In the first year of standing up an independent Space Force, partnerships have also been established. 

"We want to build this coalition [as] friendly from the beginning to allow our international partners to invest," Raymond said. "And we think that partnership is key to deterrence and key to our strength."

Secretary of Defense Video to the Force on COVID-19 Vaccinations

 Feb. 24, 2021

---

The Department of Defense released a video today of the Secretary of Defense addressing the entire workforce to encourage informed decision-making with regards to coronavirus-19 vaccination.

Secretary Lloyd J. Austin III addressed the men and women of the Department directly in a video posted to Defense.gov.  

The video can be viewed here.

The text of Secretary Austin’s address follows: 

Hello there, I’m Lloyd Austin, Secretary of Defense.

I wanted to speak with you today about the coronavirus … and about how we can all chip in to defeat this pandemic once and for all.  As you have probably seen, we are going to be sending teams of active-duty professionals to assist FEMA in administering vaccines at select locations around the country.  This, of course, comes on top of the more than 20,000 National Guardsmen and women assisting state and local authorities across the country, as part of the whole-of-government response.

In other words, we’re pitching in to help our fellow citizens as quickly and safely as possible.  We’re part of a larger team of federal and state agencies, and we are working hard – leaning in – to be productive members of that team.  We’re also working hard to make vaccines available to every member of the DoD family who wants one.

You know we’ve approached this effort deliberately and in phases, making sure that we prioritized our frontline health care workers, and our deploying troops and those most vulnerable… but as we continue to advance through these phases, we want to make sure that all of you have the information that you need to make the best decisions for your families.  And so I encourage you to visit the CDC website for more information about the vaccines, as well as our own site at Defense.gov.

And when you do, you’ll see that these vaccines have undergone intensive safety monitoring.  You’ll see that they are safe and they are effective.  And you’ll see that millions of your fellow citizens have already taken them with little to no side effects.

You know, I’ve taken it myself.  After talking with my doctor, I believed it was the right thing to do -- not only for my health -- but also for my ability to do the job and to contribute to our readiness.

Of course, I also still practice social distancing, and I’ll still wear a mask while I’m here in the Pentagon and everywhere else I go.  And so we’ll need your continued support in that regard.  But I encourage you to have a discussion with your primary care physician about taking the vaccine.  And if you believe, as I did, that it’s the right thing for you … I hope that you’ll consider accepting it when it’s offered to you.

And finally, thank you for all you and your families do … each and every day … to keep our country safe.  

I’d ask that you please take care of yourselves and your teammates.  And please do what you can to keep each other safe. Thank you.

Cyber Workforce Vital to Protecting National Security

 Feb. 23, 2021 | BY David Vergun , DOD News

During Engineers Week, the Defense Department is highlighting its efforts to develop a diverse and well-educated future engineering workforce and to increase understanding of and interest in engineering and technology.

The Defense Department's cyber workforce is tasked with defending virtually every system that the department relies on to protect national security, a cyber leader discussing the department's missions, technology and workforce said.

John Marx, acting principal director for cyber modernization, office of the undersecretary of defense for research and engineering, spoke this week as part of Engineer Week.

Cyber Missions

The goals of modernizing cyber capabilities within the Department of Defense, he said, are: 

1

The first is to advance the department's ability to develop and deploy cyber-resilient systems. "These systems and infrastructures that are built to withstand the kinds of cyber attacks that we know about today, but also with the capacity and agility to be rapidly updated to address new threats as they emerge in an operational environment."

2

The second goal is to develop an unrivaled capability for highly integrated cyber and electromagnetic spectrum operations in support of national strategic objectives. "These will enable the Department of Defense to achieve information advantage across all domains of operations and through all phases of conflict."

3

The third goal, which directly supports the first two, is to build a cyber and electromagnetic spectrum expertise that is unrivaled throughout the world. "Without a workforce made up of innovative, creative and driven experts with expansive knowledge of how software makes complex systems function and who truly understand the limits of this software, those first two goals are unachievable."

Besides these three primary missions, DOD supports the critical civilian infrastructure at times of need when it is requested by those by those infrastructure owners, under authorities, such as the Defense Support to Civil Authorities, Marx said, adding that this support happens in close collaboration with other federal agencies and local entities.

Workforce Talent

The department is always seeking cyber talent as well as talent residing in its workforce. DOD is looking for individuals who have a strong understanding of how software drives complex systems, Marx said. 

Computer engineers, software engineers and electrical engineers, who are often associated with the cyber workforce, typically possess this kind of knowledge. Individuals with those academic backgrounds will always be in high demand to fill cyber positions, he said, but it's important for engineers of every discipline to have an understanding of how what they do intersects with the cyber domain. Mechanical, aerospace, civil, chemical and biomedical engineers all should have a strong understanding of how their fields of practice rely on cyber systems.

"The extent at which software drives everything is an exciting and interesting area," Marx said. "Understanding how software works, especially in the face of a determined adversary who might seek to do us harm, is important.

All types of engineers have a natural curiosity to learn how things work, and then to figure out how to make them work better, Marx said. "When our engineering workforce, regardless of discipline, possesses a level of knowledge in cybersecurity, where they can then innovate and communicate effectively with experts who spend all of their time within the cyber domain, then we're going to be able to make great strides in our ability to deliver systems that can withstand cyber attacks and achieve information advantage on the battlefield."

