This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:
- a remote access tool (RAT), commonly known as Joanap; and
- a Server Message Block (SMB) worm, commonly known as Brambul.
The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and enable network exploitation. DHS and FBI are distributing these IP addresses and other IOCs to enable network defense and reduce exposure to any North Korean government malicious cyber activity.
This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on how to report incidents. If users or administrators detect activity associated with these malware families, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.
See the following links for a downloadable copy of IOCs:
NCCIC conducted analysis on four malware samples and produced a Malware Analysis Report (MAR). MAR-10135536.3 – RAT/Worm examines the tactics, techniques, and procedures observed in the malware. Visit MAR-10135536.3 – HIDDEN COBRA RAT/Worm for the report and associated IOCs.
According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. Users and administrators should review the information related to Joanap and Brambul from the Operation Blockbuster Destructive Malware Report  in conjunction with the IP addresses listed in the .csv and .stix files provided within this alert. Like many of the families of malware used by HIDDEN COBRA actors, Joanap, Brambul, and other previously reported custom malware tools, may be found on compromised network nodes. Each malware tool has different purposes and functionalities.
Joanap malware is a fully functional RAT that is able to receive multiple commands, which can be issued by HIDDEN COBRA actors remotely from a command and control server. Joanap typically infects a system as a file dropped by other HIDDEN COBRA malware, which users unknowingly downloaded either when they visit sites compromised by HIDDEN COBRA actors, or when they open malicious email attachments.
During analysis of the infrastructure used by Joanap malware, the U.S. Government identified 87 compromised network nodes. The countries in which the infected IP addresses are registered are as follows:
Malware often infects servers and systems without the knowledge of system users and owners. If the malware can establish persistence, it could move laterally through a victim’s network and any connected networks to infect nodes beyond those identified in this alert.
Brambul malware is a brute-force authentication worm that spreads through SMB shares. SMBs enable shared access to files between users on a network. Brambul malware typically spreads by using a list of hard-coded login credentials to launch a brute-force password attack against an SMB protocol for access to a victim’s networks.
Joanap is a two-stage malware used to establish peer-to-peer communications and to manage botnets designed to enable other operations. Joanap malware provides HIDDEN COBRA actors with the ability to exfiltrate data, drop and run secondary payloads, and initialize proxy communications on a compromised Windows device. Other notable functions include
- file management,
- process management,
- creation and deletion of directories, and
- node management.
Analysis indicates the malware encodes data using Rivest Cipher 4 encryption to protect its communication with HIDDEN COBRA actors. Once installed, the malware creates a log entry within the Windows System Directory in a file named mssscardprv.ax. HIDDEN COBRA actors use this file to capture and store victims’ information such as the host IP address, host name, and the current system time.
Brambul malware is a malicious Windows 32-bit SMB worm that functions as a service dynamic link library file or a portable executable file often dropped and installed onto victims’ networks by dropper malware. When executed, the malware attempts to establish contact with victim systems and IP addresses on victims’ local subnets. If successful, the application attempts to gain unauthorized access via the SMB protocol (ports 139 and 445) by launching brute-force password attacks using a list of embedded passwords. Additionally, the malware generates random IP addresses for further attacks.
Analysts suspect the malware targets insecure or unsecured user accounts and spreads through poorly secured network shares. Once the malware establishes unauthorized access on the victim’s systems, it communicates information about victim’s systems to HIDDEN COBRA actors using malicious email addresses. This information includes the IP address and host name—as well as the username and password—of each victim’s system. HIDDEN COBRA actors can use this information to remotely access a compromised system via the SMB protocol.
Analysis of a newer variant of Brambul malware identified the following built-in functions for remote operations:
- harvesting system information,
- accepting command-line arguments,
- generating and executing a suicide script,
- propagating across the network using SMB,
- brute forcing SMB login credentials, and
- generating Simple Mail Transport Protocol email messages containing target host system information.
Detection and Response
This alert’s IOC files provide HIDDEN COBRA IOCs related to Joanap and Brambul. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.
When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.
A successful network intrusion can have severe impacts, particularly if the compromise becomes public. Possible impacts include
- temporary or permanent loss of sensitive or proprietary information,
- disruption to regular operations,
- financial losses incurred to restore systems and files, and
- potential harm to an organization’s reputation.
DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:
- Keep operating systems and software up-to-date with the latest patches. Most attacks target vulnerable applications and operating systems. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
- Maintain up-to-date antivirus software, and scan all software downloaded from the internet before executing.
- Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of least privilege to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
- Scan for and remove suspicious email attachments. If a user opens a malicious attachment and enables macros, embedded code will execute the malware on the machine. Enterprises and organizations should consider blocking email messages from suspicious sources that contain attachments. For information on safely handling email attachments, see Using Caution with Email Attachments. Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.
- Disable Microsoft’s File and Printer Sharing service, if not required by the user’s organization. If this service is required, use strong passwords or Active Directory authentication. See Choosing and Protecting Passwords for more information on creating strong passwords.
- Enable a personal firewall on organization workstations and configure it to deny unsolicited connection requests.
Response to Unauthorized Network Access
Contact DHS or your local FBI office immediately. To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC ([email protected] or 888-282-0870), FBI through a local field office, or FBI’s Cyber Division ([email protected] or 855-292-3937).
- May 29, 2018: Initial version
Claroty Commended by Frost & Sullivan for Dominating the OT Network Protection Market with Its Holistic Security Platform
SANTA CLARA, Calif., May 29, 2018 -- Based on its recent analysis of the North American operational technology (OT) network protection platform market, Frost & Sullivan recognizes Claroty with the 2018 North American Entrepreneurial Company of the Year Award for consolidating its position in the industrial cybersecurity market. Claroty delivers unmatched product value through its holistic enterprise-class OT security platform, which supports the open and proprietary protocols of all major industrial control systems (ICS) equipment vendors. It offers engineers, operators, and cybersecurity professionals the deepest visibility into their OT networks and full protection of their ICS, supervisory control and data acquisition (SCADA), and Industrial Internet of Things (IIoT) assets.
Click here for the full multimedia experience of this release - http://bit.ly/2x8L2Sj
"Claroty's platform performs continuous, real-time monitoring to deliver a range of benefits including context-rich alerts, non-intrusive monitoring, access policy enforcement and control, and agentless deployment to a central management console," said Sankara Narayanan Senior Industry Analyst. "Its continuous threat detection software, installed on a server or run as a virtual machine (VM), connects to a SPAN port on a switch. The solution then views the traffic and makes a copy of it, rather than asking network assets any questions."
Because the solution uses deep packet inspection (DPI), Claroty does not leave a footprint on the industrial network. Instead, it safely monitors ICS network traffic from the outside. This also means that there is zero impact on existing critical ICS or OT systems.
Significantly, Claroty's continuous threat detection software automatically discovers, classifies, and profiles the assets according to IP address, appropriate asset category, and type of communication. It builds an active inventory of assets prior to the threat detection stage, creates a deep profile of the network communication patterns, and uses this information to generate a high-fidelity behavioral baseline model that characterizes legitimate traffic. As soon as an attacker tries to gain a foothold on a server or perform reconnaissance on the network, Claroty will detect the activity as anomalous traffic and provide the system and organization control (SOC) with context-rich alerts.
Another major value proposition from Claroty is risk assessment. It analyzes the risk levels of certain assets and connections on the network and highlights the high-risk elements so customers can quickly secure them. Although competing solutions may be able to find an anomaly and send numerous alerts for every anomaly found, Claroty's solutions pull out far more granular and actionable information. For instance, the product can discern the kind of OT industrial conversations taking place as opposed to only checking the identity of the IP addresses engaged in conversations and the frequency of conversations.
"Claroty's strategic partners include two of the largest industrial control vendors—Rockwell Automation and Schneider Electric—and one of the world's largest networking companies—Cisco. Unlike other vendors, Claroty's platform is the fulcrum of its partners' new managed security services business," noted Sankara Narayanan. "For enhancing the value proposition of its customers and partners, Claroty richly deserves Frost & Sullivan's Entrepreneurial Company of the Year Award."
Each year, Frost & Sullivan presents this award to the company that has demonstrated excellence in devising a strong growth strategy and robustly implementing it. The recipient has shown strength in terms of innovation in products and technologies, leadership in customer value, as well as speed in response to market needs. The award looks at the emerging market players in the industry and recognizes their best practices that are positioned for future growth excellence.
Frost & Sullivan Best Practices awards recognize companies in a variety of regional and global markets for demonstrating outstanding achievement and superior performance in areas such as leadership, technological innovation, customer service, and strategic product development. Industry analysts compare market participants and measure performance through in-depth interviews, analysis, and extensive secondary research to identify best practices in the industry.
