April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Federal | Agencies | Legislative

Inherent Resolve Strikes Target ISIS in Syria, Iraq

SOUTHWEST ASIA, Nov. 27, 2017 — U.S. and coalition military forces have continued to attack the Islamic State of Iraq and Syria yesterday, conducting 11 strikes consisting of 36 engagements Nov. 24 and 25, Combined Joint Task Force Operation Inherent Resolve officials reported today.

Officials reported details of the most recent strikes, noting that assessments of results are based on initial reports and adding that no strikes have yet been reported as having taken place in Syria or Iraq yesterday.
In addition, officials today reported details of a Nov. 23 strike consisting of one engagement near Abu Kamal, Syria, for which the details were unavailable in time for the most recent previous report. The strike engaged an ISIS tactical unit and destroyed an ISIS vehicle.
Strikes in Syria
On Nov. 24 in Syria, coalition military forces conducted four strikes consisting of seven engagements against ISIS targets:
-- Near Abu Kamal, three strikes engaged three ISIS tactical units and destroyed two ISIS vehicles.
-- Near Shadaddi, a strike damaged an ISIS supply route.
On Nov. 25 in Syria, coalition military forces conducted five strikes consisting of eight engagements near Abu Kamal, engaging six ISIS tactical units and destroying four ISIS vehicles and a headquarters.
Strikes in Iraq
On Nov. 24 in Iraq, coalition military forces conducted two strikes consisting of 21 engagements against ISIS targets:
-- Near Baaj, a strike engaged two ISIS tactical units and destroyed six ISIS vehicles and two ISIS-held buildings.
-- Near Mosul, a strike damaged an ISIS supply route.
No strikes were reported in Iraq for Nov. 25, officials said.
Part of Operation Inherent Resolve
These strikes were conducted as part of Operation Inherent Resolve, the operation to destroy ISIS in Iraq and Syria. The destruction of ISIS targets in Iraq and Syria also further limits the group's ability to project terror and conduct external operations throughout the region and the rest of the world, task force officials said.
The list above contains all strikes conducted by fighter, attack, bomber, rotary-wing or remotely piloted aircraft; rocket-propelled artillery; and some ground-based tactical artillery when fired on planned targets, officials noted.
Ground-based artillery fired in counterfire or in fire support to maneuver roles is not classified as a strike, they added. A strike, as defined by the coalition, refers to one or more kinetic engagements that occur in roughly the same geographic location to produce a single or cumulative effect.
For example, task force officials explained, a single aircraft delivering a single weapon against a lone ISIS vehicle is one strike, but so is multiple aircraft delivering dozens of weapons against a group of ISIS-held buildings and weapon systems in a compound, having the cumulative effect of making that facility harder or impossible to use. Strike assessments are based on initial reports and may be refined, officials said.
The task force does not report the number or type of aircraft employed in a strike, the number of munitions dropped in each strike, or the number of individual munition impact points against a target.

Related Links

L3 Announces Free Space Optics Contract Awards

NEW YORK-- L3 Technologies (NYSE:LLL) announced today the award of multiple contracts relating to the development of Free Space Optics (FSO) capabilities for U.S. Department of Defense (DoD) and space customers. FSO technology enables high-bandwidth communication while protecting signal integrity in a highly contested spectrum environment and is a proven next-generation solution for high-capacity, over-the-air communications.


“Our continued investment in FSO technologies builds on our leadership in providing state-of-the-art data links that deliver the most reliable and secure communications possible for our customers,” said Christopher E. Kubasik, L3’s President and Chief Operating Officer. “Our focus on bringing innovation to the space and near-space domains reflects our strategy of aligning with our customers’ priorities in these markets to increase their efficiencies and overall mission effectiveness.”


Work on these contracts will be done by L3 Communication Systems-West (L3 CS-West), which is part of the company’s Communication Systems business segment. L3 CS-West has been developing robust and reliable FSO communications since 2007, enabling long- and short-haul transmission capabilities for enhanced dissemination of large volumes of video and data.


L3 CS-West is a leader in communication systems for high-performance networks, including intelligence collection, imagery processing and satellite communications for the DoD and other customers. The company provides high data rate, wideband, secure, real-time communication systems for surveillance and reconnaissance. To learn more about L3 CS-West, please visit the company’s website at www.L3T.com/CSW.
Headquartered in New York City, L3 Technologies employs approximately 38,000 people worldwide and is a leading provider of a broad range of communication, electronic and sensor systems used on military, homeland security and commercial platforms. L3 is also a prime contractor in aerospace systems, security and detection systems, and pilot training. The company reported 2016 sales of $10.5 billion.
To learn more about L3, please visit the company’s website at www.L3T.com. L3 uses its website as a channel of distribution of material company information. Financial and other material information regarding L3 is routinely posted on the company’s website and is readily accessible.