There are a couple of ways that engineers, aspiring engineers and students can gain more knowledge in cybersecurity, he said. Colleges typically have hacking clubs, for instance. Getting connected with these groups is a great way to learn some of the basics of hacking and cybersecurity. They can also help prepare for capture-the-flag-type competitions, where these skills can be put into practice.

Another thing engineers can do is learn to code, he said. Whatever the venue, be it a local college or online class, learning to code is one of the best ways to enhance one's knowledge of how software makes the world work. 

Marx spoke of experiences he had with non-cyber engineers participating in capture-the-flag-type events.

During last year's Hack-a-Sat competition, which was put on by the Air Force, Space Force and Defense Digital Service, there were several aerospace engineering students who participated who had never taken part in a hacking event before, he said. "Their feedback was, 'Well, geez, this was a lot of fun. We, we learned a lot, and we want to come back and learn more and do it again.'"

Marx noted that there are a lot of new and exciting innovations in technology on the horizon that will improve cybersecurity. For example, artificial intelligence and human machine teaming will likely contribute to automating many of the processes that are now being done manually in the design and operation of cyber resilient systems. But at the end of the day, there will always be a need for the skilled, motivated cyber operator or engineer, who can apply their knowledge to solve higher-order problems.

Engineers Key to Defense Space Efforts: 'We Have Your Back'

 Feb. 23, 2021 | BY C. Todd Lopez , DOD News

During Engineers Week, the Defense Department is highlighting its efforts to develop a diverse and well-educated future engineering workforce and to increase understanding of and interest in engineering and technology.

Engineers are critical to the Department of Defense achieving goals and priorities in space, said the department's principal director for space.

"There are many important roles that engineers play" said Lindsay Millard, the principal director for space with the Office of the Undersecretary of Defense for Research and Engineering.

Top among the priorities that engineers are tackling now is how to use cislunar space — the area between Earth and the moon.

"There are many ongoing efforts in this area across the department and agencies," said Millard. "We're going to be taking a look at how we can best enable and use the space between the Earth and the moon, especially because we have humans who will be traveling in that space in the future."

Spotlight: DOD Space Strategy

With travel into space becoming a priority, Millard said, the way humans leave Earth's surface is also becoming more critical. She said that engineers are now focused on both rapid and responsive launch.

"Rapid implies launching on a cadence. There are some companies that are achieving that goal right now, and other companies are moving toward it," Millard said. "Responsive launch is actually having satellites ready to go on the ground, should there be an unexpected event."

DOD will be putting several satellites in space in the coming years, Millard said. Finding ways to protect what's already on orbit is also a priority for department engineers.

"Satellites are easily tracked," Millard said. "How do we protect and defend those if needed because they are key to enabling our DOD forces on the ground?"

Building a robust space infrastructure to take care of service members on the ground will require advancements in communications and encryption technology — another area where department engineers are now laser-focused, Millard said.

"There are a lot of new encryption types that are coming on board," she said. "Finding a way to get those into satellites quickly is important to help us remain secure across constellations, but also for single satellites, in general."

Getting artificial intelligence and machine learning capabilities into those satellites is another area department engineers are currently investigating, Millard said.

"We're leveraging cloud-enabled computers on the ground to put signatures or secure dynamic tasking across satellites in orbit that have relatively less compute power," Millard said. "We're also looking at how to make big capabilities on smaller satellites."

Among other things, engineers across DOD are focused on space, cyberspace, hypersonics, directed energy, quantum science and fully networked command, control and communications.

As an aerospace engineer, Millard said she's guided in her work by the idea that she's responsible in many ways to the service members who depend on something she may have had a part in designing for them to do their jobs or even to protect them.

"For me, personally, I'm very much motivated by protecting the people who are in harm's way," Millard said. "I think that DOD has a unique perspective and opportunity to do that in the sense that we can hope to decide how to best protect them."

Engineer Week runs Feb. 21-27, and Millard said it's a good time for aspiring engineers and engineering students to think about working within the DOD. She said the defense department is a unique employer that, in her own experience, offered opportunities that might not be found in other places.

When service members don protective gear, use new equipment that's been fielded, or connect across space with the latest communications tools, they might not be thinking of the engineers who designed them. But, Millard said, those engineers are absolutely thinking of service members.

"We need and want to support you," she said. "If you ever want to talk with us, please do so — because we've got your back."

Engineers With Both Government, Private Sector Experience Make 'Most Impact'

 Feb. 23, 2021 | BY C. Todd Lopez , DOD News

During Engineers Week, the Defense Department is highlighting its efforts to develop a diverse and well-educated future engineering workforce and to increase understanding of and interest in engineering and technology.

Engineers who have experience in both the public and private sector bring a lot of value to their employers, said the principal director for fully networked command, control and communications within the office of the undersecretary of defense for research and engineering.

"Both the DOD and commercial sector are great places to work with interesting projects that are building a bridge to the future," said Michael Zatman. "In my experience, people who have experienced both make the most impact in both. Spending time working in the DOD will reward you with stimulating challenges while serving our nation, and also seeding capabilities that will transition back to the commercial sector and lead to a better world for all."

Engineers are the focus of the Defense Department during this year's National Engineers Week, which runs February 21-27. The importance of engineers and engineering was first recognized in 1951 by the National Society of Professional Engineers. It's something the DOD has been observing as well for years now.

Zatman leads the department's efforts to attain fully networked command, control and communications, or FNC3.