Headquartered in New York and launched as the second startup from the famed Team8 foundry, Claroty combines elite management and research teams and deep technical expertise from both IT and OT disciplines, with backing from premier investors such as Bessemer Venture Partners and Innovation Endeavors. With an unmatched understanding of ICS, SCADA and other essential OT/IIoT systems, the Claroty team is building an unparalleled suite of integrated products addressing the full spectrum of cybersecurity protection, control, detection and response requirements. For more information, visit www.claroty.com.
About Frost & Sullivan
Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants. For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector, and the investment community. Contact us: Start the discussion.
E: [email protected]
SOURCE Frost & Sullivan
It started with neck and foot pain.
Barbara Meyer-Mitchell of Norwalk didn’t think much of it, and she did not connect it to symptoms that followed.
“It was a cascade of: every six months to a year, I had a weird new thing,” she said. “I went to a specialist for each problem, and they weren’t linking them together.”
Her primary care doctor in Westport tested her seven times for Lyme disease, but each test returned negative. It wasn’t until nearly a decade after her first symptoms appeared that she tried a new method being developed to detect Lyme.
Today’s most common Lyme test looks not for the disease-causing organism itself but for the specific antibodies people’s immune systems manufacture in response. Those antibodies were not in Meyer-Mitchell’s bloodstream, perhaps because she had had the disease for so long. But the long squiggly spirochetes causing it were.
Meyer-Mitchell still remembers the swell of emotion she felt upon learning the diagnosis — finally, there was an explanation for the host of symptoms her team of specialists had not been able to solve.
The Advanced Laboratory Services Inc. lab in Pennsylvania, where the test was conducted, has had difficulty satisfying the scientific community that its test is reliable, but researchers agree on the importance of a test that can detect the disease itself. That’s why, in a Danbury laboratory, a team of Western Connecticut Health Network researchers are pursuing a method of identifying the disease by scanning for its genes.
In addition to being to diagnose people with Lyme whose bodies have not created antibodies, such a test allows people to diagnose the disease earlier (it generally takes two to three months before tests can detect antibodies) and to tell whether the disease has been successfully treated (antibodies can linger in the blood even after the organisms causing them have disappeared, creating potential for false positives).
In the microscope room, Lead Research Associate Srirupa Das watched a video the of the bacteria wiggling across a Petri dish. She said that with the antibody test, “You miss a lot of positive cases. And once it detects it, it is already late, you are already infected with Lyme disease for two or three months ... By that time, the disease has already spread.”
Das said that being able to diagnose and start treatment early increased a patient’s chances of being cured. “That is why our research is so important.”
Paul Fiedler, a doctor researching Lyme disease at the Western Connecticut Health Network, pointed to a poster showing their team’s results.
“This is when we got really excited,” he said, indicating a chart comparing results from a traditional test to the results of the WCHN’s test as performed on 19 patients.
For the regular Lyme test, 32 percent of patients tested positive at the time of diagnosis, with that number increasing as patients returned to get retested two and six weeks later. In contrast, 63 percent of the patients tested by WCHN tested positive at diagnosis, and that number decreased over subsequent weeks as patients were treated.
However, even after three weeks of antibiotics, 44 percent of the WCHN patients still tested positive. “They’re supposed to be cured, right,” Fiedler said. “That’s what we want to follow.”
There is controversy over what causes Lyme disease symptoms to persist after treatment, Fiedler explained — some believe that it’s a prolonged infection (chronic Lyme disease), while others believes it’s a prolonged immune response causing problems.
Since an antibody-based test could not tell the difference between the two, WCHN’s gene-based test has the potential to finally answer the question. WCHN also home to the Lyme Disease Biobank, which has been collecting biological samples from people with Lyme disease since 2010. Fiedler said that another researcher had created a test for a number of tick-borne illnesses from a drop of blood, which could be used to look for patterns of how Lyme disease interacts with other infections.
The WCHN’s research, as Director of Public Relations Andrea Rynn, pointed out, is funded through philanthropy, and so the team recently launched a fundraising campaign, Taking Aim at Lyme (RedCarpetMosquitoControl.com). Fiedler hopes the campaign will raise both funds and awareness.
Lyme season is gearing up, as young ticks — the smallest and most difficult to notice — are looking for hosts and people are spending more time outdoors.
At Wah Wah Taysee Scout Camp in North Haven, nestled near the foot of Sleeping Giant State Park, Ranger Ross Lanius came home Monday evening after clearing tree damage caused by the recent storm.
