Education | Training
GSN 2012 Awards announced: White House deputy of homeland security recognized for leadership at annual gala
GSN Awards 2012
Hundreds of the best of the homeland security community’s federal, state and municipal government officials, government contractors, systems integrators, IT vendors and physical security product and solutions providers all came together the night of November 29 in a ballroom of the Washington, D.C. convention center to receive accolades.
The GSN awards dinner, which has become a Washington tradition over the last four years, offered a chance for the excellence and civic-minded spirit of homeland security efforts nationwide to be recognized.
Not only were the best tools and technologies acknowledged , but the people and groups who use them, from local police departments in Florida and Washington state, to the White House, were honored at the event.
During the awards ceremonies, Richard Reed, Deputy Assistant to President Obama for Homeland Security, received the second annual Government Security News/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security. Reed was chosen for tireless work in his key role in leading the development of national policy related to resilience, transborder security and community partnerships. He has been described as the president’s eyes and ears during disasters. In crises, such as the Gulf oil spill, H1N1 pandemic, and Haiti earthquake, Reed has sprung into action at the White House, coordinating information and gathering people to cope with these catastrophes.
Reed told Government Security News in an interview after the dinner that gatherings like GSN’s awards ceremony were invaluable in demonstrating that the hard work of creating a resilient, strong response to crises is performed by thousands of individuals, like those in attendance. Gatherings that bring the diverse emergency response and homeland security communities together can broaden perspectives and spur new ideas, he said.
Reed has been a determined, mostly behind-the-scenes, captain of federal emergency response efforts during the Bush and Obama administrations, helping prepare for, and respond to, some of the worst natural disasters the nation has known, from one of the deadliest tornado seasons in history in the Midwest, to historic wild fires in the west, and massive storms in the eastern U.S.
Reed said the key to capable response to such staggering events lies not only in federal hands, but in enabling state, local and even personal responses. Getting resources and training in place before disasters happen goes a long way in an effective response and recovery, he said. “The true first responders are friends, neighbors and co-workers” in the immediate aftermath of a disaster, said Reed. Local police, firefighters and other agencies arrive second, he said. Enabling people with information concerning what resources are available or where they can go for help or supplies empowers them, said Reed.
Government Security News managing partner Adrian Courtenay has made the GSN/Raytheon award an annual tradition. The prize is sponsored by the Raytheon Company, a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world, which is headquartered in Waltham, MA.
Notable 2012 government excellence award winners included the local police departments in Tampa and St. Petersburg, FL, for their ground-breaking work in preparing for the Republican National Convention in Tampa this past summer. The departments put together comprehensive plans to gently defuse potentially volatile political demonstrations at the event. Both departments were also praised for implementing an innovative interoperable communications network during the GOP convention.
The Lawrence Livermore National Laboratory was recognized for its groundbreaking work on a small radiation detector. The Naval Air Systems Command won an award for its work on the Kestrel Wide Area Persistent Surveillance program, which developed an aerostat for long-term surveillance capabilities to protect ground soldiers in Afghanistan.