"Command and control is an application, and we think of that as something that allows machines to exchange information, make decisions and then transport those decisions to each other in order to accomplish a goal," Zatman said. "The networking communications is the infrastructure that allows these different machines and these different applications to talk to each other."

The United States and its allies need FNC3 to be able to more reliably move increasing amounts of data and information across a growing collection of diverse platforms, Zatman said. Additionally, each of those platforms may be supporting multiple missions in a variety of environments, including those that are contested or benign, as well as environments that may also be congested.

While the department has many engineers now, it's looking for and needs many more, especially engineers interested in the areas that will support the furthering of the DOD's FNC3 efforts.

"Being able to develop, and then field these technologies requires engineering expertise that the DOD needs to have internally since many of the environments that the DOD works in are unique to the Department of Defense, and different from those that are encountered in the commercial sector," Zatman said. "The DOD needs to have engineers who are actually familiar with the environments and the kinds of systems that the Department of Defense is working with, in order to often apply commercial ideas and commercial concepts in order to improve our own capabilities."

Young Americans who want to support the defense of the nation are encouraged to do so by pursuing an education in science, technology, engineering and mathematics, Zatman said.

"Students interested in pursuing a career in this area typically have degrees in electrical engineering or computer science," he said. "However, most important is to have a strong analytical background. I have skilled colleagues with degrees in physics and other sciences, mathematics and even economics. The best engineers I know also have a breadth of experience gained from working in a variety of different areas."

Defense Department Launches $2 Million Aerospace Research and Education Center of Excellence at Tuskegee University

 Feb. 22, 2021

---

The Department of Defense (DOD), through the Office of the Under Secretary of Defense for Research and Engineering (OUSD(R&E)), has launched the DOD Aerospace Education Research and Innovation Center (AERIC) at Tuskegee University in Alabama.  Awarded through the DOD historically Black college and university (HBCU) and Minority-Serving Institutions (MSIs) Research and Education Program, AERIC will support undergraduate research in materials and aerospace sciences relevant to DOD and the aerospace industry.  AERIC is a congressional add funded at $2 million which was sponsored by Senator Richard Shelby (R-AL), vice chairman of the Senate Appropriations Committee and its Subcommittee on Defense.

Established at an institution that was the home of the Tuskegee Airmen and is today the number one producer of Black aerospace engineers in the nation, AERIC is devoted to expanding the future aerospace technical workforce with a particular focus on underrepresented populations in the United States. To help fill the science, technology, engineering, and mathematics (STEM) pipeline, AERIC will support two-year research projects in the areas of fatigue damage tolerance, experimental aerodynamics, and the performance of materials and components under extreme environmental conditions.

“The establishment of centers of excellence plays a vital role in our defense enterprise by stimulating research and innovation for the next generation of STEM leaders,” said Dr. Jagadeesh Pamulapati, director of the Office of Research, Technology, and Laboratories in OUSD(R&E).  “Notably, beyond conducting research that enhances our ability to respond to threats and remain technologically superior, HBCUs serve the nation by educating a significant number of talented scientists and engineers.  By supporting HBCUs and MSIs, we are cultivating a research enterprise that broadens idea sharing while expanding the pool of reliable STEM professionals able to meet both our mission and our workforce objectives.”

Located in Tuskegee University’s Engineering Department, AERIC is positioned to grow the DOD aerospace technical workforce through speaker series with DOD staff and summer internship placements at defense laboratories, ultimately preparing scholars for careers in critical DOD industries.  In addition to partnering with DOD, AERIC will collaborate with Wichita State University, Boeing, Dynetics, and Chevron to further the center’s research and education agenda. 

For more information on the DOD HBCU/MSI Program, see: https://basicresearch.defense.gov/Programs/HBCU-MI-Program/

DHS Announces Steps to Advance President's Commitment to Elevate Cybersecurity

 WASHINGTON – Today, Secretary Alejandro N. Mayorkas announced the many ways the Department of Homeland Security (DHS) will carry out President Biden’s vision to elevate cybersecurity across the government.  DHS will lead efforts to mitigate risks to the United States, further strengthen its partnerships with the private sector, and expand its investment in the infrastructure and people required to defend against malicious cyber attacks as part of a whole-of-government effort.

