The greater Boston area is shut down with bus and subway service suspended and local businesses and universities closed, as federal and local authorities chase down two men believed to have carried out the Boston Marathon bombings.
One suspect, pictured in photos and video released by the FBI the evening of April 18, is dead, apparently after a shootout and car chase with police. The other suspect, who was also in the released pictures and video, remains at large prompting early morning warnings from police for residents in the Boston suburb of Watertown and adjacent suburban towns to remain indoors.
Reportedly, the men shot and killed a campus police officer at the Massachusetts Institute of Technology in Cambridge (MIT), MA, and wounded a transit authority officer the night of April 18, about five hours after the FBI publicly released the suspects’ photos. The two men also reportedly carjacked a vehicle and lead police on a chase in which the suspects reportedly hurled explosives at their pursuers.
One suspect was pronounced dead at a local hospital after the shootout.
Police and federal authorities have called both suspects extremely dangerous and “terrorists,” with reports saying the remaining man could have explosives with him, or on him.
The Associated Press reported early on April 19, that the men are brothers from Chechnya and have lived in the U.S. for one year and also identified the living suspect as Dzhokhar A. Tsarnaev, 19, of Cambridge, MA.
The unprecedented, dramatic events began to unfold just after 5 p.m. on April 18 after the FBI at a press conference unveiled video capture and photos of the two men captured by private security cameras at a downtown department store near the finish line of the April 15 marathon.
At around 10 p.m., reports of a shooting near the MIT campus at a 7-11 store in Middlesex County, MA, came in and a subsequent carjacking. A statement from the Middlesex County district attorney the evening of April 18 said an MIT campus police officer responding to a report of a disturbance in the area of Vasser and Main streets was reportedly shot. According to authorities, the officer was found evidencing multiple gunshot wounds. He was transported to the hospital and pronounced dead.
“During the exchange of the gunfire, we believe that one of the suspects was struck and ultimately taken into custody. A second suspect was able to flee from that car and there is an active search going on at this point in time," Colonel Timothy Alben, superintendent of the Massachusetts State Police, told a news conference later that night.
Federal, state and local investigators are in the initial stages of tracking down the person or persons responsible for two bombs detonated near the finish line of the Boston Marathon on April 15 that killed three people and wounded over 100, but said no one has claimed responsibility for the attack.
The latest details to emerge from the afternoon of chaos in the city included news that the bombs -- which were stuffed in trashcans near the race route -- contained ball bearings or BBs meant to cause even more substantial injuries to bystanders.
A third device, which didn’t detonate, was found near the race grandstand at the finish line. Federal authorities have also told news organizations that the explosive devices were small and didn’t contain high explosives like C-4.
The New York Times reported two additional explosive devices were found in downtown Boston. Security measures in other U.S. cities, including Washington, D.C. and New York City, have been stepped up in response to potential future attacks, as have security measures in cities across the world, including London, where another marathon event is scheduled in the coming weeks.
Three people, including an eight year old boy, were killed in the blasts that occurred within 100 yards of one another near Boston’s Copley Square. More than 140 were injured, some grievously, with shrapnel injuries that first responders likened to battlefield wounds.
Many of the wounded included children and a two-year-old child was being treated at Boston’s Children’s Hospital for critical head injuries.
A motive for the attacks has yet to be determined. No person or organization, foreign or domestic, has claimed responsibility.
The Pakistan Taliban, which has threatened to carry out domestic attacks on the U.S. denied responsibility for the attack the evening of April 15.
“The situation remains fluid, and it remains too early to establish the cause and motivation,” said an FBI statement issued at 9 p.m. on April 15.
Hours before, in a televised statement president Obama said it was unclear who was behind it, but whoever it was would “feel the full weight of justice.” White House officials have called the incident an act of terrorism.
Department of Homeland Security secretary Janet Napolitano, like other federal agency officials in Washington sent her condolences to the families of the dead and injured and added that her agency is providing “any support necessary” for the investigation. She also encouraged vigilance in the aftermath of the attack.
