bianca maria @gicat@nanao.cybtex.fr
.o>
Inscrit·e en fév. 2021
L'accord-cadre conclu avec la filiale Technology Services de Capgemini pour une durée de 6 ans confie l'infogérance du domaine numérique de la DGA à un prestataire unique.
https://www.forcesoperations.com/nouveau-succes-majeur-avec-les-armees-francaises-pour-capgemini/
The Secretary of Homeland #Security has issued a new National Terrorism Advisory System (NTAS) Bulletin regarding the current heightened threat environment across the 🇺🇸 United States.
The Homeland continues to face a diverse and challenging threat environment leading up to and following the 20th Anniversary of the September 11, 2001 (#911) attacks as well religious holidays we assess could serve as a catalyst for acts of targeted violence.
These #threats include those posed by domestic terrorists, individuals and groups engaged in grievance-based #violence, and those inspired or motivated by foreign #terrorists and other malign foreign influences. These actors are increasingly exploiting #online forums to influence and spread violent extremist narratives and promote violent activity. Such threats are also exacerbated by impacts of the ongoing global #pandemic, including grievances over public #health safety measures and perceived #government restrictions.
Duration
Issued: August 13, 2021 02:00 pm
Expires: November 11, 2021 02:00 pm
https://www.dhs.gov/sites/default/files/ntas/alerts/21_0813_ntas_bulletin_all-sectors.pdf
Peraton, Inc (peraton.com) has been awarded a nearly $1 billion task order (TO) to provide the Department of Defense (DoD), U.S. Central Command (USCENTCOM) and its mission partners with operational planning, implementation, and assessment services (OPIAS) to achieve operational advantages in the information space and to counter threats to U.S. national security. The TO is worth up to $979 million over a five-year period. Under OPIAS, Peraton will increase the ability of USCENTCOM and its mission partners to coordinate, collaborate, and fuse information related capabilities (IRC), and information operations (IO) through effective messaging. Peraton will also drive innovation to boost IO capabilities, helping the U.S. extend its competitive advantage to achieve national security objectives.
« Since 2016, Peraton has executed campaigns to promote regional security and stability. Our ability to provide the U.S. government with insight, expertise, and influence helps ensure the safety of Americans, our allies, and the more than 550 million people under USCENTCOM area of responsibility, spanning three continents and 20 nations. » ( Tom Afferton, president, Cyber Mission )
Peraton has supported this work since 2016 under USCENTCOM's Counter Threat Messaging Support Program (CTMSP). OPIAS represents a nearly 100 percent increase over the CTMSP TO in the work scheduled to be executed.
On July 19, 2021, the U.S. Department of Justice (DOJ) unsealed an indictment against four APT40 #cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun #Technology Development Company (Hainan Xiandun).
Hainan Xiandun employee Wu Shurong cooperated with and carried out orders from PRC Ministry of State Security (MSS) Hainan State Security Department (HSSD) intelligence officers Ding Xiaoyang, Zhu Yunmin, and Cheng Qingmin to conduct CNE.
Wu's CNE activities resulted in the theft of trade secrets, intellectual property, and other high-value information from companies and organizations in the United States and abroad, as well as from multiple foreign governments.
These MSS-affiliated actors targeted victims in the following #industries : #academia, #aerospace, #aviation, #biomedical, #defense #industrial base, #education, #government, #healthcare, #manufacturing, #maritime, #research #institutes, and #transportation (#rail and #shipping).
July 19, 2021
Compromise & exploitation of the Microsoft Exchange server undermined the security and integrity of thousands of computers and #networks worldwide, including in the member states and EU institutions.
Activities can be linked to the hacker groups known as #APT40 & #APT31 and have been conducted from the territory of China for the purpose of intellectual property theft and espionage.
The #US has long been concerned about the People's Republic of China's (PRC) irresponsible & destabilizing behavior in cyberspace.
An unprecedented group of allies and partners - including the European Union, the #UK, and #NATO - are joining the U.S in exposing and criticizing the PRC's malicious cyber activities.
The PRC's pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world. Today, countries around the world are making it clear that concerns regarding the PRC's malicious cyber activities is bringing them together to call out those activities, promote #network defense and #cybersecurity, and act to disrupt #threats to our #economies and #national #security.
Attributing with a high degree of confidence that malicious cyber actors affiliated with PRC's Ministry of State Security (MSS) conducted #cyber #espionage operations utilizing the zero-day vulnerabilities in #Microsoft #Exchange #Server disclosed in early March 2021.
We are aware that PRC government-affiliated cyber operators have conducted #ransomware operations against private #companies that have included ransom demands of millions of dollars. The PRC's unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts.
D3FEND, a MITRE research project funded by the NSA, improves the #cyber security of NSS, DoD, and the DIB by providing defensive countermeasures for common offensive techniques.
Integrating Gender into Cybersecurity & New Technologies in the Fight Against Terrorism
Battling terrorists resulted in knowledge to fight near-peer adversaries.
Lessons learned in combating terrorist organizations have proved valuable to tailoring national defense techniques to use against #cyber attacks from near-peer adversaries, including China and Russia.
« It's easy to see how the scale of the challenge has increased over that time from non-nation-state actors to nation-state adversaries, and how we're going to prosecute our operations in competition, crisis and, if necessary, conflict in the future » ( Gen. Paul M. Nakasone )
Recent experience demonstrates that the threats to data and networks has changed dramatically in scope, scale and sophistication.
« Think about the past 150 days :
- We've seen supply chain attacks.
- We've seen zero-day vulnerabilities.
- We've seen #ransomware #malware »
Technology is key to #cybersecurity.