“Cybersecurity is more important than ever, and we will build on the Department’s excellent work as we transform our whole-of-government approach to tackle the challenge we face as a nation,” said Secretary Mayorkas.  “This week is just the beginning of a series of actions DHS will pursue nationally and internationally to improve cybersecurity at all levels.” DHS plays a key role in protecting the American people from threats in cyberspace.  The Department’s Cybersecurity and Infrastructure Security Agency (CISA) is charged with securing Federal civilian government networks and our nation’s critical infrastructure from physical and cyber threats. Congress, in the recent National Defense Authorization Act (NDAA), further empowered CISA to execute this mission, including by providing authorities for CISA to “hunt” for cyber threats in federal agency networks and to more effectively identify vulnerable technologies used by critical infrastructure sectors. Over the past months, CISA has honed its capabilities and furthered the Department’s effort to advance national cybersecurity by: Leading the national effort to secure the 2020 election, including by sharing timely cybersecurity information with state and local election officials; Driving urgent remediation of risks posed by the exploitation of commonly used network management software and providing incident response assistance to compromised entities; Collaborating with government and private sector partners to disrupt and help protect against malicious activity perpetrated by North Korean actors against financial institutions, including the distribution of technical alerts to help network defenders protect against these threats; Issuing a directive to federal agencies requiring implementation of vulnerability disclosure programs, which allow security researchers to proactively identify weaknesses in government websites and applications; and Facilitating shared cybersecurity services that can be used by federal civilian agencies and SLTT governments to rapidly improve cybersecurity capabilities. Through the U.S. Coast Guard and Transportation Security Administration, DHS plays a crucial role in increasing cybersecurity across the transportation sector, from aviation and rail to maritime and pipelines.  The U.S. Secret Service and ICE’s Homeland Security Investigations combat 21st century crimes, many of which are cyber-enabled. For example, in 2020 alone, the Secret Service responded to 539 network intrusions, arrested over 1,000 people for cyber-financial crimes, and seized over $140 million in assets. The Science and Technology Directorate (S&T) and CISA recently announced the inaugural research and development awards for the newly launched Secure and Resilient Mobile Network Infrastructure project. DHS will continue to build on these achievements. This week, Secretary Mayorkas will increase the required minimum spend on cybersecurity through FEMA grant awards.  To accelerate critical improvements in state and local cybersecurity, CISA will urgently evaluate and implement additional capabilities including potential new grant programs that will enable critical security investments. This is important: the nation’s cybersecurity is only as strong as its weakest link. On Thursday, Secretary Mayorkas will speak at the President’s Cup Cybersecurity Competition  and issue a call to action to build a diverse cybersecurity workforce and leverage DHS’s partnerships to tackle the growing risk from ransomware. Ransomware is a cyber pandemic that paralyzes cities, companies, and hospitals across the country.  In October, CISA together with other government agencies warned of the growing threat of ransomware targeting the healthcare and public health sector.  Previous incidents illustrate the risk ransomware poses to COVID-19 vaccine deployment efforts.  Tackling ransomware will require partnering with private organizations, state, local, tribal, and territorial entities -- the hallmark of DHS’s approach to cybersecurity. Secretary Mayorkas will reinforce CISA’s new “Reduce the Risk of Ransomware” Campaign to encourage public and private sector organizations to take action to mitigate ransomware risk. DHS will also leverage the U.S. Secret Service, through its Cyber Fraud Task Forces, to respond to ransomware incidents and arrest those that engage in this criminal activity.  Secretary Mayorkas is slated to participate in several additional engagements in the coming weeks to further highlight how the Department can and will best support its partners in efforts to improve risk management and cybersecurity. The Secretary will also engage with his foreign counterparts to strengthen international cybersecurity collaboration. The DHS workforce is committed to implementing President Biden’s vision of a more cybersecure America.

Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe

 Indictment Expands 2018 Case that Detailed Attack on Sony Pictures and Creation of WannaCry Ransomware by Adding Two New Defendants and Recent Global Schemes to Steal Money and Cryptocurrency from Banks and Businesses while Operating in North Korea, China

---

---

A federal indictment unsealed today charges three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.

A second case unsealed today revealed that a Canadian-American citizen has agreed to plead guilty in a money laundering scheme and admitted to being a high-level money launderer for multiple criminal schemes, including ATM “cash-out” operations and a cyber-enabled bank heist orchestrated by North Korean hackers.

“As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” said Assistant Attorney General John C. Demers of the Justice Department’s National Security Division. “The Department will continue to confront malicious nation state cyber activity with our unique tools and work with our fellow agencies and the family of norms abiding nations to do the same.”

“Today's unsealed indictment expands upon the FBI’s 2018 charges for the unprecedented cyberattacks conducted by the North Korean regime,” said the FBI Deputy Director Paul Abbate. “The ongoing targeting, compromise, and cyber-enabled theft by North Korea from global victims was met with the outstanding, persistent investigative efforts of the FBI in close collaboration with U.S. and foreign partners. By arresting facilitators, seizing funds, and charging those responsible for the hacking conspiracy, the FBI continues to impose consequences and hold North Korea accountable for its/their criminal cyber activity."

“The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering,” said Acting U.S. Attorney Tracy L. Wilkison for the Central District of California. “The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop up its regime.”

“This case is a particularly striking example of the growing alliance between officials within some national governments and highly sophisticated cyber-criminals,” said U.S. Secret Service Assistant Director Michael R. D’Ambrosio. “The individuals indicted today committed a truly unprecedented range of financial and cyber-crimes: from ransomware attacks and phishing campaigns, to digital bank heists and sophisticated money laundering operations. With victims strewn across the globe, this case shows yet again that the challenge of cybercrime is, and will continue to be, a struggle that can only be won through partnerships, perseverance, and a relentless focus on holding criminals accountable.”

The hacking indictment filed in the U.S. District Court in Los Angeles alleges that Jon Chang Hyok (전창혁), 31; Kim Il (김일), 27; and Park Jin Hyok (박진혁), 36, were members of units of the Reconnaissance General Bureau (RGB), a military intelligence agency of the Democratic People’s Republic of Korea (DPRK), which engaged in criminal hacking. These North Korean military hacking units are known by multiple names in the cybersecurity community, including Lazarus Group and Advanced Persistent Threat 38 (APT38). Park was previously charged in a criminal complaint unsealed in September 2018. 