House Homeland Security Committee chairman Michael McCaul (R-TX) and other members of the committee, including ranking member Bennie Thompson (D-MS) in an April 15 statement said much the same, offering thoughts and prayers for the victims and thanks to first responders and the public for their actions in the minutes after the bombs went off and as the investigation moved forward.
The chairman of the Senate Homeland Security and Governmental Affairs Committee Sen. Tom Carper (D-DE) vowed to “get to the bottom of this” and use the information gathered along the way to bolster future defenses.
GSN 2012 Awards announced: White House deputy of homeland security recognized for leadership at annual gala
GSN Awards 2012
Hundreds of the best of the homeland security community’s federal, state and municipal government officials, government contractors, systems integrators, IT vendors and physical security product and solutions providers all came together the night of November 29 in a ballroom of the Washington, D.C. convention center to receive accolades.
The GSN awards dinner, which has become a Washington tradition over the last four years, offered a chance for the excellence and civic-minded spirit of homeland security efforts nationwide to be recognized.
Not only were the best tools and technologies acknowledged , but the people and groups who use them, from local police departments in Florida and Washington state, to the White House, were honored at the event.
During the awards ceremonies, Richard Reed, Deputy Assistant to President Obama for Homeland Security, received the second annual Government Security News/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security. Reed was chosen for tireless work in his key role in leading the development of national policy related to resilience, transborder security and community partnerships. He has been described as the president’s eyes and ears during disasters. In crises, such as the Gulf oil spill, H1N1 pandemic, and Haiti earthquake, Reed has sprung into action at the White House, coordinating information and gathering people to cope with these catastrophes.
Reed told Government Security News in an interview after the dinner that gatherings like GSN’s awards ceremony were invaluable in demonstrating that the hard work of creating a resilient, strong response to crises is performed by thousands of individuals, like those in attendance. Gatherings that bring the diverse emergency response and homeland security communities together can broaden perspectives and spur new ideas, he said.
Reed has been a determined, mostly behind-the-scenes, captain of federal emergency response efforts during the Bush and Obama administrations, helping prepare for, and respond to, some of the worst natural disasters the nation has known, from one of the deadliest tornado seasons in history in the Midwest, to historic wild fires in the west, and massive storms in the eastern U.S.
Reed said the key to capable response to such staggering events lies not only in federal hands, but in enabling state, local and even personal responses. Getting resources and training in place before disasters happen goes a long way in an effective response and recovery, he said. “The true first responders are friends, neighbors and co-workers” in the immediate aftermath of a disaster, said Reed. Local police, firefighters and other agencies arrive second, he said. Enabling people with information concerning what resources are available or where they can go for help or supplies empowers them, said Reed.
Government Security News managing partner Adrian Courtenay has made the GSN/Raytheon award an annual tradition. The prize is sponsored by the Raytheon Company, a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world, which is headquartered in Waltham, MA.
Notable 2012 government excellence award winners included the local police departments in Tampa and St. Petersburg, FL, for their ground-breaking work in preparing for the Republican National Convention in Tampa this past summer. The departments put together comprehensive plans to gently defuse potentially volatile political demonstrations at the event. Both departments were also praised for implementing an innovative interoperable communications network during the GOP convention.
The Lawrence Livermore National Laboratory was recognized for its groundbreaking work on a small radiation detector. The Naval Air Systems Command won an award for its work on the Kestrel Wide Area Persistent Surveillance program, which developed an aerostat for long-term surveillance capabilities to protect ground soldiers in Afghanistan.