He pulled off four ticks.
“You just got to be careful and check yourself every night,” he said.
Experts say a tick’s bite needs to last over a day before the infection sets in. But spotting ticks can be harder than it seems.
The other night, Lanius thought he had gotten them all and readied to relax.
“And Lordy be, I sit down and there’s one on my other wrist,” he recalled.
Kirby Stafford, chief scientist and state etymologist at the Connecticut Agricultural Experiment Station in New Haven, tests for ticks in the environment by dragging a square yard of polar fleece along vegetation (he dresses in insecticide-treated clothes for protection) in addition to asking the public to send in ticks they find.
“Usually we get about 3,000 ticks submitted by the public, the majority from Fairfield and New Haven counties,” Stafford said. A year ago, following a very mild winter, he had roughly 5,000 ticks.
As for whether this year will be a bad one, he says it’s too early to tell. While this winter was also mild, it was long, and he says tick submissions in early 2018 weren’t as high as in 2017. What he can say is that he had seen an increase in Fairfield County’s submission of Lone Star ticks.
“So it’s not just the deer ticks or dog ticks that people have to look out for,” he cautioned.
If you find a tick, you can submit it to your local health department for testing. Theresa Argondezzi, a health educator at the Norwalk Health Department, explained that anyone can come in with a tick during normal health department hours. There, a scientist will identify the tick and send deer ticks to Stafford’s office in New Haven.
Argondezzi said her department send ticks off to the state for free for Norwalk residents (for non-Norwalk residents, it’s $15). She cautioned the tick should not be smooshed, taped or covered in any type of substance — instead, they should be sealed in a contained or plastic bag, then packaged in a padded envelope.
The WHCN Lyme Disease Biobank accepts samples from anyone who has ever been diagnosed with Lyme disease, regardless of location — those interested in participating should email.
“When you think about this, this is still a relatively new disease,” said Rynn of WHCN. Lyme was discovered in Lyme, Connecticut, in the 1970s.
Protection against many common pathogens and environmental stressors is written into our DNA. Our skin responds to sun exposure. Our immune system mounts defenses when we get the flu. Our bodies inherently work to mitigate the potential for harm caused by these health threats. However, these intrinsic responses are not always quick, robust, or appropriate enough to adequately defend us from harm, which is why many people experience sunburn after intense sun exposure or suffer severe symptoms, even death, following exposure to the flu.
Military service members, first responders, and civilian populations face threats far more severe than sunburn and respiratory infections. Pathogens with pandemic potential, toxic chemicals, and radioactive materials can all quickly and powerfully overwhelm the body’s innate defenses. And though significant public and private investment has been focused on the development of traditional medical countermeasures such as drugs, vaccines, and biologics to guard against the worst effects of these health threats, current countermeasures are often limited in their effectiveness and availability during emergencies.
DARPA is looking to make gains beyond the status quo. Inspired by recent advances in understanding of when and how genes express their traits, DARPA’s new PReemptive Expression of Protective Alleles and Response Elements (PREPARE) program will explore ways to better protect against biological, chemical, or radiological threats by temporarily and reversibly tuning gene expression to bolster the body’s defenses against – or directly neutralize – a given threat.
“The human body is amazingly resilient. Every one of our cells already contains genes that encode for some level of resistance to specific health threats, but those built-in defenses can’t always express quickly or robustly enough to be effective,” said Renee Wegrzyn, the PREPARE program manager. “PREPARE will study how to support this innate resistance by giving it a temporary boost, either before or after exposure, without any permanent edits to the genome.”
The program will focus on four key health challenges as proofs of concept for what DARPA ultimately envisions as a generalizable platform that can be rapidly adapted to emerging public health and national security threats: influenza viral infection, opioid overdose, organophosphate poisoning, and exposure to gamma radiation.
“Each of these four threats are major health concerns that would benefit from disruptive approaches,” Wegrzyn said. “Seasonal flu vaccines, for example, are limited in that they try to hit a perpetually moving target, so circulating flu strains are often mismatched to vaccine strains. Programmable modulation of common viral genome sequences could potentially neutralize many more circulating viral strains simultaneously to keep up with moving targets. Combining this strategy with a temporary boost to host protection genes could change how we think about anti-virals.”