« We have a lot of work to do, but we have good partnerships. » ( Gen. Paul M. Nakasone )
https://www.afcea.org/content/past-can-profit-cyber-planning #terrorism
The interview focused on European Defense industry, blue water cooperation, cyber and even space, and included Florence Parly's opinion on what the French take is on this on the eve of the French presidency of the EU.
« We can see that the players in that domain are testing us by attacking an IT hospital system and step by step they will probably attack more vital, even more vital organization or systems. There is absolutely no borders for cyber attacks. » ( Florence Parly )
Extrait relatif au volet cyber de l'interview du 25 juin 2021 à l'ambassade de France aux Pays-Bas.
Planned for 2023, Exercise Orion is a full-scale divisional exercise that will last several days, based probably out of camps at Suippes, Mailly & Mourmelon.
In the forests and plains of the Champagne-Ardenne region, where once the great powers went into battle, the French armed forces are beginning to prepare for the return of a major conflict.
It will involve the full range of French military capacity on a scale not tested for decades.
The drill will include command-post exercises, hybrid scenarios, simulation and live-fire drills.
That represents a seismic shift for French forces.
« We absolutely have to prepare for a more dangerous world » ( General Thierry Burkhard )
- A revoir : Supériorité opérationnelle 2030
Actualisation de la LPM 2019-2025
Le périmètre d'ajustement 2021 s'établit à 1 milliard €
Les surcoûts non prévus sont associés à un nombre restreint de PEM, comme par exemple l'accélération de programmes dans le renseignement et le cyber, la pérennisation Leclerc, la cession de Rafale d'occasion consécutivement à l'export grec, le plan ministériel en faveur du plan de soutien à l'aéronautique et du service de santé des armées suite aux enseignements tirés de la crise de la Covid.
ParisAirForum - Bourget
Defense Industry Base (DIB) / Base Industrielle & Technologique de Défense (BITD)
China has now taken its place, alongside Russia, Iran and North Korea… providing a safe haven for cyber criminals in exchange for those criminals being « on call » to work for the benefit of the state.
The lines between nation-state objectives and financially-motivated cybercrime have continued to blur as the relationship between profit and espionage has grown, particularly within the cybercrime underground.
https://www.intel471.com/blog/cybercrime-russia-china-iran-nation-state
RUSI Land Warfare Conference 2021
If war breaks out, states will need to leverage emerging technologies and prioritise speed, range and precision-strike.
As the complexity of military systems increases, allies will need to work collaboratively to remain at the cutting edge of manned-unmanned teaming and artificial intelligence.
There is a critical need for armies to be able to integrate their capabilities and people to be more than the sum of their parts, and to integrate with partners, allies and industry.
« Transformation from mechanisation to digitisation is going to be significant ; from hardware to software. Conventional and unconventional capabilities will come together in hybrid combination ; boots to bots, proxies to pixels. »
https://www.army.mod.uk/news-and-events/news/2021/06/cgs-rusi-speech/
flashcard learning apps are popular digital learning tools that show questions on one side and answers on the other.
By simply searching online for terms publicly known to be associated with nuclear weapons, Bellingcat, an independent international collective of researchers, investigators and citizen journalists, was able to discover cards used by military personnel serving at all six European military bases reported to store nuclear devices.
However, the flashcards studied by soldiers tasked with guarding these devices reveal not just the bases, but even identify the exact shelters with « hot » vaults that likely contain nuclear weapons.
They also detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have.
These findings represented serious breaches of security protocols and raised renewed questions about U.S nuclear weapons deployment in Europe.
China and Russia are conducting malicious cyber campaigns to erode U.S. military advantages, threaten U.S. infrastructure and reduce U.S. economic prosperity.
North Korea poses a significant threat to the international financial and commercial sectors by sponsoring cyber exploitation of financial institutions to illicitly acquire funding and evade U.S. and United Nations sanctions.
Iran has demonstrated the capability and intent to strike in its region and against the United States in cyberspace.
By operating in cyberspace, adversaries can cause damage while operating below the level of armed conflict, and they are targeting economies, critical infrastructure and electoral processes.
Adversaries have launched persistent malicious cyber campaigns to erode military advantages and increasingly leverage social media to carry out and influence operations. They also steal defense secrets, intellectual property and personally identifiable information.
We must raise the bar. We must be resilient, and we must act.
Our success in the new era of strategic competition will rely, in part, on our ability to develop partnerships of all kinds that acknowledge shared risks, shared goals and shared solutions.
Many countries have incorporated offensive cyber operations into their overall geopolitical strategies, but North Korea was among the first nations to leverage its government hacking capabilities in the cybercrime arena.
Pyongyang uses it as an all-purpose sword to carry out a range of interconnected geopolitical and financial objectives.
North Korea is already cut off from most forms of international commerce by U.S. and global economic sanctions, so it have little to lose by engaging in aggressive offensive operations against other nations.
In the early 2000s, North Korean intelligence agencies like the Reconnaissance General Bureau « pioneered » the concept of destructive cyberattacks.
The country's innovation can even fool some cybersecurity experts..
2021 RSA Conference - What makes North Korean hacking groups more creative ?
President Biden has made strengthening U.S. cybersecurity capabilities a top priority and has already taken action to advance it, including with last week's Executive Order. The American Jobs Plan will build on that work and deliver resilient infrastructure for the American people, including a renewed electric grid. Cybersecurity is a core part of resilience and building infrastructure of the future, and the American Jobs Plan will allocate opportunities and resources to bolster cyber defenses.
In China & Russia, the teams that work on cyber warfare against our nation are full-time in-house, dedicated scientist-soldiers, who stay with their teams for decades. Their management infrastructure is not nearly so dispersed and vulnerable to turn-over, corruption, and other counter-intelligence operations.
.o>
Inscrit·e en fév. 2021