The complete list of GSN’s 2012 Award winners appears below:
CATEGORY 1 – VENDORS OF IT SECURITY PRODUCTS AND SOLUTIONS
Best Anti-Malware Solution
Best Identity Management Platform
Best Certificate Management Solution
Best Compliance /Vulnerability Assessment Solution
Best Data Security/Loss Management Solution
Best Endpoint Security Solution
Best Forensic Software
Best Intelligence Data Fusion and Collaborative Analysis Solution
Lookingglass Cyber Solutions
Best Intrusion Detection/Prevention Solution
Vanguard Integrity Professionals
Best Network Security/Enterprise Firewall
Best Privileged Access Management Solution
Best Real-Time Dynamic Network Analysis
Best Continuous Monitoring Solution
Best Security Incident/Event Management Solution (SIEM)
CATEGORY 2 – VENDORS OF PHYSICAL SECURITY PRODUCTS & SOLUTIONS
PHYSICAL SECURITY ACCESS CONTROL & INDENTIFICATION
Best Biometric Identification Solution
Best Integrated System for HSPD 12/FIPS 201 Compliance
Best Platform for Physical and Logical Access
Best Interoperable First Responder Communications
Best Mass Notification Systems
Best Regional or National Public Safety Communications Deployment
Best Explosives Detection Solution
Best Long Range Detection Systems
Best Nuclear/Radiation Detection
Lawrence Livermore National Laboratory
Best Intelligent Video Surveillance Solution
Best Thermal/Night Vision/Infrared Cameras
HGH Infrared Systems
Best Network IP Cameras
Best Video Storage/Digital Transmission Systems
Best Perimeter Protection Solution
Best Crash Barriers
Best Physical Security Information Management (PSIM) Solution
Best Disaster Preparedness or Disaster Recovery & Clean-up Service
High-Rise Escape Systems
Best Facility Security/Force Protection Service
Best Homeland Security Training/Higher Education Solutions
Category 3: Government Security News 2012 Government Excellence Awards
Most Notable Airport Security Award
Defense Manpower Agency
Most Notable Maritime/Port Security Program
Ohio Department of Public Safety/Northern Border Initiative
Most Notable Railroad/Mass Transit Security Program
Denver Regional Transportation Authority
Most Notable Critical Infrastructure Program, Project or Initiative
U.S. Veterans Administration Hospital, Tucson, AZ
Most Notable Cyber Security Program, Project or Initiative
U.S. Department of Energy
Most Notable Emergency Response Implementation
U.S. National Guard
Federal Emergency Management Agency (FEMA)
Most Notable Law Enforcement Interdiction, Arrest or Counter-Terrorism Program
Orange County Intelligence Assessment Fusion Center
Most Notable Municipal/County Programs, Projects or Initiatives
Seattle, Washington Police Department
Tampa and St. Petersburg, Florida Police Departments
Naval Air Systems Command (Kestrel Wide Area Persistent Surveillance)
The Government Security News 2012 Homeland Security Awards Program officially opened for entries on May 1, once again featuring 45 Awards in three broad Categories:Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions and the 2011 Government Excellence Awards.
Returning as corporate Sponsors of the 2012 Program are BRS Laboratories of Houston, TX -- a leading software development company for video behavioral recognition software that deploys easily and rapidly on large scale video networks and provides actionable information without inundating end users with false alarms -- and Entrust, Inc. , of Dallas, TX, which offers physical/logical access, mobile security, certificate management and other identity-based solutions to governments and large enterprises. Additional sponsors will be announced, and profiles of all 2012 sponsors, will be published in coming weeks. Companies interested in joining the ranks of sponsors of the 2012 Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.
The cost to submit an entry in the 2012 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies. Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.
According Adrian Courtenay, managing partner of World Business Media, several new categories created in 2011 to acknowledge successful initiatives of federal, state or local agencies in responding to emergencies, countering terrorism and preventing crime will again be included in 2012. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local”; “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local”; and “Most Notable Counter Terrorism or Crime Prevention Program”.
In the 2011 contest, the Bastrop Country, TX, Unified Command (including county, state and federal government agencies) was awarded the trophy for “Most Notable Emergency Response Implementation” in battling 2011 Texas wildfires in Bastrop County. The United States Customs and Border Protection, Detroit Sector, was winner in the “Most Notable Law Enforcement Interdiction or Arrest” category for a dramatic arrest on St. Clair River in Detroit, and the Los Angeles Police Department was recognized for having the “Most Notable Law Enforcement Counter Terrorism or Crime Prevention Program.”
Another category that was new in 2011, “Most Notable Cyber Security Program or Technology – Government or Military”, will also be continued, in recognition of the emergence of Cyber Security as a vitally important component of overall security for any nation. The winner of this award in 2011 was the National Oceanic and Atmospheric Administration.
The 2012 Awards Program will once again culminate with a gala awards dinner in the fall, at a venue to be announced shortly. In the 2011 program, the “GSN/Raytheon Award for Distinguished Leadership and Innovation” was introduced and presented to Admiral Thad Allen (US Coast Guard-ret.), who came out of retirement twice in recent years to serve his country, first in heading up the federal response to Hurricanes Katrina and Rita, and later in managing the response to the Deepwater Horizon oil spill in the Gulf of Mexico.