The complete list of GSN’s 2012 Award winners appears below:
CATEGORY 1 – VENDORS OF IT SECURITY PRODUCTS AND SOLUTIONS
Best Anti-Malware Solution
Best Identity Management Platform
Best Certificate Management Solution
Best Compliance /Vulnerability Assessment Solution
Best Data Security/Loss Management Solution
Best Endpoint Security Solution
Best Forensic Software
Best Intelligence Data Fusion and Collaborative Analysis Solution
Lookingglass Cyber Solutions
Best Intrusion Detection/Prevention Solution
Vanguard Integrity Professionals
Best Network Security/Enterprise Firewall
Best Privileged Access Management Solution
Best Real-Time Dynamic Network Analysis
Best Continuous Monitoring Solution
Best Security Incident/Event Management Solution (SIEM)
CATEGORY 2 – VENDORS OF PHYSICAL SECURITY PRODUCTS & SOLUTIONS
PHYSICAL SECURITY ACCESS CONTROL & INDENTIFICATION
Best Biometric Identification Solution
Best Integrated System for HSPD 12/FIPS 201 Compliance
Best Platform for Physical and Logical Access
Best Interoperable First Responder Communications
Best Mass Notification Systems
Best Regional or National Public Safety Communications Deployment
Best Explosives Detection Solution
Best Long Range Detection Systems
Best Nuclear/Radiation Detection
Lawrence Livermore National Laboratory
Best Intelligent Video Surveillance Solution
Best Thermal/Night Vision/Infrared Cameras
HGH Infrared Systems
Best Network IP Cameras
Best Video Storage/Digital Transmission Systems
Best Perimeter Protection Solution
Best Crash Barriers
Best Physical Security Information Management (PSIM) Solution
Best Disaster Preparedness or Disaster Recovery & Clean-up Service
High-Rise Escape Systems
Best Facility Security/Force Protection Service
Best Homeland Security Training/Higher Education Solutions
Category 3: Government Security News 2012 Government Excellence Awards
Most Notable Airport Security Award
Defense Manpower Agency
Most Notable Maritime/Port Security Program
Ohio Department of Public Safety/Northern Border Initiative
Most Notable Railroad/Mass Transit Security Program
Denver Regional Transportation Authority
Most Notable Critical Infrastructure Program, Project or Initiative
U.S. Veterans Administration Hospital, Tucson, AZ
Most Notable Cyber Security Program, Project or Initiative
U.S. Department of Energy
Most Notable Emergency Response Implementation
U.S. National Guard
Federal Emergency Management Agency (FEMA)
Most Notable Law Enforcement Interdiction, Arrest or Counter-Terrorism Program
Orange County Intelligence Assessment Fusion Center
Most Notable Municipal/County Programs, Projects or Initiatives
Seattle, Washington Police Department
Tampa and St. Petersburg, Florida Police Departments
Naval Air Systems Command (Kestrel Wide Area Persistent Surveillance)
The Government Security News 2012 Homeland Security Awards Program officially opened for entries on May 1, once again featuring 45 Awards in three broad Categories:Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions and the 2011 Government Excellence Awards.
Returning as corporate Sponsors of the 2012 Program are BRS Laboratories of Houston, TX -- a leading software development company for video behavioral recognition software that deploys easily and rapidly on large scale video networks and provides actionable information without inundating end users with false alarms -- and Entrust, Inc. , of Dallas, TX, which offers physical/logical access, mobile security, certificate management and other identity-based solutions to governments and large enterprises. Additional sponsors will be announced, and profiles of all 2012 sponsors, will be published in coming weeks. Companies interested in joining the ranks of sponsors of the 2012 Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.
The cost to submit an entry in the 2012 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies. Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.
According Adrian Courtenay, managing partner of World Business Media, several new categories created in 2011 to acknowledge successful initiatives of federal, state or local agencies in responding to emergencies, countering terrorism and preventing crime will again be included in 2012. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local”; “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local”; and “Most Notable Counter Terrorism or Crime Prevention Program”.
In the 2011 contest, the Bastrop Country, TX, Unified Command (including county, state and federal government agencies) was awarded the trophy for “Most Notable Emergency Response Implementation” in battling 2011 Texas wildfires in Bastrop County. The United States Customs and Border Protection, Detroit Sector, was winner in the “Most Notable Law Enforcement Interdiction or Arrest” category for a dramatic arrest on St. Clair River in Detroit, and the Los Angeles Police Department was recognized for having the “Most Notable Law Enforcement Counter Terrorism or Crime Prevention Program.”
Another category that was new in 2011, “Most Notable Cyber Security Program or Technology – Government or Military”, will also be continued, in recognition of the emergence of Cyber Security as a vitally important component of overall security for any nation. The winner of this award in 2011 was the National Oceanic and Atmospheric Administration.
