Nakasone Says U.S. Works to Stay Ahead of Cybersecurity Curve

 May 28, 2021 | BY Terri Moon Cronk , DOD News

Twenty years after the Sept. 11, 2001, attacks, the great threat to the nation has evolved into cyberspace — a new strategic environment where cyber actors can increase their power, degrade the power of others, and gain a strategic advantage, said Army Gen. Paul M. Nakasone.

"Our adversaries are operating with a scope, scale and sophistication unlike anything we've seen before," said Nakasone, commander of U.S. Cyber Command and director of the National Security Agency. "Their tactics have evolved far beyond spear phishing and exploitation of weak passwords. Today, our adversaries are targeting and infiltrating our systems by exploiting supply chain and zero-day vulnerabilities, and our adversaries are demonstrating a new risk calculus that has changed the traditional threat landscape."

Speaking virtually to the Armed Forces Communications and Electronics Association, Nakasone said that, by operating in cyberspace, U.S. adversaries can cause damage while operating below the level of armed conflict, and they're targeting U.S. economies, critical infrastructure and electoral processes. Adversaries also have launched persistent malicious cyber campaigns to erode U.S. military advantages and increasingly leverage social media to carry out [and] influence operations. These adversaries also steal U.S. defense secrets, intellectual property and personally identifiable information, he added.

Social media as we know it didn't exist 20 years ago, so now there's a trove of data in smartphones and social media accounts that adversaries can use against us, Nakasone said. Even fitness trackers and genealogy information are data points for our adversaries, who can use that information for malign purposes, such as counter intelligence, social engineering, or ransomware attacks.

China and Russia are the two greatest threats to the United States, and China is the pacing challenge, he said.

"China is becoming more assertive economically, diplomatically, militarily and technologically," Nakasone said. "It seeks to undermine a stable and open international order to establish its credibility and dominance in the global system."

He characterized Russia as a disruptive threat that aims to undermine the integrity and legitimacy of political systems. "Russia has demonstrated its ability to conduct influence operations in numerous countries, often by combining effective target development with the power of social media," he said, noting that China and Russia are conducting malicious cyber campaigns to erode U.S. military advantages, threaten U.S. infrastructure and reduce U.S. economic prosperity.

Nakasone said the United States must also actively deter rogue regimes, such as North Korea and Iran, which are unpredictable and destabilizing presences in their respective regions. "North Korea poses a significant threat to the international financial and commercial sectors by sponsoring cyber exploitation of financial institutions to illicitly acquire funding and evade U.S. and United Nations sanctions." 

He said Iran has also demonstrated the capability and intent to strike in its region and against the United States in cyberspace. "Moving forward, we expect that these and other adversaries will increase their efforts in cyberspace to undermine U.S. and allied interests," he said. "These malicious actors will continue to identify vulnerabilities in software across our governments, military and private-sector networks. And they'll embrace common anonymization platforms, generalized toolkits and open-source capabilities — anything that makes it more difficult for network defenders to detect and attribute their activity."

Such challenges to the United States will increase in both scale and scope, Nakasone said. "We must raise the bar. We must be resilient, and we must act. Our success in the new era of strategic competition will rely, in part, on our ability to develop partnerships of all kinds that acknowledge shared risks, shared goals and shared solutions. Our adversaries have worldwide reach. Partnership is where the power is."

Nakasone said U.S. Cyber Command and the National Security Agency work with the U.S. government, private industry, academia and international partners to achieve and maintain cyberspace superiority by building resilience at home, implementing proactive defense strategies, and contesting adversaries' campaigns and objectives. He added it's through these partnerships and collaborations that the U.S. will make it increasingly difficult for adversaries to operate. 

NSA expanded its ability to counter cyberthreats and share information with partners in innovative and unclassified ways when agency leaders opened the Cybersecurity Collaboration Center in December, Nakasone said. NSA partnerships with the private sector enable the agency to quickly secure national security systems, the Defense Department and defense industrial base networks.

"Thanks to our existing public-private dialogue, NSA has been able to quickly identify and issue advisories on critical vulnerabilities and commercial software for the national security systems that could also potentially affect millions of users around the world.

"We're all here with one overarching goal: to secure our future," Nakasone said. "And as threats evolve and our nation and our adversaries become more sophisticated, we must remain ahead of the curve. I have confidence that we, as a nation working together, will meet the critical challenges ahead."

Press Release: DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

 Today, the Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector.