Safe Harbor Statement Under the Private Securities Litigation Reform Act of 1995
Except for historical information contained herein, the matters set forth in this news release are forward-looking statements. Statements that are predictive in nature, that depend upon or refer to events or conditions or that include words such as “expects,” “anticipates,” “intends,” “plans,” “believes,” “estimates,” “will,” “could” and similar expressions are forward-looking statements. The forward-looking statements set forth above involve a number of risks and uncertainties that could cause actual results to differ materially from any such statement, including the risks and uncertainties discussed in the company’s Safe Harbor Compliance Statement for Forward-Looking Statements included in the company’s recent filings, including Forms 10-K and 10-Q, with the Securities and Exchange Commission. The forward-looking statements speak only as of the date made, and the company undertakes no obligation to update these forward-looking statements.

GSA’s Next Generation of Alliant is Here; 61 Companies Awarded Spots on “Best-in-Class” Alliant 2 Governmentwide Acquisition Contract for IT services

WASHINGTON, D.C.-- Today the U.S. General Services Administration (GSA) announced the award of its $50 billion Alliant 2 (A2) Governmentwide Acquisition Contract (GWAC). The A2 GWAC is a Multiple Award, Indefinite-Delivery, Indefinite-Quantity (IDIQ) contract to provide customized Information Technology (IT) services and IT services-based solutions to the government. A2 provides federal agencies with access to 61 companies providing integrated information technology (IT) solutions for evolving needs on a global basis. Further, A2 allows for the application of technology to meet business needs including the ability to stay on the forefront of emerging IT services. To see the complete list of awarded industry partners, please visit www.fbo.gov.

The next-generation A2 contract is available to all federal agencies and has already earned "best-in-class" status from the Office of Management and Budget. It’s a follow up to the first successful GSA GWAC, Alliant, which aggregates custom IT providers on one full-range vehicle to meet the evolving needs of Federal agencies.

"The next generation Alliant continues to build on GSA’s success collaborating with industry partners to design solutions that support federal agencies with mission-critical, complex IT services requirements," said GSA Office of Information Technology Category Assistant Commissioner Kay T. Ely. ”The team’s work to earn a best-in-class designation by including pricing strategies and data-driven demand management practices will serve federal agencies well, and lower costs for american taxpayers.”

“I applaud the great work the Alliant 2 team did to make this solution a reality,” said Federal Acquisition Service Commissioner Alan Thomas. “Alliant 2 provides agencies with a vehicle to help modernize mission-critical IT and meet the government’s requirements not just today, but well into the future.”

The new A2 comes with significant enhancements, such as scope improvements, new IT service labor categories, new cybersecurity standards, new environmental standards, and the incorporation of required Defense Federal Acquisition Regulation Supplement (DFARS) regulations/provisions into the master contract so they automatically flow down to the task order level on any/all task orders issued by a Department of Defense (DOD) agency.

A2 also includes:

  • A highly qualified pool of information technology industry partners;
  • A robust scope aligned with the Federal Enterprise Architecture (FEA) and Department of Defense Enterprise Architecture (DoDEA);
  • Access to a full range of comprehensive IT services and IT services-based solutions;
  • Flexibility as emerging technologies and the definition of information technology evolve;
  • Ancillary support (non-IT) permitted when it is integral to, and necessary for, the IT services-based outcome;
  • On-ramp and off-ramp provisions, ensuring retention of a highly-qualified pool of contractors;
  • A full spectrum of contract types, including cost reimbursement;
  • Worldwide coverage;
  • Complimentary scope-compatibility reviews;
  • Acquisition templates, and
  • Sample Statements of Work (SOWs).

The first-generation Alliant GWAC will expire in April 2019. The A2 unrestricted contract allows federal clients that have long-term task order requirements exceeding five years to consider the A2 GWACs. For more information, please visit www.gsa.gov/alliant2 or download the Alliant 2 brochure.

Press Conference Information: GSA invites reporters to attend a conference call Q&A session with Deputy Assistant Commissioner for IT Category Management Operations, Bill Zielinski, at 2:00 pm EST today (Monday, November 20, 2017). For dial-in information please RSVP to [email protected] by 1:00 pm EST.

# # #

Salient CRGT Expands Mobility Product Offering to Provide Law Enforcement Quick Access to Investigative Data