In remarks for the 2011 Awards Dinner audience, Admiral Allen said the continuing work of technology companies and first responders was key in any disaster. He urged everyone to become a “lifelong rapid learner” to better cope with disasters, both man-made and natural. He also said “reconciling opportunity and competency” when disaster strikes is essential to any effective recovery, and being on top of the latest, most effective technology is a product of being a lifelong rapid learner. He also said clear communications is also a key to effective response and amplified his call for a nationwide interoperable first responder radio network.
Photos of the 2010 awards reception and dinner are available at www.flickr.com/photos/[email protected]/, and video interviews with Admiral Allen, as well as sponsors and winners in the 2011 Awards program, are available at the GSN Video Center at www.gsnmagazine.com/videocenter.
Entry forms and other information about the 2012 Awards Program are available at www.gsnmagazine.com/hsa2012/welcome.
Government Security News has announced that its 2011 Homeland Security Awards Program will officially open for business and start accepting entries in the program’s 45 awards categories on Tuesday, April 26.
The 2011 program contains a number of exciting new categories, reflecting the dynamically changing threat environment, in all three of the overall awards groupings: Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions, and the 2011 Government Excellence Awards.
The cost for each entry in the 2011 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies.
Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.
Adrian Courtenay, Managing Partner of GSN’s parent company, World Business Media, LLC, cited two intriguing new categories in the government sector that have been selected to acknowledge solid “boots on the ground” achievements of federal, state or local agencies in responding to emergencies, countering terrorism and stopping crime. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local” and “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local.”
Acknowledging the increasing importance of cyber security and the threat of cyber war among nation-states, Courtenay also pointed out that the government awards in 2010 have been expanded to include a category titled, “Most Notable Cyber Security Program or Technology – Government or Military.”
Returning for its third year as a sponsor of the GSN Awards Program is founding sponsor ArcSight, now a business unit of Hewlett Packard Software and Solutions, whose enterprise threat and risk platform is an integrated product for collecting, analyzing and assessing security and risk information. ArcSight is also a repeat winner in the GSN awards program for its Security Incident Event Management (SIEM) products for collecting, analyzing and assessing security incident event information.
Also returning as event sponsors are General Dynamics C4, located in Phoenix, AZ, a major developer and integrator of secure communications and information systems and technology; and Mutualink, another GSN award winner, which creates networks of interoperable communities that can instantly share radio, voice, text, video and data files, and telephone communications in a secure environment.
The fourth and final sponsor to date in the 2011 Awards Program is Behavioral Recognition Systems, Inc., of Houston, TX, also known as BRS Labs, whose software uses the fascinating, scientifically developed cognitive reasoning and artificial intelligence of behavioral analytics to leverage a stream of intelligence from millions of surveillance cameras worldwide, in order to provide alerts regarding abnormal or suspicious behavior.
Profiles of each of the 2011 sponsors will be posted on the GSN Web site in the coming weeks.
Additional companies or organizations interested in joining the ranks of 2011 sponsors of the GSN 2011 Homeland Security Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.
According to Courtenay, the 2011 Awards Program will culminate with the annual awards dinner in early November at a venue to be announced shortly. “It’s going to be hard to top last year’s elegant dinner and spectacular after-dinner keynote presentation by four-star General Barry McCaffrey (USA-Ret.). But we’re going to try!”
In 2010, the GSN awards were presented to a sold-out ballroom at the JW Marriott Hotel in Washington, DC, that included many distinguished government and military officials, academics, law enforcement and public safety professionals from across the country, along with the systems integrators, defense contractors and vendors of products and solutions used in homeland security.
Photos of the 2010 awards reception and dinner are available at:
Further information and entry forms for the 2011 Awards Program are available at:
DARPA program aims to radically improve software’s ability to recognize and reject invalid and malicious electronic data
Today, the expeditious delivery of electronic documents, messages, and other data is relied on for everything from communications to navigation. As the near instantaneous exchange of information has increased in volume, so has the variety of electronic data formats–from images and videos to text and maps. Verifying the trustworthiness and provenance of this mountain of electronic information is an exceedingly difficult task as individuals and organizations routinely engage with data shared by unauthenticated and potentially compromised sources. Further, the software used to process electronic data is error-prone and vulnerable to exploitation through maliciously crafted data inputs, opening the technology and its underlying systems to compromise. An attacker’s ability to deliver novel cyberattacks via electronic documents, messages, and streaming data formats appears unbounded, creating an unsustainable situation for software security.