The indictment alleges a broad array of criminal cyber activities undertaken by the conspiracy, in the United States and abroad, for revenge or financial gain. The schemes alleged include:

• Cyberattacks on the Entertainment Industry: The destructive cyberattack on Sony Pictures Entertainment in November 2014 in retaliation for “The Interview,” a movie that depicted a fictional assassination of the DPRK’s leader; the December 2014 targeting of AMC Theatres, which was scheduled to show the film; and a 2015 intrusion into Mammoth Screen, which was producing a fictional series involving a British nuclear scientist taken prisoner in DPRK.
• Cyber-Enabled Heists from Banks: Attempts from 2015 through 2019 to steal more than $1.2 billion from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta, and Africa by hacking the banks’ computer networks and sending fraudulent Society for Worldwide Interbank Financial Telecommunication (SWIFT) messages.
• Cyber-Enabled ATM Cash-Out Thefts: Thefts through ATM cash-out schemes – referred to by the U.S. government as “FASTCash” – including the October 2018 theft of $6.1 million from BankIslami Pakistan Limited (BankIslami).
• Ransomware and Cyber-Enabled Extortion: Creation of the destructive WannaCry 2.0 ransomware in May 2017, and the extortion and attempted extortion of victim companies from 2017 through 2020 involving the theft of sensitive data and deployment of other ransomware.
• Creation and Deployment of Malicious Cryptocurrency Applications: Development of multiple malicious cryptocurrency applications from March 2018 through at least September 2020 – including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale – which would provide the North Korean hackers a backdoor into the victims’ computers.
• Targeting of Cryptocurrency Companies and Theft of Cryptocurrency: Targeting of hundreds of cryptocurrency companies and the theft of tens of millions of dollars’ worth of cryptocurrency, including $75 million from a Slovenian cryptocurrency company in December 2017; $24.9 million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from a financial services company in New York in August 2020 in which the hackers used the malicious CryptoNeuro Trader application as a backdoor.
• Spear-Phishing Campaigns: Multiple spear-phishing campaigns from March 2016 through February 2020 that targeted employees of United States cleared defense contractors, energy companies, aerospace companies, technology companies, the U.S.Department of State, and the U.S. Department of Defense.
• Marine Chain Token and Initial Coin Offering: Development and marketing in 2017 and 2018 of the Marine Chain Token to enable investors to purchase fractional ownership interests in marine shipping vessels, supported by a blockchain, which would allow the DPRK to secretly obtain funds from investors, control interests in marine shipping vessels, and evade U.S. sanctions.

According to the allegations contained in the hacking indictment, which was filed on Dec. 8, 2020, in the U.S. District Court in Los Angeles and unsealed today, the three defendants were members of units of the RGB who were at times stationed by the North Korean government in other countries, including China and Russia. While these defendants were part of RGB units that have been referred to by cybersecurity researchers as Lazarus Group and APT38, the indictment alleges that these groups engaged in a single conspiracy to cause damage, steal data and money, and otherwise further the strategic and financial interests of the DPRK government and its leader, Kim Jong Un.

Money Launderer Charged in California and Georgia

Federal prosecutors today also unsealed a charge against Ghaleb Alaumary, 37, of Mississauga, Ontario, Canada, for his role as a money launderer for the North Korean conspiracy, among other criminal schemes. Alaumary agreed to plead guilty to the charge, which was filed in the U.S. District Court in Los Angeles on Nov. 17, 2020. Alaumary was a prolific money launderer for hackers engaged in ATM cash-out schemes, cyber-enabled bank heists, business email compromise (BEC) schemes, and other online fraud schemes. Alaumary is also being prosecuted for his involvement in a separate BEC scheme by the U.S. Attorney’s Office for the Southern District of Georgia.

With respect to the North Korean co-conspirators’ activities, Alaumary organized teams of co-conspirators in the United States and Canada to launder millions of dollars obtained through ATM cash-out operations, including from BankIslami and a bank in India in 2018. Alaumary also conspired with Ramon Olorunwa Abbas, aka “Ray Hushpuppi,” and others to launder funds from a North Korean-perpetrated cyber-enabled heist from a Maltese bank in February 2019. Last summer, the U.S. Attorney’s Office in Los Angeles charged Abbas in a separate case alleging that he conspired to launder hundreds of millions of dollars from BEC frauds and other scams.

Accompanying Mitigation Efforts

Throughout the investigation, the FBI and the Justice Department provided specific information to victims about how they had been targeted or compromised, as well as information about the tactics, techniques, and procedures (TTPs) used by the hackers with the goals of remediating any intrusion and preventing future intrusions. That direct sharing of information took place in the United States and in foreign countries, often with the assistance of foreign law enforcement partners. The FBI also collaborated with certain private cybersecurity companies by sharing and analyzing information about the intrusion TTPs used by the members of the conspiracy.

In addition to the criminal charges, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, in collaboration with the U.S. Department of Treasury, today released a joint cybersecurity advisory and malware analysis reports (MARs) regarding North Korean cryptocurrency malware. The joint cybersecurity analysis and MARs highlight the cyber threat North Korea – which is referred to by the U.S. government as HIDDEN COBRA – poses to cryptocurrency and identify malware and indicators of compromise related to the “AppleJeus” family of malware (the name given by the cybersecurity community to a family of North Korean malicious cryptocurrency applications that includes Celas Trade Pro, WorldBit-Bot, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale). The joint cybersecurity advisory and MARs collectively provide the cybersecurity community and public with information about identifying North Korean malicious cryptocurrency applications, avoiding intrusions, and remedying infections.