PREPARE requires that any treatments developed under the program have only temporary and reversible effects. In so doing, PREPARE diverges sharply from recent gene-editing research, which has centered on permanently modifying the genome by cutting DNA and inserting new genes or changing the underlying sequence to change the genetic code. Such approaches may cause long-lasting, off-target effects, and though the tools are improving, the balance of risk versus benefit means that these therapies are reserved for individuals with inherited genetic disorders with few to no other treatment options. In addition, some indications, including treatment of pain, may only require temporary solutions, rather than life-long responses.
The envisioned PREPARE technologies would provide an alternative that preserves the genetic code exactly as it is and only temporarily modulates gene activity via the epigenome and transcriptome, which are the cellular messages that carry out DNA’s genetic instructions inside cells. This would establish the capability to deliver programmable, but transient, gene modulators to confer protection within brief windows of time for meaningful intervention.
“Focusing only on programmable modulation of gene expression enables us to provide specific, robust protection against many threats at once, with an effect that carries less risk, is limited but tunable in duration, and is entirely reversible,” Wegrzyn said.
Success will hinge on developing new tools for targeted modulation of gene expression inside the body. Researchers must identify the specific gene targets that can confer protection, develop in vivo technologies for programmable modulation of those gene targets, and formulate cell- or tissue-specific delivery mechanisms to direct programmable gene modulators to the appropriate places in the body. Although the immediate program goal is to develop defenses against one of the four focus areas determined by DARPA, the ultimate objective of PREPARE is to develop a modular, threat-agnostic platform solution with common components and manufacturing architecture that can be readily adapted to diverse and emerging threats.
Research will be conducted primarily using computer, cell culture, organoid, and animal models to establish proof of concept. However, DARPA’s vision is to generate new medical countermeasures for future use in humans. As such, DARPA is working with independent bioethicists to identify and address potential ethical, legal, and societal issues.
By the end of the four-year program, DARPA aims for each funded team to submit at least one final product to the U.S. Food and Drug Administration (FDA) for regulatory review as an Investigational New Drug or for Emergency Use Authorization. Throughout the program, teams will be required to work closely with the FDA to ensure that the data generated and experimental protocols meet regulatory standards.
DARPA will hold a Proposers Day on June 13, 2018, in Arlington, Va., to provide more information about PREPARE and answer questions from potential proposers. For additional information, visit: https://fbo.gov/spg/ODA/DARPA/CMO/DARPA-SN-18-45/listing.html. Advance registration is required; please visit: https://events.sa-meetings.com/PREPAREProposersDay. A full description of the program will be made available in a forthcoming Broad Agency Announcement.
TUCSON, Ariz. -- Disabled veterans in Alabama, Arizona, New Mexico and Texas can now apply for the 2018 No Barriers Warriors Grand Canyon Veteran Wilderness Expedition funded by Raytheon Company (NYSE: RTN). In October, the non-profit No Barriers USA organization will once again lead a team of 14 disabled veterans on a nine-day journey of discoveries and challenges in the Grand Canyon. Disabled veterans from all military branches and eras of service can apply. Apply by July 15, 2018, for October Grand Canyon rafting trek
To be considered for this year's expedition, disabled veterans should apply by July 15, 2018, through the No Barriers Warriors website. Once selected, team members must train for the journey and commit to a nine-day rafting adventure through the Grand Canyon. Participants pay nothing for the expedition; Raytheon underwrites the entire trip.
"I have witnessed the transformative power of No Barriers expeditions," said Dr. Taylor W. Lawrence, Raytheon Missile Systems president. "These are truly life-changing experiences for veterans seeking to improve their quality of life."
By fusing a comprehensive curriculum involving structured group dialogues with physically challenging activities such as long-distance hiking and rafting, disabled veterans team up to gain new strategies and skills that help them confront and overcome the barriers they face. This is the fifth year Raytheon and No Barriers have partnered for a veteran wilderness expedition. Previous journeys took teams to the Rocky Mountains in Colorado and Wind River Range in Wyoming.
About No Barriers USA
No Barriers improves the lives of veterans with disabilities through curriculum-based experiences in challenging environments. Our experiences serve as both an opportunity for growth and a catalyst for change as these brave men and women stretch physical and emotional boundaries, foster camaraderie, pioneer through adversity, and step up and serve others. Through experiences that are one part adventure, one part curriculum and one part physical challenge, we show veterans that what's within them is stronger than what is in front of them. The mission of No Barriers USA is to unleash the potential of the human spirit. Through transformative experiences, tools and inspiration, No Barriers helps people embark on a quest to overcome obstacles, live a full life and contribute their absolute best to the world. Follow us on Facebook and Twitter.