To reduce the sizable attack surface created across consumer, enterprise, and critical infrastructure systems and to help tackle the threat posed by unauthenticated and potentially compromised electronic data, DARPA today announced a new program called Safe Documents (SafeDocs). The goal of the SafeDocs program is to dramatically improve software’s ability to detect and reject invalid or maliciously crafted input data, without impacting the key functionality of new and existing electronic data formats.
“With today’s online risk environment, allowing software to interact with untrusted electronic documents and messages is akin to downloading and running untrusted programs on your computer,” said Sergey Bratus, the DARPA Information Innovation Office (I2O) program manager leading SafeDocs. “To create a safer internet, we must first create safer electronic documents. Through SafeDocs, we are looking for ways to reduce the complexity of electronic document exchange and minimize the means of exploitation for all malicious actors–from cybercriminals to nation states.”
SafeDocs seeks to create technological assurance that an electronic document or message is automatically checked and safe to open, while also generating safer document formats that are subsets of current, untrustworthy versions. To accomplish its goals, the program will focus on two primary technical research thrusts.
The first thrust seeks to develop methodologies and tools for capturing and defining human-intelligible, machine-readable descriptors of electronic data formats. To do this, researchers will explore means of extracting the de facto syntax of existing data formats and identifying each format’s simpler subset that can be parsed safely and unambiguously, and used in verified programming without impacting the format’s essential functionality.
Under the second technical thrust, researchers will create software construction kits for building secure, verified parsers, using the simplified format subsets where the existing format’s inherent complexity or ambiguity has been reduced for safety. Parsers, which are used to break data inputs down into manageable objects for further processing, can contain exploitable flaws and behaviors. Research under this thrust will strive to create the methodologies and tools needed to build high-assurance and verifiable parsers for new and existing data formats to help reduce the technology’s chances of compromise.
Interested proposers have an opportunity to learn more about the SafeDocs program during a Proposers Day, scheduled for Friday, August 24, 2018 from 2:00pm-5:00pm ET at the DARPA Conference Center, located at 675 N. Randolph St., Arlington, Virginia, 22203. For additional information, visit https://www.fbo.gov/index?s=opportunity&mode=form&id=dd089906ecc1c3417a7ef399a0510cc7&tab=core&_cview=0. A full description of the program will be made available in a forthcoming Broad Agency Announcement.
CAMBRIDGE, Mass., Aug. 1, 2018 -- Boeing [NYSE: BA] today announced plans to open the new Boeing Aerospace & Autonomy Center in Cambridge, Mass., becoming the first major tenant of the Massachusetts Institute of Technology's (MIT) new mixed-use district in Kendall Square.
Under the agreement, Boeing will lease 100,000 square feet of research and lab space inside a new 17-floor building at 314 Main Street in Cambridge. The new center will house employees from Boeing and subsidiary Aurora Flight Sciences, who will focus on designing, building and flying autonomous aircraft and developing enabling technologies.
The investment in the new center follows the recent creation of Boeing NeXt. This new organization unites researchers and projects across the company to shape the future of travel and transport, including the development of a next-generation airspace management system to enable the safe coexistence of piloted and autonomous vehicles. Employees at the center will help develop new technologies in support of Boeing NeXt programs.
"Boeing is leading the development of new autonomous vehicles and future transportation systems that will bring flight closer to home," said Greg Hyslop, Boeing chief technology officer. "By investing in this new research facility, we are creating a hub where our engineers can collaborate with other Boeing engineers and research partners around the world and leverage the Cambridge innovation ecosystem."
The construction of the new research facility is part of MIT's broad strategy to foster vibrancy and diversity in Kendall Square, which is often referred to as the most innovative square mile in the world. Through its Kendall Square Initiative, the university will develop six buildings to house a blend of lab and research, office, housing and retail space.