“The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” said Secretary of Homeland Security Alejandro N. Mayorkas.  “The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security. DHS will continue to work closely with our private sector partners to support their operations and increase the resilience of our nation’s critical infrastructure.”

The Security Directive will require critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CISA) and to designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week.  It will also require critical pipeline owners and operators to review their current practices as well as to identify any gaps and related remediation measures to address cyber-related risks and report the results to TSA and CISA within 30 days. 

TSA is also considering follow-on mandatory measures that will further support the pipeline industry in enhancing its cybersecurity and that strengthen the public-private partnership so critical to the cybersecurity of our homeland.

Since 2001, TSA has worked closely with pipeline owners and operators as well as its partners across the federal government to enhance the physical security preparedness of U.S. hazardous liquid and natural gas pipeline systems. As the nation’s lead agency for protecting critical infrastructure against cybersecurity threats, CISA provides cybersecurity resources to mitigate potential risks, including through a dedicated hub that disseminates information to organizations, communities, and individuals about how to better protect against ransomware attacks. 

This new TSA Security Directive also highlights the critical role that CISA plays as the country’s national cyber defense center. Last December, Congress, through the National Defense Authorization Act, empowered CISA to execute its mission to secure federal civilian government networks and our nation’s critical infrastructure from physical and cyber threats.

Defense Office Brings Small Tech Companies Into Big League

 May 26, 2021 | BY C. Todd Lopez , DOD News

The biggest U.S. defense contractors — such as Lockheed Martin, Boeing, General Dynamics and Raytheon — provide many of the technologically advanced weapons and systems used by U.S. service members. 

But there are thousands of other technology companies in the U.S., some large and many quite small, with big ideas and capabilities that have never had the opportunity to contribute to the nation's defense, even though the idea may appeal to them.

In March, the Quick Reaction Special Projects program, which is part of the Rapid Reaction Technology Office within the office of the undersecretary of defense for research and engineering,  published the "2021 Global Needs Statement."

The Global Needs Statement — which is just one of several proposal calls per year that RRTO engages with small and non-traditional companies to incubate innovation by showcasing new ideas and concepts to a Defense Department audience — asks interested companies to provide their most compelling and innovative technologies and ideas in areas involving artificial intelligence and machine learning; autonomy; biotechnology; cyber; directed energy; fully networked command, communication and control; hypersonics; microelectronics; quantum technology; space and 5G communications.

Spotlight: Engineering in the DOD

Those technology areas are of great interest to the Defense Department and were spelled out in the 2018 National Defense Strategy; respondents to the Global Needs Statement aren't expected to be the big players who usually get the government contracts.

"For this particular initiative ... the vast majority of the companies that submit applications are companies that DOD doesn't do business with on a regular basis or at all," said John Lazar, RRTO's Director. "We're trying to bring in more companies that DOD either doesn't know about or rarely does business with.  We limit companies to 100 words on their applications to make it even easier to get their ideas in front of DOD."

Working with DOD can be quite daunting or bureaucratically challenging for some small companies, which can have a chilling effect on engagement. It's something RRTO can help with, Lazar said.

"Part of what our RRTO engages in, not just in this particular program but with many of our programs, is mentoring and teaching these businesses how to do business with the Defense Department," he said. "We help them with white papers, proposals — whatever the DOD customer is looking for. We help them communicate."

While the window for submitting proposals for the 2021 Global Needs Statement closed in April, more than 650 responses to the statement were received. A second needs statement is open through early June, and more will occur throughout the year.

RRTO will then read through the submissions and evaluate them with subject matter experts, finding the best of the best to bring forward to potential customers inside the Defense Department.

Then, Lazar said, DOD customers such as the military services, combatant commands and defense agencies will help decide which submissions they think have the highest potential for payoff.

"Those companies will then engage directly with those DOD customers ... from there, it's out of RRTO's hands, and it's between the company and that defense customer," Lazar said.

The DOD customer will work with the company in question to further develop technology proposals that have been brought forward into products that can meet their needs, Pena said.

By the end of June, about 35 of the 650 companies who submitted proposals this year will have been selected to move forward with continued talks with DOD customers, and eventually, that number will be down-selected further. But the end result will be  Defense Department access to new companies bringing ideas that might not have been seen before.

Last year, as part of the Quick Reaction Special Projects program's "innovation outreach" effort, 1,600 companies responded to open-ended DOD needs statements.