FAIRFAX, Va., Nov. 21, 2017 -- Whether it's a state trooper needing an immediate background check on a motorist or an investigator requiring timely criminal evidence for a case, law enforcement officials demand instant access to crucial investigative information. Recognizing this challenge to rise to higher level of performance, Salient CRGT, Inc., a leading provider of technology consulting services has partnered with Kaseware, the leader in investigative case management solutions, to integrate Salient CRGT's Voyager™ Query for Law Enforcement within the Kaseware investigative case management system to make it easier for law enforcement agencies to obtain criminal justice data.
Kaseware investigative case management system combines incident and case management, dispatching, evidence management, and analytics in a single, integrated system. Salient CRGT's Voyager Query's proven, cloud-based CJIS integration platform, paired with Kaseware's integrated system eliminates the need to maintain multiple software products or reinvent connecting to legacy systems and databases. As a result, this strategic partnership enables agencies to cost effectively support information sharing, comprehensive investigations, and crime reduction programs.
"Data sharing in law enforcement is a powerful tool used to not only protect the lives of law enforcement officers, but also enhance public safety and neutralize criminal activity. Partnering with Kaseware further expands Voyager Query's commercial reach and enhance the delivery of critical information to the hands of first responders," said Dr. Larry Rose, SVP of Commercial Services at Salient CRGT.
Salient CRGT currently serves more than 250 law enforcement communities encompassing over 2,100 users using Voyager Query for Law Enforcement. Voyager Query's infrastructure allows authorized agencies to access critical Criminal Justice Information Services (CJIS) compliant data over any wireless network and the ability to message between multiple users and agencies provides a new level of information sharing capability. Kaseware is offered as a CJIS compliant SaaS or on premises integrated suite of capabilities that's easy to use and full featured.
"Kaseware was developed by the same team that built the FBI's current global investigations and case management system. We understand the critical impact of relevant and timely law enforcement data to any investigation," said Chad Fulgham, Co-Founder and CEO of Kaseware and former FBI CIO. "Kaseware's offering of Salient CRGT's National Crime Information Center searching at no extra cost for all Kaseware law enforcement officials customers is yet another example of how Kaseware is committed to supporting our law enforcement professionals."
About Salient CRGT
Salient CRGT provides federal civilian, defense, homeland, and intelligence agencies, as well as Fortune 1000 companies, with expertise and leadership in health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions. We support these core capabilities with full life‐cycle IT services and training—to help our customers meet critical goals for pivotal missions. The most innovative talent delivery model in the industry, scientifically providing exactly the right people for the customers' most pressing requirements, fuels these critical capabilities. Salient CRGT has earned a record of success with integration and operations of large‐scale, high‐volume solutions. On March 1, 2017, Salient CRGT completed its acquisition of Information Innovators, Inc. – visit newsroom and explore www.salientcrgt.com.
About Kaseware
Kaseware is a tech startup that empowers agencies of any size with advanced investigative and case management technology to deliver incident and case management, investigations, analytics, and information sharing solutions to law enforcement, intelligence, government, and corporate security organizations. Its solution is offered as Software-as-a-Service (SaaS) or On-Premises Enterprise and always supports modern browsers and major mobile platforms
Tweet: [email protected]_CRGT expands mobility product offering to provide law enforcement quick access to investigative data http://bit.ly/1MGSz5l
SOURCE Salient CRGT

Global ransomware damage costs predicted to exceed $11.5 billion annually by 2019:Ransomware will attack a business every 14 seconds by end of 2019

MENLO PARK, Calif., Nov. 15, 2017 -- Ransomware — a malware that infects computers (and mobile devices) and restricts their access to files, often threatening permanent data destruction unless a ransom is paid — has reached epidemic proportions globally.

The impact on businesses is reflected in the Official 2017 Ransomware Report, announced today by Cybersecurity Ventures.

 

Global ransomware damage costs are predicted to exceed $11.5 billion annually by 2019, up from $5 billion in 2017.

Cybersecurity Ventures predicts there will be a ransomware attack on businesses every 14 seconds by the end of 2019. This does not include attacks on individuals, which occurs even more frequently than businesses.

"Since September 2013 when CryptoLocker, the first weapons-grade ransomware strain appeared, this type of malware has metastasized into a multi-billion dollar criminal business model that is only in its early phases and will continue to increase in sophistication," says Stu Sjouwerman, founder and CEO at KnowBe4, a company that specializes in training employees on how to detect and respond to ransomware attacks.

The big myth around ransomware damages is the costs are limited to ransom payouts. However, the percentage of businesses and individuals who are paying bitcoin to reclaim access to their data and systems in response to ransom demands — is declining (even if the total payout figures are rising due to the sheer volume of new attacks).

"Ransomware costs include damage and destruction (or loss) of data, downtime, lost productivity, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hostage data and systems, reputational harm, and employee training in direct response to the ransomware attacks," says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures.

CIOs, CISOs (Chief Information Security Officers), and IT security teams need to heighten their awareness and response plans around the ransomware threat. Cyber defense needs to cross boundaries so that every IT worker understands exactly what ransomware is, how it infects organizations, and how to combat it.

Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015. Ransomware is expected to worsen and make up a proportionately larger share of total cybercrime by 2021.

The Official 2017 Ransomware Report is sponsored by KnowBe4, a world-class integrated Security Awareness Training and Simulated Phishing platform.

About

Cybersecurity Ventures is the world's leading researcher and publisher covering the global cyber economy, and a trusted source for cybersecurity facts, figures, and statistics.