"It's fitting that Boeing will join the Kendall/MIT innovation family," said MIT Provost Martin Schmidt. "Our research interests have been intertwined for over 100 years, and we've worked together to advance world-changing aerospace technologies and systems. MIT's Department of Aeronautics and Astronautics is the oldest program of its kind in the United States, and excels at its mission of developing new air transportation concepts, autonomous systems and small satellites through an intensive focus on cutting-edge education and research. Boeing's presence will create an unprecedented opportunity for new synergies in this industry."
Employees from Aurora Flight Sciences' existing research and development center in Kendall Square will move into the new center and operate it on behalf of Boeing once complete.
"Today, Aurora's Kendall Square team is already building innovative autonomous systems," said John Langford, Aurora Flight Sciences founder, chief executive officer and MIT alumnus. "By expanding Aurora's 30-year relationship with MIT, and working with Boeing, we are creating a collaborative space where engineers, students and researchers can work together to create technologies that will define the next-century of air mobility."
Financial terms of the new lease agreement and development of the new facility were not disclosed.
The new agreement builds on a century-long relationship between Boeing and MIT to advance aerospace innovation. Last year, the company announced its role as lead sponsor of an $18 million project to replace MIT's Wright Brothers Wind Tunnel.
Aurora Flight Sciences, A Boeing Company, is an innovative technology company striving to create smarter aircraft through the development of versatile and intuitive autonomous systems. Operating at the intersection of technology and robotic aviation, Aurora leverages the power of autonomy to make manned and unmanned flight safer and more efficient. Headquartered in Manassas, Virginia, Aurora has more than 550 employees and operates in six locations, including research and development centers in Cambridge, Massachusetts, and Luzern, Switzerland; manufacturing facilities in Bridgeport, West Virginia, and Columbus, Mississippi; and offices in Dayton, Ohio, and Mountain View, California.
Boeing is the world's largest aerospace company and leading manufacturer of commercial jetliners and defense, space and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in more than 150 countries. Boeing products and tailored services include commercial and military aircraft, satellites, weapons, electronic and defense systems, launch systems, advanced information and communication systems, and performance-based logistics and training.
PITTSBURGH, July 30, 2018 -- The Carnegie Mellon University Software Engineering Institute CERT Division today announced the 2nd annual CERT Data Science in Cybersecurity Symposium, a free one-day symposium to be held in Arlington, Va., on August 29. Registration is now open.
Modern computer networks generate incredible amounts of data, but making sense of this data is simultaneously a critically important task and a near-impossible exercise requiring advanced software and highly trained personnel.
Data science focuses on creating techniques that uncover hidden patterns in enormous data sets and developing tools that enable this discovery in any dataset and in any environment. Over the past few years, significant advances were made in both techniques and tools, enabling even the most subtle of patterns to be identified using modern computing power.
The 2018 CERT Data Science in Cybersecurity Symposium focuses on metadata and will examine the deep insights to be gleaned from what appears to be highly limited data and the relationship between cybersecurity data and privacy and how to manage that risk.
Speakers at the symposium will include
- Lujo Bauer, associate professor, Carnegie Mellon University Institute for Software Research
- Ari Gesher, morning keynote speaker, founding director of software engineering at Kairos Aerospace
- Bob Rudis, chief security data scientist, Rapid7
- Shawn Riley, chief data officer and CISO, Darklight Cybersecurity (invited)
- Eliezer Kanal, technical manager, science of cybersecurity, SEI CERT Division
- Doug Sicker, department head and professor, Engineering and Public Policy, Carnegie Mellon University
- Mark Perlin, CSO and CEO, Cybergenetics
- Lisa Gumbs, assistant general counsel for operations (ret.), Defense Intelligence Agency
- April Galyardt, machine learning research scientist, SEI CERT Division
The event is free to attend, but space is limited, and registration is required to reserve a seat.
For more information about the CERT Data Science in Cybersecurity Symposium and to register, visit https://data-science-symposium.eventbrite.com.