The 2012 Awards Program will once again culminate with a gala awards dinner in the fall, at a venue to be announced shortly. In the 2011 program, the “GSN/Raytheon Award for Distinguished Leadership and Innovation” was introduced and presented to Admiral Thad Allen (US Coast Guard-ret.), who came out of retirement twice in recent years to serve his country, first in heading up the federal response to Hurricanes Katrina and Rita, and later in managing the response to the Deepwater Horizon oil spill in the Gulf of Mexico.
In remarks for the 2011 Awards Dinner audience, Admiral Allen said the continuing work of technology companies and first responders was key in any disaster. He urged everyone to become a “lifelong rapid learner” to better cope with disasters, both man-made and natural. He also said “reconciling opportunity and competency” when disaster strikes is essential to any effective recovery, and being on top of the latest, most effective technology is a product of being a lifelong rapid learner. He also said clear communications is also a key to effective response and amplified his call for a nationwide interoperable first responder radio network.
Photos of the 2010 awards reception and dinner are available at www.flickr.com/photos/[email protected]/, and video interviews with Admiral Allen, as well as sponsors and winners in the 2011 Awards program, are available at the GSN Video Center at www.gsnmagazine.com/videocenter.
Entry forms and other information about the 2012 Awards Program are available at www.gsnmagazine.com/hsa2012/welcome.
The Response Network, of Hanover, NH, a provider of online training programs for law enforcement and public safety professionals, has announced that it has entered into a strategic partnership with The Virginia Association of Chiefs of Police (VACP) to develop customized in-service training courses that will be available to all Virginia law enforcement personnel on the company’s PoliceCommunity.net online training portal.
“We believe that the Response Network’s online training portal is the only solution that can meet the standard we have set for quality, creativity and cost-effectiveness,” said a statement released by Dana Schrad, Executive Director of the VACP. “The Response Network’s online in-service training courses are nothing less than compelling. They engage as they educate and that is not a small achievement. We look forward to developing a series of courses that will benefit the Virginia law enforcement profession.”
In an interview with Government Security News, Bradley Naples, President and CEO of the Response Network, said the first online in-service course developed exclusively for VACP will be titled, “The Virginia Commonwealth Law Enforcement Legal Updates and Changes in the Law,” in conformance with Virginia law, which requires regular legal training for all Virginia sworn law enforcement officials.
Naples added that there are a number of Virginia law enforcement agencies that already use PoliceCommunity.net for online, in-service training, including the Virginia Beach Police Department, Newport News Police Department and the Hampton Police Division. The portal’s overall membership recently passed the 10,000 member milestone, said Naples, as police departments in Delaware, Florida, Illinois, Michigan, New Hampshire, Ohio and South Dakota also signed on.
The PoliceCommunity.net portal presently offers nine basic courses, representing more than 50 hours of in-service training, with three more courses scheduled to come online before the end of this calendar year. One of the great value propositions of the portal is that an annual subscription is available at the price of $74.95 per officer, which is substantially less expensive than locally-produced courses, which typically cost around $300 per officer.
The nine courses currently being offered are:
- Emotional Intelligence for Law Officers
- Community Policing/Customer Service
- Use of Force
- Domestic Violence
- Active Shooter for Public Safety
- Becoming an Exemplary Peace Officer/Applied Ethics
- Blood-borne Pathogens
- Avoiding Ethnic and Sexual Harassment
- Mental Health for Law Enforcement
While the prices of online training are very competitive, Naples noted, there are some things you can’t teach online, such as defensive tactics or using your weapons. “But, the more you can tie troops together collegially,” he observed, “the better you’re going to do. There’s a phenomenal revolution going on in training.”
Naples went on to explain some of the obstacles that police officers have to deal with regularly. “Law enforcement officers have a job that is almost impossible,” Naples said. “They deal with life and death issues and see pain, suffering and death. If they don’t take care of themselves physically and emotionally, they can become angry, cynical, bitter and empty, with no pleasure in their lives. They have to be able to reduce mental error. If you use force -- taser or spray -- it’s going to require EMS, and if the persons who have been tased go into ‘excited delirium,’ they can die. Death and lawsuits are the two most significant reasons for training. Millisecond decisions are required, and people will judge if you used reasonable force, or was it excessive.”
