source: military.com

HURLBURT FIELD, Florida -- Even as the Pentagon leverages new high-end technologies for potential battles against near-peer rivals, officials say operations forces flying manned intelligence-gathering planes still have a role to play.

The U-28A aircraft, for example, has intrinsic value in today's ongoing counterterrorism operations, officials said.

 

The intelligence, surveillance and reconnaissance mission is "not platform-centric, for one. … It is exquisite for both ends of the spectrum," said Air Force Secretary Heather Wilson, referring to both high and low-end capability.

"You can see there are places in the world where we enable our allies and partners to be able to train and use those kind of capabilities," she said. Military.com recently accompanied Wilson on a tour of Air Force Special Operations Command here.

"At the same time, in this same command, in crisis or war … using this exquisite capability to create strategic effects is really clear," she said.

Officials have questioned whether some aircraft can survive in a contested environment, with Wilson making the case to divest aircraft such as the E-8CJoint Surveillance Target Attack Radar System because it remains vulnerable.

AFSOC's U-28A -- a small, repurposed Pilatus PC-12 aircraft used for ISR -- falls under nonstandard aviation, often landing in tiny, semi-prepared airfields and flying in remote areas of the world.

But crew members have made the case it should stick around.

 source: wired.com

IT'S A TRUISM by now that the federal government struggles with cybersecurity, but a recent report by the White House's Office of Management and Budget reinforces the dire need for change across dozens of agencies. Of the 96 federal agencies it assessed, it deemed 74 percent either "At Risk" or "High Risk," meaning that they need crucial and immediate improvements.

While the OMB findings shouldn't come as a complete shock, given previous bleak assessments—not to mention devastating government data breaches—the stats are jarring nonetheless. Not only are so many agencies vulnerable, but over half lack even the ability to determine what software runs on their systems. And only one in four agencies could confirm that they have the capability to detect and investigate signs of a data breach, meaning that the vast majority are essentially flying blind. "Federal agencies do not have the visibility into their networks to effectively detect data exfiltration attempts and respond to cybersecurity incidents," the report states bluntly.

Perhaps most troubling of all: In 38 percent of government cybersecurity incidents, the relevant agency never identifies the "attack vector," meaning it never learns how a hacker perpetrated an attack. "That’s definitely problematic," says Chris Wysopal, CTO of the software auditing firm Veracode. "The whole key of incident response is understanding what happened. If you can’t plug the hole the attacker is just going to come back in again."

Producing the "Risk Determination Report and Action Plan" was a requirement of the Trump administration's May cybersecurity Executive Order, and while passing the EO was a positive step in terms of prioritizing digital defense, progress overall has been mixed. The report also comes at a time when the White House has been sending conflicting messages about its focus on cybersecurity—last month the Trump administration eliminated its top two cybersecurity policy and management leadership roles including one that specifically oversaw federal government cybersecurity.

 source:  cnet.com

Researchers at MIT have created a new wireless transmitter that frequency hops an individual 1 or 0 bit of a data packet every microsecond.

That's "fast enough to thwart even the quickest hackers," MIT said in a statement.

Frequency hopping isn't new. The actress Hedy Lamarr is credited with inventingthe technology that became the forerunner of BluetoothWi-Fi and GPS. But where frequency hopping traditionally sends data packets containing thousands of individual bits on a random, unique radio frequency, MIT's transmitter can send packets comprising a single bit.

But that's not all. Researchers also developed a wireless protocol to support the ultrafast hopping. Their research could eventually help safeguard the billions of connected devices -- collectively known as the "internet of things" -- that are currently vulnerable to attack.

 

The transmitter "could help secure medical devices, such as insulin pumps and pacemakers, that could be attacked if a hacker wants to harm someone," Rabia Tugce Yazicigil, co-author of the MIT paper, said in the statement. "When people start corrupting the messages [of these devices] it starts affecting people's lives."

As more devices connect and collect data, keeping that data secure becomes increasingly important. And while consumer attention has lately focused on high-profile scandals like Facebook's Cambridge Analytica snafu and more recently, Google's ties to Chinese tech company Huawei, protecting devices connected over the internet may be a far larger problem.

Security researchers have been warning about this issue for years, but the number of threats is only getting worse, since few device makers are building security into their connected cameras, appliances, medical devices or toys. Earlier this week, Amazon pulled CloudPets, a smart toy that researchers said was riddled with security flaws, from its online store.

The MIT researchers will be presenting their paper at next week's IEEE Radio Frequency Integrated Circuits Symposium in Philadelphia.

 source:  thecipherbrief.com

In my thirty-four years in law enforcement, I met with many confidential human sources working against terrorism, counter intelligence and violent crime targets.  I met them in inner city neighborhoods, rural small towns and a number of countries overseas.  The meetings often took place late at night, in the front seat of cars, in parking lots and on darkened one-way streets.  Sometimes the meetings were hurried, stressed and transactional.  But often the debriefings I conducted had a slow, methodical conversational tone.  Talking, and more importantly listening, helped tease out the subtle observations and impressions of the sources.  It also helped dissipate the anxiety and adrenaline that they felt after covertly meeting with violent criminals and terrorists.  My goal was to reassure them that their safety was my, and by extension the FBI’s, primary concern.  If the identity of the source were revealed, lives would be in danger.

The formal title that the FBI uses for people who provide the bureau with information about criminal activity or intelligence information is Confidential Human Source (CHS).  Other law enforcement and intelligence agencies may use the term Confidential Informant or Asset, but they are never called a “spy”.

The recent revelations that the identity and operational details of an FBI source were disclosed for political purposes is very disturbing.  This act breaks with longstanding tradition, tradecraft and policy.  It will have a chilling effect on efforts to recruit human sources in the future, particularly if they feel their identity is not going to be protected.

Protecting sources and methods are two areas where law enforcement and intelligence share a common goal.  All U.S. Government agencies operating human sources go to great lengths to protect the people and techniques used to penetrate and collect information on dangerous targets or groups, which pose a threat to the United States.  The FBI procedures are rigorous and meticulous.  The bureau’s Confidential Human Source Policy Guide is classified and contains over one hundred pages of rules and regulations concerning all aspects of operating a CHS.  In the FBI, all information about a human source’s identity and reporting is classified at a minimum at the “Secret” level, regardless of the type of target covered by the source, this is done to ensure the confidentiality of the source’s identity and the information provided.