About the Carnegie Mellon University Software Engineering Institute
The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI works with organizations to make measurable improvements in their software engineering capabilities by providing technical leadership to advance the practice of software engineering. For more information, visit the SEI website at http://www.sei.cmu.edu. The CERT Division of the SEI is the world's leading trusted authority dedicated to improving the security and resilience of computer systems and networks and a national asset in the field of cybersecurity. For more information, visit http://www.cert.org.
DARPA will host a competitors day September 27, 2018, to communicate the vision and timeline of the DARPA Subterranean (SubT) Challenge, engage potential competitors, and provide a space for technical and operational exchange.
The competitors day also will provide preliminary information about the SubT Challenge and encourage and promote the formation of cross-cutting teams possessing exceptional expertise and development capabilities for executing research and development capable of completing the DARPA SubT Challenge.
The goal of the DARPA Subterranean Challenge is to discover innovative solutions to rapidly and remotely map, navigate, and search complex underground environments, including human-made tunnel systems, urban and municipal underground infrastructure, and natural cave networks.
Teams will compete in three preliminary circuit events and the final event in both systems and virtual competitions. Each circuit event will explore the difficulties of operating in a specific underground environment as teams compete for monetary prizes. The first will focus on human-made tunnel systems. The second will focus on underground urban environments such as mass transit and municipal infrastructure. The third will focus on naturally occurring cave networks.
The final event, planned for 2021, will put teams to the test with a course that incorporates diverse challenges from all three environments. The winner of the systems competition will take home a $2 million prize, while the winner of the virtual competition will earn a $750,000 prize. For additional information on the DARPA Subterranean Challenge please visit www.subtchallenge.com.
Registration will open August 15 for the competitors day to be held in Louisville, Kentucky. Event details are available at the Federal Business Opportunities website. Advance registration is required, and will close at noon EDT September 13 for on-site attendance and noon EDT September 19 for virtual attendance, or until capacity is reached. Additional registration information is available on the challenge website.
Please email questions to [email protected].
Image Caption: The DARPA Subterranean Challenge explores innovative approaches and new technologies to rapidly map, navigate, and search complex underground environments. Click below for high-resolution image.
# # #
General Dynamics Satellite Simulator Trains Space Mission Operators from Across the U.S. Department of Defense
SCOTTSDALE, Ariz -- General Dynamics Mission Systems received a contract from the U.S. Navy to restore and maintain a satellite system simulator for students at the Naval Postgraduate School, Spacecraft Research and Design Center / Adaptive Optics Center of Excellence. The simulator, a model of a Navy Fleet Satellite (FLTSAT) communications satellite, will help students hone their skills in managing the technical aspects of space systems including satellite command, control and communications and troubleshooting satellite and constellation anomalies.
"The General Dynamics Naval Satellite Operations Center (NAVSOC) team has worked with the Naval Postgraduate School for more than 10 years. Updating the simulator to perform just like the actual system is a tremendous training opportunity for these advanced degree students," said Manny Mora, a vice president and general manager of General Dynamics Mission Systems. "They will have a realistic, 'hands-on' learning experience, while we support the development of future U.S. Department of Defense space engineers and leaders."
The General Dynamics team also supports instructors teaching a wide range of space-related topics to Naval Postgraduate School students from across the U.S. Department of Defense. The academic programs include mastery of the technical aspects of space systems including design, development, installation and maintenance of spacecraft, space payloads, supporting earth stations, terminals and command, control and communications connectivity.
The General Dynamics NAVSOC team is located at Naval Air Station, Point Mugu, Calif., supporting the Navy's operation of the FLTSAT and Ultra-high Frequency Follow-on communication satellite constellations.
Recently, the team completed all on-orbit testing for the Navy's new Mobile User Objective System (MUOS) satellite communications system before it was turned over to the Navy for day-to-day operations.
The Naval Postgraduate School is a graduate university offering masters and doctoral degrees in more than 70 fields of study to the U.S. Armed Forces, Department of Defense civilians and international partners.
General Dynamics Mission Systems is a business unit of General Dynamics (NYSE: GD). For more information about General Dynamics Mission Systems, please visit gdmissionsystems.com and follow us on Twitter @GDMS.