SOURCE Cybersecurity Ventures

Related Links

https://www.cybersecurityventures.com

 

SOURCE Cybersecurity Ventures

Related Links

https://cybersecurityventures.com/

US-CERT Alert: HIDDEN COBRA - North Korean Malicious Cyber Activity

Alert (TA17-318B)
HIDDEN COBRA – North Korean Trojan: Volgmer


Original release date: November 14, 2017 | Last revised: November 15, 2017

Systems Affected


Network systems
Overview
This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with a Trojan malware variant used by the North Korean government—commonly known as Volgmer. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and to further network exploitation. DHS and FBI are distributing these IP addresses to enable network defense and reduce exposure to North Korean government malicious cyber activity.
This alert includes IOCs related to HIDDEN COBRA, IP addresses linked to systems infected with Volgmer malware, malware descriptions, and associated signatures. This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on reporting incidents. If users or administrators detect activity associated with the Volgmer malware, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.
For a downloadable copy of IOCs, see:
IOCs (.csv)
IOCs (.stix)
NCCIC conducted analysis on five files associated with or identified as Volgmer malware and produced a Malware Analysis Report (MAR). MAR-10135536-D examines the tactics, techniques, and procedures observed. For a downloadable copy of the MAR, see:
MAR (.pdf)
MAR IOCs (.stix)
Description
Volgmer is a backdoor Trojan designed to provide covert access to a compromised system. Since at least 2013, HIDDEN COBRA actors have been observed using Volgmer malware in the wild to target the government, financial, automotive, and media industries.
It is suspected that spear phishing is the primary delivery mechanism for Volgmer infections; however, HIDDEN COBRA actors use a suite of custom tools, some of which could also be used to initially compromise a system. Therefore, it is possible that additional HIDDEN COBRA malware may be present on network infrastructure compromised with Volgmer
The U.S. Government has analyzed Volgmer’s infrastructure and have identified it on systems using both dynamic and static IP addresses. At least 94 static IP addresses were identified, as well as dynamic IP addresses registered across various countries. The greatest concentrations of dynamic IPs addresses are identified below by approximate percentage:
India (772 IPs) 25.4 percent
Iran (373 IPs) 12.3 percent
Pakistan (343 IPs) 11.3 percent
Saudi Arabia (182 IPs) 6 percent
Taiwan (169 IPs) 5.6 percent
Thailand (140 IPs) 4.6 percent
Sri Lanka (121 IPs) 4 percent
China (82 IPs, including Hong Kong (12)) 2.7 percent
Vietnam (80 IPs) 2.6 percent
Indonesia (68 IPs) 2.2 percent
Russia (68 IPs) 2.2 percent


Technical Details
As a backdoor Trojan, Volgmer has several capabilities including: gathering system information, updating service registry keys, downloading and uploading files, executing commands, terminating processes, and listing directories. In one of the samples received for analysis, the US-CERT Code Analysis Team observed botnet controller functionality.
Volgmer payloads have been observed in 32-bit form as either executables or dynamic-link library (.dll) files. The malware uses a custom binary protocol to beacon back to the command and control (C2) server, often via TCP port 8080 or 8088, with some payloads implementing Secure Socket Layer (SSL) encryption to obfuscate communications.
Malicious actors commonly maintain persistence on a victim’s system by installing the malware-as-a-service. Volgmer queries the system and randomly selects a service in which to install a copy of itself. The malware then overwrites the ServiceDLL entry in the selected service's registry entry. In some cases, HIDDEN COBRA actors give the created service a pseudo-random name that may be composed of various hardcoded words.
Detection and Response
This alert’s IOC files provide HIDDEN COBRA indicators related to Volgmer. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.
When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.
Network Signatures and Host-Based Rules
This section contains network signatures and host-based rules that can be used to detect malicious activity associated with HIDDEN COBRA actors. Although created using a comprehensive vetting process, the possibility of false positives always remains. These signatures and rules should be used to supplement analysis and should not be used as a sole source of attributing this activity to HIDDEN COBRA actors.
Network Signatures
alert tcp any any -> any any (msg:"Malformed_UA"; content:"User-Agent: Mozillar/"; depth:500; sid:99999999;)
___________________________________________________________________________________________________
YARA Rules
rule volgmer
{
meta:
    description = "Malformed User Agent"
strings:
    $s = "Mozillar/"
condition:
    (uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and $s
}
Impact
A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include
temporary or permanent loss of sensitive or proprietary information,
disruption to regular operations,
financial losses incurred to restore systems and files, and
potential harm to an organization’s reputation.
Solution


Mitigation Strategies
DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:
Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
Keep operating systems and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
Maintain up-to-date antivirus software, and scan all software downloaded from the Internet before executing.
Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For enterprises or organizations, it may be best to block email messages with attachments from suspicious sources. For information on safely handling email attachments, see Recognizing and Avoiding Email Scams. Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.
Do not follow unsolicited web links in emails. See Avoiding Social Engineering and Phishing Attacks for more information.