In previous years, new companies such as FireEye (cybersecurity), MotionDSP (software and image processing), Saratoga Data (software/engineering), and Tectus (virtual/augmented reality) became DOD partners — joining the ranks of much larger defense contractors who for decades have helped meet warfighter needs.

With this latest Global Needs Statement effort, Lazar said, DOD once again hopes to bring on board new companies with new ideas that can provide even better tools to help service members meet the nation's defense needs.

"What we're looking for are highly innovative companies with new technologies that have the potential to provide leap-ahead capabilities against near-peer adversaries and fill gaps in critical joint mission needs," Lazar said.

Register for "Firearms 3D technology: Advantages and Value for Implementing 3D Technologies"

 Webinar date: June 2, 2021, 1:00 pm – 2:00 pm Eastern

This presentation will demonstrate the effectiveness of integrating 3D technology into the forensic firearms/toolmarks discipline and the decision analysis used for selecting samples for virtual comparison.  In 2009, a report by the National Academy of Sciences (“Strengthening Forensic Science in the United States: A Path Forward”) called into question, amongst other issues, the objectivity of visual toolmark identification (note that firearms identification is considered to be a subset of toolmark identification). The National Academies recommended development of objective toolmark identification criteria and error rate estimates. Currently in the forensic science community of toolmark identification, there are no objective standards for identification. In recent years, instruments have emerged with the capability to measure toolmark topographies and incorporate matching algorithms that have the potential to provide objective support for an examiner’s conclusion. In 2012, the FBI Laboratory’s Firearms/Toolmarks Unit (FTU) set forth with an approach aimed at addressing the recommendations identified in the NAS Report to evaluate the possibility of supplementing traditional light comparison microscopy with three-dimensional topographic measurement data. The FBI Laboratory had another goal: to determine the reliability of available algorithms to generate a score for match criteria and started acquiring instruments for this endeavor. In 2014, the FBI Laboratory acquired the Cadre® Forensic TopMatch- GelSight instrument which uses the Bidirectional Reflectance Distribution Function to acquire 3D surface images and allows for side-by-side evaluation of surface topographies with a matching algorithm search capability for topography similarities.  In October of 2017, the FTU completed its validation studies and established acceptable operating parameters for the Cadre® Forensic TopMatch- GelSight instrument and went live for casework to supplement light comparison microscopy for the examination of ammunition components. This presentation will cover highlights of the process, including the Standard Operating Procedures put in place, the laboratory workflow, selection of casework, blind verification incorporation, reexamination of casework using light microscopy and Daubert preparation. REGISTER

NSF Program on Fairness in Artificial Intelligence in Collaboration with Amazon

 

The National Science Foundation (NSF) and Amazon are partnering to jointly support computational research focused on fairness in AI, with the goal of contributing to trustworthy AI systems that are readily accepted and deployed to tackle grand challenges facing society. Specific topics of interest include, but are not limited to transparency, explainability, accountability, inclusivity, potential adverse biases (including social biases) and effects, mitigation strategies, algorithmic advances, fairness objectives, validation of fairness, participatory design, and advances in broad accessibility and utility. Funded projects will enable broadened acceptance of AI systems, helping the U.S. to further capitalize on the potential of AI technologies. Although Amazon provides partial funding for this program, it will not play a role in the selection of proposals for award. Funding proposal deadline is August 3, 2021. SUBMIT PROPOSAL

DOD & HHS Announce DPA Title III Agreement With Retractable Technologies, Inc. to Expand Domestic Production Capacity for Low Dead-Space Safety Syringes and Needles

 May 24, 2021

---

As part of the national response to COVID-19, the Department of Defense (DOD), in coordination with the Department of Health and Human Services (HHS), signed an agreement with Retractable Technologies, Inc. (RTI) to expand the production of the low dead-space (LDS) safety syringes and needles. Government funding allocated was $27.3 million.

LDS syringes maximize dose efficiency and allow for additional vaccinations to be obtained from vials. The utilization of LDS syringes will allow access to 20 percent more COVID-19 vaccine doses compared to non-LDS syringes. The investment will enable Retractable Technologies, Inc. to install two additional automated LDS safety syringe assembly lines at its manufacturing facility in Little Elm, Texas. The two additional assembly lines will enable the company to increase U.S. production capacity of LDS safety syringes by approximately 75%.