SOURCE General Dynamics Mission Systems
BROOKLYN, N.Y., May 30, 2018 -- The NYU Tandon School of Engineering's Future Labsentrepreneurial network will bring together leading cybersecurity practitioners and researchers to explore the rapidly emerging promises and risks that artificial intelligence hold for cybersecurity.
Aimed at helping professionals at established enterprises, startups, and research institutions understand recent advancements in AI technology and how talent challenges play a role in the balance between progress and security, "Focus AI: Cybersecurity" is the latest in the Future Labs' speaker series for New York City's entrepreneurial community. It will take place on Monday, June 4, 2018, from 5 to 8 p.m. at the Midtown Manhattan offices of sponsoring partner PwC.
- Larry Trittschuh, chief security officer, Americas at Barclays
- Michael J. Landewe, co-founder of security firm Avanan
- Carol Lee, partner at PwC and leader of technology-sector initiatives
- Lucas Nelson, security expert and partner at venture fund Lytical Ventures and Kauffman Fellows
- Dawud Gordon, Ph.D, founder of behavioral biometrics startup TwoSense
- Damon McCoy, NYU Tandon assistant professor of computer science and engineering and a member of NYU'sCenter for Cybersecurity
McCoy's research focuses on empirically measuring the security and privacy of technology systems, and he recently received attention for his long-term study of ransomware, a type of malware that encrypts the files of infected hosts and demands payment for their restoration. It is timely work given that the Online Trust Alliance called 2017 "the worst year ever in data breaches and cyber incidents" worldwide, and the global costs of such attacks are expected to reach up to $6 trillion annually by 2021. McCoy has led numerous research investigations into cybercrime using large data sets.
The conference will provide an important forum for discussion about AI technologies, industry needs, and investment opportunities surrounding cyber risk, which Warren Buffett deemed a greater threat to mankind than nuclear weapons. With a recent survey showing that almost 40 percent of enterprise organizations already deploy AI-based security analytics to some extent, and that figure expected to steadily increase, cybersecurity providers are racing to implement advanced AI-driven solutions for their clients.
For more information or to register, visit https://goo.gl/JjPYQ9.
About the New York University Tandon School of Engineering
The NYU Tandon School of Engineering dates to 1854, the founding date for both the New York University School of Civil Engineering and Architecture and the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly). A January 2014 merger created a comprehensive school of education and research in engineering and applied sciences, rooted in a tradition of invention and entrepreneurship and dedicated to furthering technology in service to society. In addition to its main location in Brooklyn, NYU Tandon collaborates with other schools within NYU, one of the country's foremost private research universities, and is closely connected to engineering programs at NYU Abu Dhabi and NYU Shanghai. It operates Future Labs focused on start-up businesses in downtown Manhattan and Brooklyn and an award-winning online graduate program. For more information, visit http://engineering.nyu.edu.
SOURCE NYU Tandon School of Engineering
This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:
- a remote access tool (RAT), commonly known as Joanap; and
- a Server Message Block (SMB) worm, commonly known as Brambul.
The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and enable network exploitation. DHS and FBI are distributing these IP addresses and other IOCs to enable network defense and reduce exposure to any North Korean government malicious cyber activity.
This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on how to report incidents. If users or administrators detect activity associated with these malware families, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.
See the following links for a downloadable copy of IOCs:
NCCIC conducted analysis on four malware samples and produced a Malware Analysis Report (MAR). MAR-10135536.3 – RAT/Worm examines the tactics, techniques, and procedures observed in the malware. Visit MAR-10135536.3 – HIDDEN COBRA RAT/Worm for the report and associated IOCs.
According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. Users and administrators should review the information related to Joanap and Brambul from the Operation Blockbuster Destructive Malware Report  in conjunction with the IP addresses listed in the .csv and .stix files provided within this alert. Like many of the families of malware used by HIDDEN COBRA actors, Joanap, Brambul, and other previously reported custom malware tools, may be found on compromised network nodes. Each malware tool has different purposes and functionalities.