Response to Unauthorized Network Access
Contact DHS or your local FBI office immediately. To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC ([email protected](link sends e-mail) or 888-282-0870), FBI through a local field office, or the FBI’s Cyber Division ([email protected](link sends e-mail) or 855-292-3937).
References
Revisions
November 14, 2017: Initial version

HIDDEN COBRA - North Korean Malicious Cyber Activity
The information contained on this page is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) to provide technical details on the tools and infrastructure used by cyber actors of the North Korean government. The intent of sharing this information is to enable network defenders to identify and reduce exposure to North Korean government cyber activity. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.

For more information, see:
November 14, 2017: Alert (TA17-318A) HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
November 14, 2017: Alert (TA17-318B) HIDDEN COBRA – North Korean Trojan: Volgmer
August 23, 2017: Malware Analysis Report (MAR-10132963) – Analysis of Delta Charlie Attack Malware
June 13, 2017: Alert (TA17-164A) HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

Global Entry Enrollment on Arrival Expands to 11 Additional International Airports

WASHINGTON—U.S. Customs and Border Protection announced today the expansion of Global Entry Enrollment on Arrival to 11 additional international airports. Enrollment on Arrival enables conditionally-approved Global Entry applicants to complete their interview, the final step of the Global Entry enrollment process, while clearing CBP processing. The program is currently available at nine new locations including Dallas/Fort Worth International Airport (DFW), Detroit Metropolitan Airport (DTW), Minneapolis-Saint Paul International Airport (MSP), Phoenix Sky Harbor International Airport (PHX), Salt Lake City International Airport (SLC), San Diego International Airport (SAN), Norman Y. Mineta San Jose International Airport (SJC), Seattle-Tacoma International Airport (SEA), and Toronto Pearson International Airport (YYZ), and will launch later this week at Denver International Airport (DEN) and Philadelphia International Airport (PHL).

“Global Entry continues to be one of CBP’s most successful and popular programs and we have made it a priority to improve the enrollment process for those looking to join the ranks of Trusted Traveler,” said Acting Commissioner Kevin McAleenan. “Last month, we launched a modernized, mobile-friendly application website making the initial step of the process more user friendly and now with these additional Enrollment on Arrival locations we have added greater flexibility for those looking to complete the enrollment process.”

Since the program’s launch in July, more than 5,200 conditionally-approved Global Entry applicants have completed the final step of the enrollment process at an Enrollment on Arrival location. Enrollment on Arrival is also available at George Bush Intercontinental Airport (IAH), William P. Hobby Airport (HOU), Austin-Bergstrom International Airport (AUS), San Francisco International Airport (SFO) and Vancouver International Airport (YVR).

Conditionally-approved applicants looking to utilize Enrollment on Arrival do not need to schedule an interview appointment ahead of time.

Once a traveler is conditionally-approved, instead of scheduling an interview at a Global Entry Enrollment Center, the traveler can complete the enrollment interview during CBP primary inspection at a participating airport. Upon arrival, travelers will be directed to a primary booth designated specifically for Enrollment on Arrival. A CBP officer will conduct both the primary processing and Global Entry interview and collect the traveler’s biometrics to complete the enrollment. The traveler will then be cleared for entry into the United States and, if approved, will be a Global Entry member.

Currently available at 54 U.S. airports and 15 Preclearance locations, Global Entry streamlines the international arrivals process at airports for trusted travelers. The more than 4.7 million Global Entry members bypass traditional CBP inspection lines and use an automated kiosk to complete their admission to the United States. As an added benefit, Global Entry members are also eligible to participate in the TSA Pre✓™ expedited screening program.

U.S. citizens, U.S nationals and U.S. Lawful Permanent Residents may apply for Global Entry as well as passport holders from Argentina, Colombia, Germany, India, Mexico, the Netherlands, Panama, the Republic of Korea, Singapore, Switzerland, Taiwan and the United Kingdom. Canadian citizens and residents enrolled in NEXUS may also use the Global Entry kiosks.

Interested travelers apply through the Trusted Traveler Programs website. The non-refundable application fee for a five-year Global Entry membership is $100 and applications must be submitted online. Once the applicant successfully passes a background check, a CBP officer will conduct an interview with the applicant at one of the more than 100 Global Entry Enrollment Centers located throughout the U.S., Canada, and Qatar or at an Enrollment on Arrival location and then make a final eligibility determination.

While the goal of Global Entry is to speed travelers through the process, members may be selected for further examination when entering the United States. Any violation of the program’s terms and conditions will result in appropriate enforcement action and may result in the revocation of the traveler’s membership privileges.

Visit CBP’s Global Entry website for more information on the Global Entry Program and the Enrollment on Arrival website for an updated list of available locations.