This project is part of the interagency effort to ensure timely availability of medical resources essential for national defense. This effort was led by the Biomedical Advanced Research and Development Authority (BARDA), part of the HHS Office of the Assistant Secretary for Preparedness and Response, in collaboration with the DOD Joint Program Executive Office for Chemical, Biological, Radiological and Nuclear Defense (JPEO-CBRND) and the HHS Supply Chain and Industrial Base Assurance (SCIB) Steering Committee, and funded through the Defense Production Act (DPA) Title III Program at DOD.

Space-Based Capabilities Are Critical to U.S. National Security, DOD Officials Say

 May 24, 2021 | BY Terri Moon Cronk , DOD News

Space-based capabilities are vital to U.S. national security in today's era of de-stabilizing challenges from Russia and undeniable strategic competition with China, the Defense Department's principal director for space policy told a House Armed Services Committee panel today.

John D. Hill told the HASC subcommittee on strategic forces that Secretary of Defense Lloyd J. Austin III has also testified that the growth of Chinese and Russian counter space capabilities presents the most immediate and serious threats to U.S. allied and partner space activities. Additionally, ''Russia and China view space as critical to modern warfare and consider the use of counterspace capabilities as both a means of reducing U.S. military effectiveness and winning future wars,'' Hill said.

As these developments portend, the United States must be prepared for conflict to extend to, or even originate, in space, he said. But to be clear, such a conflict would not be a space war distinct from terrestrial war, but would represent ''an extension of traditional armed conflict into the space domain of human endeavor,'' Hill clarified. 

The 2020 defense-based strategy addresses such challenges of deterrence and the challenges of crisis de-escalation and warfare, extending to space along four lines of effort, Hill said. The DOD is building comprehensive military advantages in space; integrating space into national joint and combined operations; shaping the strategic environment to enhance domain stability and reduce the potential for miscalculation; and enhancing space cooperation with its international partners, commercial entities and agency partners. 

Supporting national security strategic guidelines, Hill noted his office also leads DOD's participation in the U.S. government space diplomatic initiative, which centers on establishing voluntary non-binding standards of responsible behavior and on exposing the disingenuous space arms control initiatives of Russia and China. 

Air Force Gen. David D. Thompson, vice chief of space operations, U.S. Space Force, told Congressional members that Space Force, the newest military service, has made tremendous strides in the first year by establishing and resourcing the organizational blueprint for the service; moving aggressively in the areas of human capital, force design, acquisition, integration; and providing the foundations to establish a truly digital service — while executing its critical space missions around the clock, without fail. 

The direction for the second year of the force, he said, is the integration of Space Force into the joint force, the interagency, and with U.S. allies and partners as building out the newest service continues.

Spotlight: DOD Space Strategy

''[We] have established the first field command Space Operations Command and completed the organizational design of the remaining two Space Systems Command and Space Training and Readiness Command, with the anticipated standup of those two commands later this year,'' Thompson said, noting that Space Operations Command is responsible for preparing and presenting forces to U.S. Space Command and other combatant commands. 

As part of the second year's integration activities, Space Force put increasing emphasis on strengthening relationships within existing partners and establishing relationships with new partners, he said. It extends to the other services, combatant commands and allies and other international partners. ''The United States as a whole and the U.S. Space Force in particular are much stronger when these relationships are strong,'' he added.

The entire leadership of the Department of the Air Force remain committed and adamant that the pace of space acquisition must be increased, Thompson said, adding, ''Maintaining program delivery timelines of the recent past will not outpace the threat. We must go faster.'' 

Thompson emphasized that the Space Force will continue to smartly leverage the authorities granted by Congress and it will partner with industry and academia to leverage technology and innovation of the commercial sector. 

''In my opinion, the creativity, ingenuity and innovation of the American mind is one of our greatest assets,'' the general said. ''We must leverage that fully in this endeavor. Our people, our guardians, are critical to the success of the Space Force. We are adapting new and innovative human capital and talent management approaches for both civilians and military members.''

Register for "Developing an Unbiased Culture in Your Laboratory"

 

Webinar Date: May 26, 2021, 1:00 - 2:00 pm Eastern This webinar will facilitate a discussion about bias in a crime laboratory. Questions to be discussed include: what is bias in forensics? How can it impact your operations? Why is it important? And what are some considerations when building a culture without bias? The webinar will include important aspects of an unbiased culture, symptoms that indicate your culture might be biased, and examples from the Phoenix Police Department and the Virginia Department of Forensic Sciences. Key components to consider when building this culture include organizational structure, laboratory policies and procedures, business processes, employee training, transparency, and open access. Laboratory leaders must consider how bias can impact the forensic process and implement measures to build an unbiased culture. REGISTER