The U.S. Attorney’s Office and FBI also obtained seizure warrants authorizing the FBI to seize cryptocurrency stolen by the North Korean hackers from a victim in the indictment – a financial services company in New York – held at two cryptocurrency exchanges. The seizures include sums of multiple cryptocurrencies totaling approximately $1.9 million, which will ultimately be returned to the victim.

Jon, Kim, and Park are charged with one count of conspiracy to commit computer fraud and abuse, which carries a maximum sentence of five years in prison, and one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum sentence of 30 years in prison.

In relation to the case filed in Los Angeles, Alaumary has agreed to plead guilty to one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison.

The charges contained in the indictment are merely accusations and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt.

The investigation of Jon, Kim, and Park was led by the FBI’s Los Angeles Field Office, which worked closely with the FBI’s Charlotte Field Office. The U.S. Secret Service’s Los Angeles Field Office and Global Investigative Operations Center provided substantial assistance. The FBI’s Cyber Division also provided substantial assistance.

The investigations of Alaumary were conducted by the U.S. Secret Service’s Savannah Field Office, FBI’s Los Angeles Field Office, and the U.S. Secret Service’s Los Angeles Field Office and Global Investigative Operations Center. The FBI’s Criminal Investigative Division also provided substantial assistance.

The case against Jon, Kim, and Park is being prosecuted by Assistant U.S. Attorneys Anil J. Antony and Khaldoun Shobaki of the Cyber and Intellectual Property Crimes Section, with substantial assistance from Trial Attorney Scott Claffee of the Department of Justice National Security Division’s Counterintelligence and Export Control Section.

Assistant U.S. Attorneys Antony and Shobaki are also prosecuting the case against Alaumary, in which the U.S. Attorney’s Office for the Southern District of Georgia and the Criminal Division’s Computer Crimes and Intellectual Property Section (CCIPS) provided substantial assistance. Assistant U.S. Attorneys Antony and Shobaki, along with Assistant U.S. Attorney Jonathan Galatzan of the Asset Forfeiture Section, also obtained the seizure warrants for cryptocurrency stolen from the financial services company in New York.

The Criminal Division’s Office of International Affairs provided assistance throughout these investigations, as did many of the FBI’s Legal Attachés, as well as foreign authorities around the world. Numerous victims cooperated and provided valuable assistance.

Research Program Leads DOD Participation in STORM CHASER Study

 Feb. 15, 2021 | BY Zachary Willis, Uniformed Services University

While COVID-19 vaccinations are currently being distributed across the world to begin the process of reining in the pandemic, the threat of contracting the virus remains, and the population still waiting on vaccinations continues to be at risk of infection. However, help may be on the horizon by way of STORM CHASER, a study led in the Military Health System by the Uniformed Services University's Infectious Disease Clinical Research Program. 

STORM CHASER, which stands for Study To Optimally Reduce Morbidity in Care Homes And Sites with Enhanced Risk, seeks to find out if COVID-19 could be prevented in those who have recently been exposed to the SARS-CoV-2 infection by administering an intramuscular monoclonal antibody within eight days of exposure and not yet symptomatic. 

If successful, the product could be beneficial for those in high-risk circumstances, such as health care workers, those with COVID-19-positive household members, and restaurant workers. Those receiving the antibody could see immediate immunity and up to six months of protection from COVID-19 from a single dose.

But how do monoclonal antibody products differ from the vaccines currently being developed and administered?

"Vaccines require time to produce antibodies," said Dr. Simon Pollett, an infectious disease physician and IDCRP lead for the STORM CHASER trial, "and thus do not offer immediate protection against COVID-19 when given after a SARS-CoV-2 exposure. The antibody product may provide very rapid protection against COVID-19 because it is given while the virus is incubating."

The antibody therapy is administered via two shots during a single visit to study participants in their gluteal muscles. The scientists are also looking at whether viral shedding, which makes the individual with the virus contagious to others, will be reduced in those who get COVID-19 after receiving the antibody therapy.

Currently, the multinational STORM CHASER study is being conducted at multiple sites including five Defense Department facilities — Tripler Army Medical Center in Hawaii, Madigan Army Medical Center in Washington, William Beaumont Medical Center in Texas, Naval Medical Center Portsmouth in Virginia, and the Uniformed Services University in Bethesda, Maryland. IDCRP is coordinating the study across all five DOD sites.

Study teams at these sites are made up of active duty and/or GS/contractor physicians, nurses, pharmacists, and clinical research staff.  Principal investigators for each site are Army Lt. Col. (Dr.) Jeffrey Livezey at the Uniformed Services University, Army Col. (Dr.) Viseth Ngauy at Tripler AMC, Army Col. (Dr.) Anjali Kunz at Madigan AMC, Dr. Gina Kubicz at William Beaumont AMC, and Navy Lt. Cmdr. (Dr.) Tida K. Lee at NMC Portsmouth. 

"Those who have recently been exposed to SARS-CoV-2 and who are eligible for care in the Military Health System [including active duty service members] are potentially eligible to participate in this study at the five DOD sites," said Navy Capt. (Dr.) Timothy Burgess, IDCRP director.

STORM CHASER is set to run for one year, with primary analyses likely occurring much earlier in 2021.

Lab Verifies Conformance of COVID-19 Supplies, Military Gear

Feb. 12, 2021 | BY Beth Reece , Defense Logistics Agency

A Defense Logistics Agency laboratory known for burning boots, crushing helmets and ripping combat uniforms is also putting COVID-19 personal protective equipment through the same grueling tests — all in the name of safety and product conformance.

