The Marine Corps has selected several companies to bid on task orders that will allow warfighters to transmit secure on-the-move command-and-control and situational awareness data, including sending classified information through commercial smartphones and tablets.

The infantry community has long wanted to use wireless commercial devices for dismounted Marines for reference and tactical sharing. The Marine Common Handheld program will provide the Marine Air Ground Task Force secure mobile computing at the tactical edge enabling tactical combat, combat support and combat service support commanders, leaders and key command and control nodes by using digital communications.

At least two companies have announced they are eligible for task orders under the indefinite delivery-indefinite quantity contract: PacStar and iGov Technologies. The total value of the contract is $48 million.

iGov was awarded $4.4 million in the first delivery for the program.

In a May 21 announcement, PacStar said its portion of the award consists of components from the company’s Secure Wireless Command Post to be used for network infrastructure, encryption and cybersecurity. Specifically, PacStar’s system will provide secure, encrypted access to classified networks for smart mobile devices in the tactical network.

The Marines requested modular, man-portable equipment suite allowing units to quickly acquire targets in day, night and near all-weather visibility conditions as well as control close air support and artillery.

https://www.c4isrnet.com/c2-comms/2019/05/22/marines-want-their-phones-and-tablets-to-handle-classified-data/

WASHINGTON — The hacking of U.S. election systems, including by foreign adversaries, is inevitable, and the real challenge is ensuring the country is resilient enough to withstand catastrophic problems from cyber breaches, government officials said Wednesday.

The comments by representatives from the departments of Justice and Homeland Security underscored the challenges for federal and state governments in trying to ward off interference from Russia and other countries in the 2020 election. Special counsel Robert Mueller has documented a sweeping effort by Moscow to meddle in the 2016 election in Donald Trump's favor by hacking Democrats and spreading disinformation online, and FBI Director Chris Wray said in April that the government regarded last November's midterm election was "as just kind of a dress rehearsal for the big show in 2020."

Adam Hickey, a deputy assistant attorney general in the Justice Department's national security division, told a House Oversight and Reform subcommittee that hacking was "inevitable."

"Systems that are connected to the Internet, if they're targeted by a determined adversary with enough time and resources, they will be breached," Hickey said. "So, we need to be focusing on resilience."

"We need to take a breath. We need to let the states evaluate it. We need to let investigators respond, and we need to have confidence in our elected representatives and our state officials that they've got this, because they deal with contingencies … all the time," he added. "If we undermine ourselves, the confidence in our system, we will be doing our adversaries' work for them."

Chris Krebs, head of DHS' cyber efforts, echoed the message, saying, "100 percent security is not the objective. It's resilience of the system. So even if you do have a bad day, it's not a catastrophic day."

Officials also said they were confident that Russian hacking that targeted voter databases of two Florida counties before the 2016 election had no impact on the vote total there. An intrusion detection system is already configured in 66 of 67 counties in the state, "and the 67th is in the process of doing so right now," Krebs said. Still, some lawmakers, including Rep. Debbie Wasserman Schultz of Florida, the former chairwoman of the Democratic National Committee, said they were disappointed that the FBI had not publicly identified the two counties that were hit.

"The lack of transparency from top to bottom in this administration is stunning, and it diminishes voters' confidence in our election system," she said.

Representatives from major technology companies, including Facebook, Google and Twitter, also testified at the hearing.

"Facebook cares deeply about protecting the integrity of the democratic process," said Nathan Gleicher, the company's head of cybersecurity policy. "We don't want anyone using our tools to undermine our elections or democracy."

He said Facebook has more than 30,000 people working on safety and security across the company, three times as many as it had in 2017.

https://www.fifthdomain.com/critical-infrastructure/2019/05/22/us-officials-say-foreign-election-hacking-is-inevitable/

Written by Shannon Vavra

MAY 21, 2019 | CYBERSCOOP

The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop.

Researchers from Kaspersky Lab and ZoneAlarm, a software security company run by Check Point Technologies, tell CyberScoop they have linked the malware with APT28, the same hacking group that breached the Democratic National Committee during the 2016 election cycle.

A variant of the malware is being used in ongoing attacks, hitting targets as recently this month. The targets include Central Asian nations, as well as diplomatic and foreign affairs organizations, Kaspersky Lab’s principal security researcher Kurt Baumgartner tells CyberScoop.

While ZoneAlarm can’t confirm the targets the attack is focused on, the company detected the specific malware hash in an active attack in the Czech Republic last week, Lotem Finkelsteen, ZoneAlarm’s Threat Intelligence Group Manager, tells CyberScoop.

“Although we cannot confirm such an attack, Finkelsteen said, referring to the Kaspersky intelligence, “we think it is possible APT28 manages several efforts simultaneously.”

Baumgartner did not share when APT28, also known as Sofacy or Fancy Bear, first started using the malware, but said the module was compiled last July.

Cyber Command, which shared the malware sample as part of its effort to boost information sharing, did not announce when it uncovered this particular malware sample and did not attribute it to any group.

When it was first posted to VirusTotal, Kaspersky Lab and ZoneAlarm were the only anti-virus engines that flagged the file as malicious. As of this article’s publication, 41 of the 71 engines tracked by VirusTotal detect the malicious file.

According to Kaspersky Lab, the malware resembles XTunnel, a tool APT28 used to breach the DNC in 2016. It also has a few components in common with SPLM/XAgent, according to Baumgartner.

ZoneAlarm research links the malware sample to XTunnel as well.

-MORE-

https://www.cyberscoop.com/cyber-command-virustotal-apt28-kaspersky-zonealarm/