Joanap malware is a fully functional RAT that is able to receive multiple commands, which can be issued by HIDDEN COBRA actors remotely from a command and control server. Joanap typically infects a system as a file dropped by other HIDDEN COBRA malware, which users unknowingly downloaded either when they visit sites compromised by HIDDEN COBRA actors, or when they open malicious email attachments.
During analysis of the infrastructure used by Joanap malware, the U.S. Government identified 87 compromised network nodes. The countries in which the infected IP addresses are registered are as follows:
Malware often infects servers and systems without the knowledge of system users and owners. If the malware can establish persistence, it could move laterally through a victim’s network and any connected networks to infect nodes beyond those identified in this alert.
Brambul malware is a brute-force authentication worm that spreads through SMB shares. SMBs enable shared access to files between users on a network. Brambul malware typically spreads by using a list of hard-coded login credentials to launch a brute-force password attack against an SMB protocol for access to a victim’s networks.
Joanap is a two-stage malware used to establish peer-to-peer communications and to manage botnets designed to enable other operations. Joanap malware provides HIDDEN COBRA actors with the ability to exfiltrate data, drop and run secondary payloads, and initialize proxy communications on a compromised Windows device. Other notable functions include
- file management,
- process management,
- creation and deletion of directories, and
- node management.
Analysis indicates the malware encodes data using Rivest Cipher 4 encryption to protect its communication with HIDDEN COBRA actors. Once installed, the malware creates a log entry within the Windows System Directory in a file named mssscardprv.ax. HIDDEN COBRA actors use this file to capture and store victims’ information such as the host IP address, host name, and the current system time.
Brambul malware is a malicious Windows 32-bit SMB worm that functions as a service dynamic link library file or a portable executable file often dropped and installed onto victims’ networks by dropper malware. When executed, the malware attempts to establish contact with victim systems and IP addresses on victims’ local subnets. If successful, the application attempts to gain unauthorized access via the SMB protocol (ports 139 and 445) by launching brute-force password attacks using a list of embedded passwords. Additionally, the malware generates random IP addresses for further attacks.
Analysts suspect the malware targets insecure or unsecured user accounts and spreads through poorly secured network shares. Once the malware establishes unauthorized access on the victim’s systems, it communicates information about victim’s systems to HIDDEN COBRA actors using malicious email addresses. This information includes the IP address and host name—as well as the username and password—of each victim’s system. HIDDEN COBRA actors can use this information to remotely access a compromised system via the SMB protocol.
Analysis of a newer variant of Brambul malware identified the following built-in functions for remote operations:
- harvesting system information,
- accepting command-line arguments,
- generating and executing a suicide script,
- propagating across the network using SMB,
- brute forcing SMB login credentials, and
- generating Simple Mail Transport Protocol email messages containing target host system information.
Detection and Response
This alert’s IOC files provide HIDDEN COBRA IOCs related to Joanap and Brambul. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.
When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.
A successful network intrusion can have severe impacts, particularly if the compromise becomes public. Possible impacts include
- temporary or permanent loss of sensitive or proprietary information,
- disruption to regular operations,
- financial losses incurred to restore systems and files, and
- potential harm to an organization’s reputation.
DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:
- Keep operating systems and software up-to-date with the latest patches. Most attacks target vulnerable applications and operating systems. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
- Maintain up-to-date antivirus software, and scan all software downloaded from the internet before executing.
- Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of least privilege to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
- Scan for and remove suspicious email attachments. If a user opens a malicious attachment and enables macros, embedded code will execute the malware on the machine. Enterprises and organizations should consider blocking email messages from suspicious sources that contain attachments. For information on safely handling email attachments, see Using Caution with Email Attachments. Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.
- Disable Microsoft’s File and Printer Sharing service, if not required by the user’s organization. If this service is required, use strong passwords or Active Directory authentication. See Choosing and Protecting Passwords for more information on creating strong passwords.
- Enable a personal firewall on organization workstations and configure it to deny unsolicited connection requests.
Response to Unauthorized Network Access
Contact DHS or your local FBI office immediately. To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC ([email protected] or 888-282-0870), FBI through a local field office, or FBI’s Cyber Division ([email protected] or 855-292-3937).
- May 29, 2018: Initial version