Coast Guard offloads approximately 10 tons of cocaine in Port Everglades

MIAMI — The crew of the Coast Guard Cutter Spencer offloaded approximately 10 tons of cocaine and 23 kilograms of heroin Tuesday in Port Everglades worth an estimated $300 million wholesale seized in international waters off the Eastern Pacific Ocean.

The drugs were interdicted along Mexico and Central America by multiple U.S. Coast Guard cutters.

The offload represents 14 separate, suspected drug smuggling vessel interdictions by the Coast Guard:

    The CGC Steadfast was responsible for one case, seizing an estimated 940 kilograms of cocaine
    The CGC James was responsible for two cases, seizing an estimated 690 kilograms of cocaine
    The CGC Alert  was responsible for six cases, seizing an estimated 3,305 kilograms of cocaine and 23 kilograms of heroin
    The CGC Aspen was responsible for one case, seizing an estimated 102 kilograms of cocaine
    The CGC Vigorous  was responsible for one case, seizing an estimated 1,150 kilograms of cocaine
    The CGC Spencer was responsible for two cases, seizing an estimated 3,000 kilograms of cocaine
    The CGC Thetis was responsible for one case, seizing an estimated 1,060 kilograms of cocaine

Numerous U.S. agencies from the Departments of Defense, Justice and Homeland Security are involved in the effort to combat transnational organized crime. The Coast Guard, Navy, Customs and Border Protection, FBI, Drug Enforcement Agency, and Immigration and Customs Enforcement along with allied and international partner agencies play a role in counter-drug operations. The fight against transnational organized crime networks in the Eastern Pacific requires unity of effort in all phases from detection, monitoring and interdictions, to prosecutions by U.S. Attorneys in California, on the East Coast, and in the Caribbean.

"This offload today is not just the result of one unit, but the combined efforts of multiple Coast Guard cutters, aircraft and support, as well as that of our partners and allied men and women who continue to work day and night to stop these criminal organizations from profiting off transnational crime and smuggling," said Cdr. John Mctamney, Commanding Officer Coast Guard Cutter Spencer. "While this offload represents approximately 10 tons of illicit drugs that will never hit out streets, it also represents a significant depletion to the cash flow to these criminal organizations."

The Coast Guard increased U.S. and allied presence in the Eastern Pacific Ocean and Caribbean Basin, which are known drug transit zones off of Central and South America, as part of its Western Hemisphere Strategy. During at-sea interdictions in international waters, a suspect vessel is initially located and tracked by allied, military or law enforcement personnel. The interdictions, including the actual boarding, are led and conducted by U.S. Coast Guardsmen. The law enforcement phase of counter-smuggling operations in the Eastern Pacific are conducted under the authority of the 11th Coast Guard District headquartered in Alameda, California.

The cutter Steadfast is a 210-foot medium-endurance cutter homeported in Astoria, Oregon. The cutter James is a 418-foot national security cutter homeported in Charleston, South Carolina. The cutter Alert is a 210-foot medium-endurance cutter homeported in Astoria, Oregon. The cutter Aspen is a 225-foot buoy tender homeported in San Francisco, California. The cutter Vigorous is a 210-foot medium-endurance cutter homeported in Virginia Beach, Virginia. The cutter Spencer is a 270-foot medium-endurance cutter homeported in Boston, Massachusetts. The cutter Thetis is a 270-foot medium-endurance cutter homeported in Key West, Florida.

NASA is "SIRIUS" About Its Analog Missions:The SIRIUS missions are the latest spaceflight analogs NASA is utilizing to help us understand the risks of travel further into the solar system.

HOUSTON, TX, November 09, 2017 -- Before humans will go to Mars, NASA has practice missions on Earth. The SIRIUS missions are the latest spaceflight analogs NASA is utilizing to help us understand the risks of travel further into the solar system. This ground-based analog is a complement to human research being conducted on the International Space Station, such as Scott Kelly's One-Year Mission. These missions are paving the way to learn how the human body reacts in unique environments.

An analog environment is a situation on Earth that produces effects on the body similar to those experienced in space, physically, mentally and emotionally. These studies are expected to help advance human spaceflight from lower-Earth orbit missions into deep space exploration. NASA is associated with at least 15 analog environments throughout the world. The SIRIUS analog takes place at the Institute for Bio-Medical Problems (IBMP) in Russia. Other NASA-associated analogs are in Germany, Canada, Antarctica, and at sites in the United States.

The SIRIUS (Scientific International Research In a Unique terrestrial Station) missions are the first time NASA's Human Research Program (HRP) partners with Russia's IBMP Ground-based Experimental Complex (NEK) to conduct a series of analog missions. The first of these missions is SIRIUS-17, named because of its 17-day duration and it will take place in 2017. The mission is to begin on Nov. 7.

"The SIRIUS-17 mission, from a NASA perspective, is designed to test the capabilities of the Russian facility," said Lisa Spence, Flight Analogs Program Manager. "We want to exercise the facility capabilities, mission planning and integration procedures to identify challenges or issues now as opposed to during a longer duration mission."