“The better educated you are, the better you can handle yourself,” Naples said.
In addition to costing less than traditional officer training programs, Naples believes that online training can bring officers together and bring out creative work products from them, helping them to become exemplary peace officers, while realizing that, “it is not what you got, but what you gave. Not what you made, but what you built. It’s not only competence, but character. The legacy for officer and agency is what’s important.”
The two book-end courses for law enforcement, he said, are Mental Health and Ethics -- and these subjects are covered in depth in the initial series of law enforcement in-service, online training available from Response Network and PoliceCommunity.net.
Technology integration is another reason cited by Naples for online training, as law enforcement officers are being asked to handle more and more complex technology within their vehicles. He attributes the need for in-service training to three different trends:
- Reduced budgets and the collapse of federal, state and local funding;
- The entry of the Internet generation, raised on Facebook and smart phones, into law enforcement, and,
- The fact that the Internet has evolved into an easy, reliable and trusted means for global media distribution.
In the opinion of Naples, the continued rise in adoption rates for high-quality online training is an inevitability in law enforcement, as it is has been in many other professions, as demonstrated by the proliferation of online universities in one field after another.
“Online training can be accessed 24/7, viewed as often as necessary, and it provides a consistent training message from officer to officer.”
Government Security News has announced that its 2011 Homeland Security Awards Program will officially open for business and start accepting entries in the program’s 45 awards categories on Tuesday, April 26.
The 2011 program contains a number of exciting new categories, reflecting the dynamically changing threat environment, in all three of the overall awards groupings: Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions, and the 2011 Government Excellence Awards.
The cost for each entry in the 2011 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies.
Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.
Adrian Courtenay, Managing Partner of GSN’s parent company, World Business Media, LLC, cited two intriguing new categories in the government sector that have been selected to acknowledge solid “boots on the ground” achievements of federal, state or local agencies in responding to emergencies, countering terrorism and stopping crime. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local” and “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local.”
Acknowledging the increasing importance of cyber security and the threat of cyber war among nation-states, Courtenay also pointed out that the government awards in 2010 have been expanded to include a category titled, “Most Notable Cyber Security Program or Technology – Government or Military.”
Returning for its third year as a sponsor of the GSN Awards Program is founding sponsor ArcSight, now a business unit of Hewlett Packard Software and Solutions, whose enterprise threat and risk platform is an integrated product for collecting, analyzing and assessing security and risk information. ArcSight is also a repeat winner in the GSN awards program for its Security Incident Event Management (SIEM) products for collecting, analyzing and assessing security incident event information.
Also returning as event sponsors are General Dynamics C4, located in Phoenix, AZ, a major developer and integrator of secure communications and information systems and technology; and Mutualink, another GSN award winner, which creates networks of interoperable communities that can instantly share radio, voice, text, video and data files, and telephone communications in a secure environment.
The fourth and final sponsor to date in the 2011 Awards Program is Behavioral Recognition Systems, Inc., of Houston, TX, also known as BRS Labs, whose software uses the fascinating, scientifically developed cognitive reasoning and artificial intelligence of behavioral analytics to leverage a stream of intelligence from millions of surveillance cameras worldwide, in order to provide alerts regarding abnormal or suspicious behavior.
Profiles of each of the 2011 sponsors will be posted on the GSN Web site in the coming weeks.
Additional companies or organizations interested in joining the ranks of 2011 sponsors of the GSN 2011 Homeland Security Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.
According to Courtenay, the 2011 Awards Program will culminate with the annual awards dinner in early November at a venue to be announced shortly. “It’s going to be hard to top last year’s elegant dinner and spectacular after-dinner keynote presentation by four-star General Barry McCaffrey (USA-Ret.). But we’re going to try!”
In 2010, the GSN awards were presented to a sold-out ballroom at the JW Marriott Hotel in Washington, DC, that included many distinguished government and military officials, academics, law enforcement and public safety professionals from across the country, along with the systems integrators, defense contractors and vendors of products and solutions used in homeland security.