Co-located with DLA Troop Support in Philadelphia, where it tests items primarily in the clothing and textiles and construction and equipment supply chains, the Product Test Center — Analytical is staffed with 27 employees including scientists, engineers and textile technologists.

"Think of us as the Consumer Reports for DLA. We don't just test when there's a problem; we test to make sure vendors meet contract requirements and warfighters have functional items that work as they're intended to in the field," said Jamie Hieber, the Product Test Center — Analytical manager.

The group performed more testing in 2020 than ever despite the limited number of people who could work in the lab simultaneously under pandemic restrictions. And adding time-consuming analysis of items like masks and gowns to the routine hasn't caused them to miss a single deadline, Hieber added.

When the military services began purchasing fabric face masks for troops in the spring, Jessica Raushel's analytical team was asked to evaluate a fabric one vendor claimed had the ability to bind to chlorine.

"If you washed the fabric, it was said to hold on to the chlorine, which would then be released during use of the fabric and potentially give it anti-microbial properties. We were asked to verify that the fabric was indeed treated with this extra finish," she said.

The team wasn't asked to test the fabric's protective properties but did provide contracting officers information they needed to make decisions on whether the chlorine-treated fabric posed potential health risks. Hieber said the group takes pride in sharing science-based data even though they don't always know whether the products tested are later purchased.

Other mask tests included a durability analysis of the head harnesses for KN95s, a mask that's more easily available in the U.S. than N95s although it offers less protection.

Uraina Gray-Scully's shade and textiles' team also tests the durability of surgical gowns from numerous vendors. The gowns are put through 25 wash cycles using parameters such as water and heat temperatures set by manufacturers. Testing can be rigorous and involves commercial or front-loading washers as well as basic home washers.

"The things we look for range from whether the care label is legible after 25 cycles to the side and neck ties holding up without unraveling, and if there are any holes, rips or tears in the body of the gown," Gray-Scully said.

Gown testing takes over a week with five cycles per day for five to six days plus an additional day for staff to write the report.

In non-COVID-19 work, much of the lab's labor revolves around routine checks of performance characteristics for items like combat boots. The tests include an analysis of bond strength between different layers of the sole to ensure it stays together and evaluation of the moisture vapor transmission rate to measure how quickly the boots dry out.

"For flame-resistant combat boots, we'll also test a variety of heat and flame-resistant characteristics like sole heat resistance, which measures the ability to insulate the foot from damage when walking on a hot surface and also upper heat resistance, which measures the ability to protect the wearer's ankle and lower leg from heat," Raushel said.

Many contractors are familiar with DLA's testing capabilities and take extra steps to ensure their products conform to contract requirements, Hieber said. Before the pandemic, contractors visited the lab as often as five times a week to observe fabric quality and color testing for uniform items. And although contractors run their own tests, DLA ensures contracting officers have unbiased results.

"I'm not saying anybody is out to defraud the government, but what if they are," she asked. "What if we come to a situation where there's a safety issue or the item doesn't meet a requirement and it gets into the supply system and someone is hurt or killed because we didn't do our due diligence?"

To adjust to the demand for testing amid pandemic conditions, the staff completed its leap into electronic record keeping and embraced the agency's use of online collaboration tools.

"What we've done to support the pandemic is good news," Hieber said. "But it's also important to say this lab found a way to continue doing the work it's always done in spite of all the challenges of the past year. Our customers know they can rely on us."

DOD Partners With Underrepresented Youth on STEM Initiatives

 Feb. 12, 2021 | BY David Vergun , DOD News

NextFlex, the Department of Defense Flexible Hybrid Electronics Manufacturing Institute (MII), is partnering with the nonprofit Capital Youth Empowerment Program (CYEP) in Washington, D.C., to launch an advanced manufacturing education and workforce training outreach initiative. This unique initiative focuses on underrepresented communities in the Northern Virginia region and will guide participants into Science, Technology, Engineering and Math (STEM)-based education and career pathways.

"The Department of Defense is proud to support this initiative through our public-private partnership with the NextFlex Manufacturing Innovation Institute," said Dr. Robert Irie, deputy director of Strategic Technology Protection and Exploitation (STP&E) in the Office of the Under Secretary of Defense for Research and Engineering (OUSD(R&E)), which oversees the MIIs. "This initiative, along with other MII education and workforce development programs, will build a future STEM workforce, ensure a resilient manufacturing economy, and promote an enduring national defense industrial base." 

The MIIs are public-private partnerships that seek to bring reform and spur innovation in the military-industrial base in accordance with the National Defense Strategy, said Tracy Frost, director of the Office of the Secretary of Defense Manufacturing Technology (OSD ManTech) Program. OSD ManTech oversees and supports the MIIs as part of STP&E in OUSD(R&E).

Spotlight: National Defense Strategy

Since the establishment of the first MII in 2012, the number of DOD MIIs has grown to nine, with the federal government providing over $1B in initial and follow-on agreement funding to the Institutes. A network of over 1,270 organizations from academia, industry and state governments has provided an additional $1.74B in matching funds.

Formed in 2015, the NextFlex MII is a consortium of companies, academic institutions and non-profits as well as state, local and federal government partners with the shared goal of advancing the manufacture of flexible hybrid electronics in the U.S., Frost said.

Flexible hybrid electronics is a technology for assembling electronic circuits by mounting them on flexible plastic substrates. This allows the circuit board to conform to any number of desired shapes, yet still perform as traditional rigid circuit board.