The goal is for NASA to work with the IBMP to conduct at least three follow-on missions: a four-month mission in 2018, an eight-month mission in 2019, and a 12-month mission in 2020.

SIRIUS-17 will have six human participants who will be isolated and confined in a mock-spacecraft habitat for the mission's duration. During the mission, they will be performing a suite of scientific experiments. Training for the crew began the week of Oct. 9.

One of the reason NASA chose the Russian facility is that it is a dedicated facility. This means that during the mission, its purpose is to execute the simulated space missions and research activities targeted for an isolation environment, according to Spence. "Also, they have done successful long-duration isolation missions at the IBMP facility in the past, even up to 520 days. They have demonstrated the ability to do the type of missions we are planning to work up to," she said.

More than 40 scientific experiments have been selected for SIRIUS-17, which will place significant demands on crew time. HRP personnel developed a unified science requirements document, which helps in the development of the mission timeline, and maximizes the science data capture.

NASA's Human Research Program (HRP) is dedicated to discovering the best methods and technologies to support safe, productive human space travel. HRP enables space exploration by reducing the risks to astronaut health and performance using ground research facilities, the International Space Station, and analog environments. This leads to the development and delivery of a program focused on: human health, performance, and habitability standards; countermeasures and risk mitigation solutions; and advanced habitability and medical support technologies. HRP supports innovative, scientific human research by funding more than 300 research grants to respected universities, hospitals and NASA centers to over 200 researchers in more than 30 states.

Monica Edwards
Laurie Abadie
NASA Human Research Strategic Communications

Environmental Assessment of Proposed Tracer Particle and Biological Releases for the Hazards of Dynamic Outdoor Release (HODOR) Project