Photos of the 2010 awards reception and dinner are available at:
Further information and entry forms for the 2011 Awards Program are available at:
Despite official murmurings a few months ago that the fiscal year 2011 budget request for DHS might decline slightly, the budget package unveiled on February 1 actually shows a three percent increase in “discretionary spending” by DHS in 2011, versus the prior year, and modest growth, at approximately the predicted rate of inflation, in the outer years.
“The total fiscal year 2011 budget request for DHS, including fee funded and mandatory spending, is $56.3 billion, a two percent increase over the fiscal year 2010 enacted level,” said Peggy Sherry, the acting chief financial officer at DHS, in a telephone conference call with journalists on February 1. “The department’s fiscal year 2011 net discretionary or appropriated funding request is $43.6 billion, an increase of three percent over the fiscal year 2010 enacted level.”
In releasing his overall budget request, President Obama proposed a freeze in government spending for a portion of the discretionary domestic spending plan for three years, but he specifically exempted homeland security expenditures from that freeze. “It won’t apply to our national security – including benefits for veterans,” said Obama in remarks he made in the White House on February 1.
Some observers speculated that the slight bump up in DHS spending may have resulted from the nationwide trauma caused by the failed Christmas Day underwear bombing attempt, and the urgent call for stronger screening measures at the country’s airports. However, a DHS official who participated on the conference call with journalists, but requested anonymity, would not attribute the budget increase to that terrorist attack.
“As part of the budget process, we examined different scenarios and options,” explained the official. “Those are discussions that are internal to the Administration and what you see in the budget release today is the end product of all those budget deliberations.”
Among the thousands of individual line-items for specific programs and planned procurements are the following highlights:
Advanced imaging systems – The 2011 budget requests an additional $214.1 million to install about 500 extra advance imaging technology machines at airport checkpoints, above and beyond the 500 systems that had already been planned. These funds will place such whole body scanners in 75 percent of the country’s largest airports, said Sherry.
Explosive detection – Beyond body scanners, DHS will seek an additional $85 million to bolster international flight coverage by federal air marshals, an increase in $60 million for an additional 800 explosive trace detection machines and a $71 million bump up to pay for an additional 275 K-9 teams at airport check points.
Border Patrol – The new budget envisions a decrease of 180 personnel in the ranks of the Border Patrol, which will be achieved largely through attrition. A DHS official suggested that the overall operating effectiveness of the Border Patrol will not be affected by this decline in personnel slots because the Border Patrol has almost doubled in size during the past five years. “A lot of the agent workforce, the substantial portion of it, has only a couple of years experience,” said this DHS official. “As they become more seasoned and more mature in their jobs, their effectiveness will increase, and because we are not doing the extensive hiring of 2,000 to 3,000 new agents a year, we can afford to put less into training improvement.”
Cyber-security – By contrast, DHS is planning a substantial beef-up in its cyber-security efforts. The new budget seeks $379 million to develop the National Cyber Security Division, which will attempt to safeguard the dot.gov and dot.com domains, and limit the nation’s vulnerability to computer attacks. DHS wants to add another $5 million to the $5 million that was in last year’s budget for the National Cyber Security Center, which one DHS official characterized as “still in its infancy.” The budget envisions an increase in the Center’s staffing to 40 people and the enhancement of its expertise, so it can integrate with other cyber-centers throughout the federal government.
Terror trials – Contrary to media reports that a terror trial in Manhattan might require a billion dollars in security measures, the 2011 budget request for DHS includes only $200 million for such security measures, which would be available through the traditional urban area grant programs. “The department took a look at it and we think $200 million is really our best estimate of the costs,” said the DHS official.
Federal contracting – In what it calls “re-balancing the workforce,” DHS is planning to rely less on outside vendors and more on internally recruited and trained personnel, particularly in the areas of cyber-security -- where DHS is authorized to hire as many as 1,000 new cyber-specialists – and the intelligence work often referred to as “connecting the dots.” “In our analysis and operations activity, we have a major increase in the number of feds doing intelligence type work,” said Sherry.