Raytheon Company, with 2017 sales of $25 billion and 64,000 employees, is a technology and innovation leader specializing in defense, civil government and cybersecurity solutions. With a history of innovation spanning 96 years, Raytheon provides state-of-the-art electronics, mission systems integration, C5ITM products and services, sensing, effects, and mission support for customers in more than 80 countries. Raytheon is headquartered in Waltham, Massachusetts. Follow us on Twitter.
No Barriers USA
+1.970.484.3633, ext. 316
EL SEGUNDO, Calif., May 28, 2018 -- Raytheon (NYSE: RTN) signed an interactive project agreement with Defence Science and Technology (DST) to work collaboratively to develop and prototype advanced electronic warfare capabilities for the Australian Defence Force's priorities and programs.
Australia's Chief Defence Scientist, Dr Alex Zelinsky, has welcomed the agreement saying it further strengthens the partnership between DST and Raytheon.
"Our ability to build Defence capability relies on support from industry to deliver leading-edge innovation and research," said Dr Zelinsky. "Scientific organisations alone cannot achieve the needed advances without extensive collaboration with industry and academia."
Under the agreement, Raytheon will provide its Multi-Function Receiver Exciter System test bench, a control system and a modeling and simulation environment. The lab will use MFIRES, a part of a product family that includes Raytheon's Next Generation Jammer Mid-band, to evolve and test advanced EW techniques.
"Controlling the electromagnetic spectrum is essential to today's mission success," said Doug Marimon, director of Raytheon Electronic Warfare Systems. "By combining U.S. and Australian strengths, we enhance our ability to deliver decisive EW capabilities in the Pacific and beyond."
Along with its electronic attack capability, MFIRES is also a radar warning receiver, providing electronic support and protection. Integrating multiple functions enables system success across the full EW mission by using less power, weight and space, all crucial elements in creating a significant advantage in electronic warfare.
Raytheon brings 50 years of EW experience and an established reputation for electromagnetic spectrum reliability and performance. DST Group, Australian industry and Raytheon will stand-up the lab in Adelaide, where they will take the first step toward creating a sovereign, integrated electronic warfare solution in Australia.
Raytheon Company, with 2017 sales of $25 billion and 64,000 employees, is a technology and innovation leader specializing in defense, civil government and cybersecurity solutions. With a history of innovation spanning 96 years, Raytheon provides state-of-the-art electronics, mission systems integration, C5I™ products and services, sensing, effects, and mission support for customers in more than 80 countries. Raytheon is headquartered in Waltham, Mass. Follow us on Twitter.
May 21, 2018 -- Secretary of Homeland Security Kirstjen M. Nielsen today announced the release of Fiscal Year (FY) 2018 Notices of Funding Opportunity for eight DHS preparedness grant programs totaling more than $1.6 billion. The grant programs provide funding to state, local, tribal, and territorial governments, as well as transportation authorities, nonprofit organizations, and the private sector, to improve the nation’s readiness in preventing, protecting against, responding to, recovering from and mitigating terrorist attacks, major disasters and other emergencies. The grants reflect the Department’s focus on funding for programs that address our nation’s immediate security needs and ensure public safety in our communities.
“The administration remains committed to strengthening the security and resilience of our state and local communities,” said Secretary Nielsen. “The DHS grant programs are flexible by design and will be used to help address evolving threats. They will go toward building and sustaining capabilities across all levels of government and the whole community to maximize preparedness.”
The FY 2018 grant guidance will continue to focus on the nation’s highest risk areas, including urban areas that face the most significant threats. For FY 2018, the Urban Area Security Initiative (UASI) will enhance regional preparedness and capabilities by funding 32 high-threat, high-density urban areas. This represents Congressional intent to limit FY 2018 UASI funding to those Urban Areas that represent up to 85 percent of the nationwide risk, as stated in the Explanatory Statement accompanying the Department of Homeland Security Appropriations Act, 2018 (Pub. L. No. 115-141).
Consistent with previous grant guidance, dedicated funding is provided for law enforcement and terrorism prevention throughout the country to prepare for, prevent and respond to pre-operational activity and other crimes that are precursors or indicators of terrorist activity.
Grant recipients are encouraged to use grant funding to maintain and sustain current critical core capabilities through investments in training and exercises, updates to current planning and procedures, and lifecycle replacement of equipment. New capabilities that are built using homeland security grant funding must be deployable if needed to support regional and national efforts. All capabilities being built or sustained must have a clear linkage to the core capabilities articulated in the National Preparedness Goal.