In addition to technology development and commercialization, NextFlex and the other MIIs also focus on talent development for the advanced manufacturing sector. "It is becoming increasingly important to the innovation capacity of the United States to create impactful and inclusive strategies for developing STEM-based talent," said Frost, referring to Science, Technology, Engineering, and Mathematics.

One of the biggest challenges in workforce development for science and technology is successfully engaging underrepresented populations. "The U.S. relies on a steady pipeline of innovative, creative and skilled individuals to maintain our position as global leaders in advanced manufacturing," said Emily McGrath, NextFlex Director of Workforce Development. "We want to ensure we are providing the support and pathways necessary to capture the talent available in our large and diverse population."

To address this challenge, NextFlex created FlexFactor ®, a STEM outreach program, designed to familiarize students with advanced technologies and the education pathways leading to careers in the advanced manufacturing sector. The program is active in seven communities across the nation, and will be launching in 11 more communities in 2021. To date, the program has reached over 5,250 students nationwide.

"NextFlex and its partners are expanding FlexFactor, a proven middle and high school outreach program for growing the talent pool in manufacturing engineering, to 30 labor markets nationwide," said Dr. Jagadeesh Pamulapati, director of Laboratories and Personnel in OUSD(R&E). "Manufacturing Engineering Education Program partners, such as NextFlex, play an important role in developing and fostering the advanced manufacturing workforce our Nation depends upon to maintain our technological superiority for years to come." 

The NextFlex partnership with CYEP will integrate FlexFactor into CYEP's outreach programming in order to reach underrepresented individuals and engage them in STEM pathways. "CYEP will help increase and diversify the STEM talent pipeline by recruiting underrepresented and underserved populations into the advanced manufacturing talent pool, emphasizing individuals who have not yet considered higher education or STEM-based careers," said Erick King, CYEP Executive Director. "This initiative will help build a strong and capable U.S. manufacturing workforce, which is a critical component of the national security innovation base."

The NextFlex-led initiative with CYEP includes "wraparound" services that provide the critical support many underserved and at-risk populations need in order to access higher education and employment and break the cycle of generational poverty. These wraparound services include parenting classes related to childhood education, assistance with food and housing insecurity, and transportation. This foundational support is coupled with career readiness and professional communication training, economic stability workshops, and technical skills training. NextFlex selected CYEP as a local partner because of CYEP's success in working with young people, single parents, and community members in the National Capital Region.The project will formally kick off on April 1, 2021 and continue for five years if successful, said McGrath. "It will be evaluated on an annual basis for effectiveness in supporting participants as they achieve social and economic stability, moving into education and employment pathways over time. Our goal is to formalize an approach to successfully engaging underrepresented and at-risk populations with the STEM sector through a range of social and economic stability support services. Once we have solidified this approach and determine that it meets success metrics, we will export the framework to other underrepresented communities around the nation."

Broad STEM-sector participation is a critical focus for federal and state governments as it directly supports U.S. economic competitiveness, national security, and individual prosperity. In addition to supporting these important economic and national security goals, this NextFlex-CYEP partnership will provide individuals with an important pathway to financially stable, high-growth, and rewarding STEM-sector careers. 

"Strategic, intentional investments in STEM for underrepresented and low-income youth are essential to creating diverse and healthy economic ecosystems and provide economic opportunity for struggling communities," said King. "Social, educational and technical skill development are essential to a sustainable, inclusive growth path that benefits our entire Nation."

Director Explains Approaches to Fielding New Space Capability

follow.

 Feb. 12, 2021 | BY David Vergun , DOD News

The Space Development Agency is responsible for unifying and integrating the Defense Department's space development efforts and accelerating the fielding of new military space capabilities. 

The SDA is set up to exist and to operate as an efficient, commercial-type entity within the department. As such, it's designed to deliver capability to the warfighter, whether it be satellites and other space-based assets, such as missile and hypersonic vehicle tracking sensors, SDA Director Derek Tournear told attendees of the virtual Small Satellite Symposium yesterday.

An important approach the SDA has taken is seeking out small and large innovative technologies that have space-based applications, he said.

The current focus is on producing thousands of low-cost satellites that deliver resilience and capability through a meshed network of interconnected satellites that provide connectivity directly to existing tactical datalinks, which then talk to weapons systems, he said. 

Many of those satellites will provide detection, tracking and targeting capability related to advanced missile threats, Tournear said. Others will provide intelligence, surveillance, reconnaissance and space situational awareness. Still, others provide important precision, navigation and timing. All of these satellites are supported by ground support equipment, launch vehicles and mission operations centers.

Some demonstrations will be conducted this year to develop techniques and procedures and prove this networked capability, he said. The first launching of satellites will begin in fiscal year 2022; by FY 2023 there will be 30 different types of satellites. Hundreds of satellites will be launched in the years to 

Sometime within the next year or two, these satellites will begin providing regional coverage; by the third year, they should be providing global coverage, he noted.

Another focus is on spiral development, he said, referring to refining rapidly developed prototypes with incremental improvements in such things as algorithm and autonomy. It's an approach that enables new products to be fielded within two years, which is timely compared to traditional acquisition processes. This is a particularly important approach because technology and new threats are rapidly emerging.

Tournear emphasized that DOD didn't create all this innovation. Instead, it relies heavily on commercial innovators and partnering with them. He added that he'd love to have conversations with industries that are willing to team up with the department in its space-based efforts.