Oct. 2017, This Environmental Assessment (EA) documents the analysis of the potential effects of a proposal by the Department of Homeland Security (DHS) Science & Technology Directorate (S&T) to conduct tests during January/February 2018 and then again during June/July, 2018 involving the release of low concentrations of particles at two buildings within the Chilocco Indian Agricultural School (Chilocco campus) in Newkirk, Kay County, OK. The S&T program is entitled the Hazards of Dynamic Outdoor Releases (HODOR). No construction, permanent land disturbance, or land use changes would occur with implementation of the Proposed Action or the Alternatives.
The HODOR program supports DHS’s strategic goals to detect and recover from biological attacks and inform and support biodefense planning, response, and restoration, particularly in consequence/risk assessment modeling of the indoor hazards posed by outdoor aerosols. Characterizing the impact of biological weapons on infrastructure is a key element to achieving this goal. One indicator of a building’s ability to withstand the effects of a biological weapon is the building protection factor (BPF). The BPF is the degree to which a building’s occupants are protected from biological materials as compared to a person located outside the building. Dispersion models have been created to help in these endeavors and are actively used by agencies within DHS for both pre- and post-attack planning. Pre-attack planning includes identifying strategies for response in the event of a biological attack. Post-attack planning includes determining the source location for attribution, identifying exposed people, and aiding the remediation effort (e.g., mapping, decontamination). While the dispersion models are critically important for homeland defense, the lack of quantitative evidence and understanding of the BPF is a significant gap. Selection of specific buildings that are representative of U.S. construction for homes and apartments was conducted to support this effort. This EA is being conducted in accordance with the National Environmental Policy Act (NEPA) in 40 CFR 1500- 1508, and DHS Directive 023-01, Implementation of the National Environmental Policy Act. In support of these tests, aerosol biologists from Sandia National Laboratory, aerosol engineers from the National Biodefense Analysis and Countermeasures Center (NBACC), scientists from the OSU-University Multispectral Laboratories (UML), and other supporting state and federal agencies have partnered for the proposed testing. The assembled team has conducted a thorough review of available literature to assess the potential for environmental hazards associated with the proposed program. Specifically, an analysis of alternatives was conducted to select appropriate buildings for testing, best inert materials, and optimal biological material for release to successfully meet program objectives.
Buildings to be used for testing were selected based on the DHS-desired characteristics, as well as the ability to release materials at a distance from these buildings that minimize environmental impact and public exposure.
Action alternatives were considered for testing location and testing materials. A total of five abandoned residential and apartment buildings within the Chilocco campus were evaluated against two main criteria: conformance to typical US building standards; and potential testing obstructions (e.g. vegetation, proximity to other buildings).
Residential Building Alternative 1 (Building 53) and Residential Building Alternative 2 (Building 56) both contain numerous vegetation and building obstructions and would require major renovations to meet current typical building standards. Residential Building Alternative 3 (Building 58) has the fewest number of potentially obscuring structures and required minor renovations.
Apartment Building Alternative 1 (Building 10) did not realistically represent current apartment building design or utilize standard heating, ventilation, and air conditioning (HVAC) systems. Apartment Building Alternative 2 (Building 60), more realistically simulated a typical apartment structure with multiple HVAC systems, thus allowing more accurate testing conditions. The No Action Building Alternative would result in no real-world testing scenario, and would not meet the stated purpose and need.
The use of inert particulate materials provides extremely valuable information toward the overall objectives of the HODOR program. Inert materials will be used to monitor gross particle movement around and into each building, in real time, using relatively simple and straightforward sensors. The data collected with inert particle materials will be used to optimize sensor placement for subsequent biological particulate releases. Two different inert particulates were selected to be employed for use in gross characterization of particle penetration into buildings. Alternative Inert Particle 1 would utilize titanium dioxide (TiO2), a white odorless powder that is chemically insoluble in water, nonreactive, nonflammable, and nonhazardous. This material is not regulated or defined as a toxic or hazardous material.
Alternative Inert Particle 2 is a 90:10% mixture of urea powder with CL Fluorescent Brightener 220. Urea serves an important role in the metabolism of nitrogen-containing compounds by animals and is the main nitrogen-containing substance in the urine of mammals. CL Fluorescent Brightener 220 is a finishing reagent in textiles, and up to 2% by weight in laundry detergents.
Both aerosol particulates would be released and detected by sensors located outside and inside the preferred buildings. At the concentrations resulting from the proposed releases, all materials are considered nontoxic and nonhazardous. The No Action Alternative would result in no release of aerosol particulates. This alternative would result in possible missed biological sensors detections, reducing the likelihood of program success. In addition, it would increase the number of barcoded biological material releases and would require additional labor to decontaminate each site between releases. These factors would increase both programmatic cost and time and is not a preferred alternative.
To understand the true detection capabilities of the biological sensor, challenge tests with a material must be performed. Since a portion of the technologies rely on the detection of genetic or proteinaceous materials to positively identify a particular threat agent, the simulant must be of biological origin. Three alternatives were considered in order to evaluate tradeoffs in test procedures, which would either partially meet the needs of DHS S&T; additionally there is a no action alternative, which would involve no particulate releases.
Alternative Biological Particulate 1 would employ the use of Bacillus thuringiensis subsp kurstaki (Btk) barcoded spores, which are the preferred biological material to be employed for sensitive characterization of building penetration. Native Btk, sold under the commercial name of Dipel, is used extensively as a bioinsecticide and is not considered a hazard by the U.S. Environmental Protection Agency (EPA) when handled appropriately. The barcoded variant provides much more specific detection and identification from background than the native organism, as it contains a genetic barcode that does not affect any physiological function or phenotypic expression of the organism. It will be dispersed in a similar manner to that of native Btk when used as an insecticide. However, release will be at much lower concentrations than typical insecticidal application rates. The use of the barcoded Btk has been approved for use in this program by the State of Oklahoma’s Department of Agriculture, Food, & Forestry.
Alternative Biological Particulate 2 would utilize native Btk, without barcoding. Native Btk is an approved biopesticide under the commercial name of Dipel. This alternative would require much more time and labor to execute. Alternative Biological Particulate 3 would employ a tagged, inert, fluorescent particle known as DNATrax. The safety of DNATrax particles cannot be assumed, therefore, its use presented unknown risks not conducive to testing objectives. The release of all three biological particulate alternatives would result in slow application rates and low concentrations. No Action Biological Particulate Alternative would still allow the primary objectives of the tests to be met through use of inert particles only, but would require larger quantities of inert powder to overcome the natural background of particulates internal and external to the building. In order to simulate real world data that more closely matches, releases of an actual biological nature is needed.
The Chilocco campus and surrounding land is under the ownership of the Council of Confederated Chilocco Tribes (CCCT) which include the Kaw Nation, the Otoe-Missouria Tribe, the Pawnee Nation, the Ponca Nation, and the Tonkawa Tribe. The campus is abandoned, thus reducing the risk of potential human health and safety risks posed by the presence of sensitive populations. S&T and UML have been in communication with the Bureau of Indian Affairs and CCCT and have determined that the implementation of the preferred alternatives has no adverse impact on resources, human health or the environment.
The direct, indirect, and cumulative environmental effects caused by the potential exposure of terrestrial wildlife, vegetation, water resources, and air quality by movement of the material by any of the alternatives would not have an adverse effect. This is due to both selection of the test materials and limited quantity that will be used. The Chilocco campus is listed on the National Register of Historic Places. Consultation with the appropriate Tribal Historic Preservation Officers has been initiated, and no adverse effect is anticipated.
This EA details the approach and reasoning the team would employ to minimize environmental impacts. As can been seen in the body of this document, the buildings to be used, their location, the release locations and the amounts and types of materials to be used all serve to
minimize impact to the surrounding environment. S&T has determined that the proposed testing would have no potential for significant impact on the human environment and that an environmental impact statement is not needed.

 

Executive Summary, Prepared for Department of Homeland Security Science and Technology Directorate

Pages

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...