Preparedness Grant Program Allocations for Fiscal Year 2018:
Emergency Management Performance Grant (EMPG)—provides more than $350 million to assist state, local, tribal, territorial governments in enhancing and sustaining all-hazards emergency management capabilities.
Homeland Security Grant Program (HSGP)—provides more than $1 billion for states and urban areas to prevent, protect against, mitigate, respond to, and recover from acts of terrorism and other threats.
State Homeland Security Program (SHSP)—provides $402 million to support the implementation of risk-driven, capabilities-based State Homeland Security Strategies to address capability targets. States are required to dedicate 25 percent of SHSP funds to law enforcement terrorism prevention activities.
Urban Area Security Initiative (UASI)—provides $580 million to enhance regional preparedness and capabilities in 32 high-threat, high-density areas. States and Urban Areas are required to dedicate 25 percent of UASI funds to law enforcement terrorism prevention activities.
Operation Stonegarden (OPSG)—provides $85 million to enhance cooperation and coordination among local, tribal, territorial, state and federal law enforcement agencies to jointly enhance security along the United States land and water borders.
Since the enactment of the 9/11 Act, FEMA has required states to ensure that at least 25 percent of the total funds awarded to them under SHSP and UASI are dedicated toward law enforcement terrorism prevention activities (LETPA). The total LETPA allocation can be satisfied from SHSP, UASI or both. In addition, states must obligate at least 80 percent of the funds awarded under SHSP and UASI to local or tribal units of government within 45 days of receipt of the funds.
Tribal Homeland Security Grant Program (THSGP)—provides $10 million to eligible tribal nations to implement preparedness initiatives to help strengthen the nation against risk associated with potential terrorist attacks and other hazards.
Nonprofit Security Grant Program (NSGP)—provides $60 million to support target hardening and other physical security enhancements for nonprofit organizations that are at high risk of a terrorist attack. This year, $50 million is provided to nonprofits in UASI-designated urban areas, and $10 million is provided to nonprofits located in any state or territory.
Intercity Passenger Rail - Amtrak (IPR) Program—provides $10 million to protect critical surface transportation infrastructure and the traveling public from acts of terrorism and increase the resilience of the Amtrak rail system.
Port Security Grant Program (PSGP)—provides $100 million to help protect critical port infrastructure from terrorism, enhance maritime domain awareness, improve port-wide maritime security risk management, and maintain or reestablish maritime security mitigation protocols that support port recovery and resiliency capabilities.
Transit Security Grant Program (TSGP)—provides $88 million to owners and operators of transit systems to protect critical surface transportation and the traveling public from acts of terrorism and to increase the resilience of transit infrastructure.
Intercity Bus Security Grant Program (IBSGP)—provides $2 million to owners and operators of intercity bus systems to protect critical surface transportation infrastructure and the traveling public from acts of terrorism and to increase the resilience of transit infrastructure.
All preparedness Notices of Funding Opportunities can be found at www.grants.gov. Final submissions must be made through the Non-Disaster (ND) Grants system located at https://portal.fema.gov.
Further information on DHS’s preparedness grant programs is available at www.dhs.gov and http://www.fema.gov/grants.
# # #
Nuctech participated in the Second Technical Meeting on Radiation Detection Instruments for Nuclear Security of IAEA
Lead by Li Yuanjing the Senior Vice President of Nuctech, Nuctech participated in the Second Technical Meeting on Radiation Detection Instruments for Nuclear Security of IAEA held in Vienna the capital of Austria from 16th to 20th, April, 2018. The topic was: Trends, Challenges and Opportunities. The conference is aimed at gathering the professionals, users, and manufacturers to discuss the emerging threats and the development trend in the field of radiation detecting.
During the conference, Mr.Li communicated thoroughly with the leaders of the bureau of radiation security of IAEA on deepen the cooperation of system maintenance and staff training, as well as to participate in the global project of IAEA, and other topics. On behalf of Nuctech, Li Yulan the engineer delivered a speech in which she introduced Nuctech briefly, and introduced the characteristics and application prospects of different types of products of Nuctech in detail.
During the exhibition, the high purity germanium detector attracted a great attention from the professionals of IAEA members and of the industry with its background of independent R&D and the leading capability of radiation detecting. The booth of Nuctech welcomed the professionals from France, Malaysia, Austria, Egypt, Bangladesh, and other countries and regions.