Coast Guard – A DHS fact sheet issued by the Office of Management and Budget points out that the budget request includes $538 million for a fifth National Security Cutter and $240 million to produce four new Fast Response Cutters. Even so, the new budget seeks funds for 1,100 fewer active duty Coast Guard personnel. “We are looking to reorganize and restructure certain elements of the Coast Guard to create greater efficiency,” explained a DHS official, “and there are obviously tradeoffs made as part of that to ensure we could continue to recapitalize the Coast Guard.”
President Obama’s budget request was delivered to Capitol Hill and will now undergo months of scrutiny by lawmakers. Fiscal year 2011 begins officially on October 1, 2010.
FBI warns about Remote Desktop Protocol vulnerability; Bromium provides comments for how to avoid RDP
As you might have seen late last week in several security publications, The FBI's Internet Crime Complaint Center (IC3) is warning companies and government agencies about the dangers of leaving Remote Desktop Protocol (RDP) endpoints exposed online.
"Allowing Remote Desktop Protocol (RDP) servers to be directly accessible from the public internet is a terrible idea. The RDP service exposes a very broad attack surface that over the years has been subject to a number of serious vulnerabilities, and is surely harboring more.
Even absent vulnerabilities in the RDP service itself, most RDP servers are configured to allow login using just a username and password. This places a huge burden on users to pick strong passwords that cannot be guessed, something that users are rarely able to do. Since password reuse is unfortunately quite common practice, even if a user's password has good complexity it may be guessable as a result of a breach at some other organization or web site. Certainly it is desirable to enable features to limit the ability of attackers to have many attempts to guess passwords, but this may come at the expense of legitimate users being locked out as a result of password hammering attempts by attackers.
Enabling some kind of second factor to login to the RDP server is desirable. This could be limiting access to a defined set of source IP addresses where users are expected to connect from. Requiring smart card login or using Azure AD's two factor authentication with a mobile app would help too.
Once attackers have managed to compromise a user account on an RDP server, it is relatively easy for them to get long term persistence. One approach might be to put something in the user's profile that runs whenever the user logs in (legitimately or otherwise) and establishes communication with a C&C server. Alternatively, local privilege escalation vulnerabilities are common place and could be exploited to get administrator access on the local system, from where it might be possible to harvest credentials of more privileged domain users.
One interesting approach that has been used by attackers to get persistence is to tamper with Windows' accessibility features (intended to help users with disabilities), which are active even on the login screen. It is possible to interfere with the accessibility system such that if the "sticky keys" feature is invoked by pressing the shift key five times an administrator cmd shell will appear over the top of the login dialogue of the RDP session, providing password-less administrator access!
Reducing the attack surface can be done in a number of ways. In some situations, using Microsoft's Network Level Authentication feature is useful to avoid exposing the login screen, but in the kinds of situations where remote access is required this may not be possible.
By far the best approach is to avoid exposing RDP servers directly to the public internet at all, and to put them behind a VPN. Ideally, connecting to the VPN would require more than just a user name and password, perhaps a known source IP or a certificate installed on the connecting machine. For extra security the private key for the certificate could be stored in the Trusted Platform Module (TPM) or a smart card so that it couldn't be removed from the client machine and used elsewhere."
Ian Pratt, co-founder and president of Bromium.
Raytheon developing system that lets artificial intelligence explain itself: DARPA program applies 'trust but verify' to AI
Under the Defense Research Project Agency's (DARPA) Explainable Artificial Intelligence program (XAI), Raytheon (NYSE : RTN ) BBN Technologies is developing a first of its kind neural network that explains itself.
The XAI program aims to create a suite of machine learning techniques that produce more explainable models while maintaining a high level of performance. It also aims to help human users understand, appropriately trust and effectively manage the emerging generation of artificially intelligent partners.
Raytheon BBN's Explainable Question Answering System will allow AI programs to 'show their work,' increasing the human user's confidence in the machine's suggestions. "Our goal is to give the user enough information about how the machine's answer was derived and show that the system considered relevant information so users feel comfortable acting on the system's recommendation," said Bill Ferguson, lead scientist and EQUAS principal investigator at Raytheon BBN.
EQUAS will show users which data mattered most in the AI decision-making process. Using a graphical interface, users can explore the system's recommendations and see why it chose one answer over another. The technology is still in its early phases of development but could potentially be used for a wide-range of applications.
"A fully developed system like EQUAS could help with decision-making not only in DoD operations, but in a range of other applications like campus security, industrial operations and the medical field," said Ferguson. "Say a doctor has an x-ray image of a lung and her AI system says that its cancer. She asks why and the system highlights what it thinks are suspicious shadows, which she had previously disregarded as artifacts of the X-ray process. Now the doctor can make the call – to diagnose, investigate further, or, if she still thinks the system is in error, to let it go."
As the system is enhanced, EQUAS will be able to monitor itself and share factors that limit its ability to make reliable recommendations. This self-monitoring capability will help developers refine AI systems, allowing them to inject additional data or change how data is processed.
Raytheon Company, with 2017 sales of $25 billion and 64,000 employees, is a technology and innovation leader specializing in defense, civil government and cybersecurity solutions. With a history of innovation spanning 96 years, Raytheon provides state-of-the-art electronics, mission systems integration, C5ITM products and services, sensing, effects, and mission support for customers in more than 80 countries. Raytheon is headquartered in Waltham, Mass. Follow us on Twitter.
Northrop Grumman Corporation (NYSE: NOC) and the Defense Advanced Research Projects Agency (DARPA) have set a new standard for wireless transmission by operating a data link at 100 gigabits per second (Gbps) over a distance of 20 kilometers in a city environment.
The two-way data link, which featured active pointing and tracking, was demonstrated Jan. 19, 2018 in Los Angeles.
The blazing data rate is fast enough to download a 50 Gigabyte blue ray video in four seconds. The demonstration marked the successful completion of Northrop Grumman’s Phase 2 contract for DARPA’s 100 Gbps (100G) RF Backbone program.
The 100G system is capable of rate adaptation on a frame by frame basis from 9 Gbps to 102 Gbps to maximize data rate throughout dynamic channel variations. Extensive link characterization demonstrated short-term error-free performance from 9 to 91 Gbps, and a maximum data rate of 102 Gbps with 1 erroneous bit received per ten thousand bits transmitted.
The successful data link results from the integration of several key technologies. The link operates at millimeter wave frequencies (in this case, 71-76 gigahertz and 81-86 gigahertz) with 5 gigahertz of bandwidth, or data carrying capacity, and uses a bandwidth efficient signal modulation technique to transmit 25 Gbps data streams on each 5 gigahertz channel. To double the rate within the fixed bandwidth, the data link transmits dual orthogonally polarized signals from each antenna. Additionally, the link transmits from two antennas simultaneously (spatial multiplexing) and uses multiple-input-multiple-output (MIMO) signal processing techniques to separate the signals at two receiving antennas, thus again doubling the data rate within the fixed bandwidth.
According to Louis Christen, director, research and technology, Northrop Grumman, “This dramatic improvement in data transmission performance could significantly increase the volume of airborne sensor data that can be gathered and reduce the time needed to exploit sensor data.”
“Next generation sensors such as hyperspectral imagers typically collect data faster, and in larger quantity than most air-to-ground data links can comfortably transmit,” said Christen. “Without such a high data rate link data would need to be reviewed and analyzed after the aircraft lands.”
By contrast, a 100G data link could transmit high-rate data directly from the aircraft to commanders on the ground in near real time, allowing them to respond more quickly to dynamic operations.
The successful 100G ground demonstration sets the stage for the flight test phase of the 100G RF Backbone program. This next phase, which started in June, demonstrates the 100G air-to-ground link up to 100 Gbps over a 100 km range and extended ranges with lower data rates. The 100G hardware will be flown aboard the Proteus demonstration aircraft developed by Northrop Grumman subsidiary Scaled Composites.
Northrop Grumman’s 100G industry team includes Raytheon, which developed the millimeter wave antennas and related RF electronics and Silvus Technologies, which provides the key spatial multiplexing and MIMO signal processing technologies.
Northrop Grumman is a leading global security company providing innovative systems, products and solutions in autonomous systems, cyber, C4ISR, space, strike, and logistics and modernization to customers worldwide. Please visit news.northropgrumman.com and follow us on Twitter, @NGCNews, for more information.