BETHESDA, Md., May 21, 2018 -- Today Lockheed Martin (NYSE: LMT) announced Michele Evans has been named Deputy Executive Vice President for its Aeronautics business area, effective June 4. Evans will report to the business area's Executive Vice President, Orlando Carvalho, and will be based at the Aeronautics headquarters in Fort Worth, Texas.
Evans will be responsible for all programs, including F-35, F-16, C-130 and Advanced Development Programs, and will partner with Carvalho to ensure Lockheed Martin Aeronautics continues to meet customer commitments and grow the business.
Evans was most recently Vice President and General Manager for Integrated Warfare Systems and Sensors in Lockheed Martin's Rotary and Mission Systems business area. In this role, she oversaw the strategy and execution of the Littoral Combat Ship program, Aegis Combat Systems and sea-based missile defense, as well as a host of other systems. The programs she led in this role supported all branches of the U.S. Armed Forces, and more than 40 countries. She also was Vice President of Modernization and Sustainment, where she was responsible for the A-10 weapons system, and avionics programs on the C-130 and F-35.
"The variety of her experiences make Michele uniquely qualified to take on this new role," Carvalho said. "Aligning program leadership to her will enable us to maintain and enhance best practices; and further build a cohesive, strategic operating rhythm for our programs."
Evans holds a bachelor's degree in Mechanical Engineering from Clarkson University. She serves on the corporate boards for Lockheed Martin Australia and the United Kingdom, and is a member of Clarkson University's Coulter School of Engineering Advisory Board.
With her appointment, Paul Lemmo has been named Vice President and General Manager for Integrated Warfare Systems and Sensors in the Rotary and Mission Systems business area. Paul most recently served as Vice President of Fire Control/SOF GLSS line-of-business which provides a wide range of logistics support services.
About Lockheed Martin
Headquartered in Bethesda, Maryland, Lockheed Martin is a global security and aerospace company that employs approximately 100,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.
SOURCE Lockheed Martin
CIVITAVECCHIA, Italy, May 21, 2018 -- Percepto, developers of on-site autonomous drone systems, today announced that Enel, a multinational power company and a leading integrated player in the global, power, gas and renewables markets, has completed deployment of Percepto's Sparrow drone system for use at its Torrevaldaliga Nord power plant in Italy. The multipurpose drone platform will support operation and maintenance activities at the site.
At Enel's power plant, Sparrow will fly in automated mode, under the supervision of an operator who can take control of the device at any moment as Italy's regulatory framework does not currently allow fully autonomous drone flight.
Powered by computer vision and AI technology, the drone carries a permanent dual payload of day and night-vision (thermal) cameras enabling around-the-clock operations, including the collection of aerial video, snapshots and data that can be transmitted to Enel personnel in real-time.
When flying autonomously, Sparrow conducts inspection missions without any human intervention.
Percepto's drone-in-a-box solution makes aerial missions easier to conduct, increasing flight frequency and the probability of anomaly detection at an early stage. Once an anomaly is detected, the drone sends out an alert in real-time, describing the nature of the problem and reporting its location. Sparrow's ongoing data collection and analysis enables preventative maintenance, ultimately leading to a reduction in operational costs and improved site productivity.
"While drones are touted as the technology of the future, the ability to act autonomously unlocks their true potential, enabling them to act as a responsible, independent and smart 'team member' that provides not only a bird's-eye view of facilities, but real, actionable insights," said Dor Abuhasira, CEO of Percepto. "We're proud to be working with Enel and look forward to many years of cooperation with a company that excels in terms of generation of safe, low-cost, and environmentally-conscious energy."
Sparrow is stationed on-site at Enel's Torrevaldaliga Nord power plant and is housed in a self-contained base unit from where it launches and lands autonomously. The Percepto Base shelters, charges, transfers data and conducts "health checks" on the drone when it is not in operation. The system is also designed to withstand harsh weather conditions, such as heavy rain, snow and dust, allowing it to operate year-round.
To view Percepto's Sparrow drone operating at Enel's Torrevaldaliga Nord power plant, please click here.
Founded in 2013, Percepto is pioneering the use of commercial drones in industrial environments. Percepto's on-site drone system operates autonomously without human intervention. It is also capable of performing multiple security, safety and inspection missions around the clock. As a long time supplier of real-time machine vision and AI technology to the defense industry, Percepto now offers its unique set of capabilities to commercial markets. For more information, please visit us at: http://www.percepto.co