Tuesday, February 22, 2022

Free Cybersecurity Services and Tools | CISA

Free Cybersecurity Services and Tools | CISA

cisa.gov

Free Cybersecurity Services and Tools



US Department of Homeland Security CISA Cyber + Infrastructure


Free Cybersecurity Services and Tools Banner

As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future.

The list is not comprehensive and is subject to change pending future additions. CISA applies neutral principles and criteria to add items and maintains sole and unreviewable discretion over the determination of items included. CISA does not attest to the suitability or effectiveness of these services and tools for any particular use case. CISA does not endorse any commercial product or service. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA.

Foundational Measures

All organizations should take certain foundational measures to implement a strong cybersecurity program:

  • Fix the known security flaws in software. Check the CISA Known Exploited Vulnerabilities (KEV) Catalog for software used by your organization and, if listed, update the software to the latest version according to the vendor’s instructions. Note: CISA continually updates the KEV catalog with known exploited vulnerabilities.
  • Implement multifactor authentication (MFA). Use multifactor authentication where possible. MFA is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before the service grants you access. Using MFA protects your account more than just using a username and password. Why? Because even if one factor (like your password) becomes compromised, unauthorized users will be unable to meet the second authentication requirement, ultimately stopping them from gaining access to your accounts.
  • Halt bad practices. Take immediate steps to: (1) replace end-of-life software products that no longer receive software updates; (2) replace any system or products that rely on known/default/unchangeable passwords; and (3) adopt MFA (see above) for remote or administrative access to important systems, resources, or databases.
  • Sign up for CISA’s Cyber Hygiene Vulnerability Scanning. Register for this service by emailing vulnerability@cisa.dhs.gov
  • . Once initiated, this service is mostly automated and requires little direct interaction. CISA performs the vulnerability scans and delivers a weekly report. After CISA receives the required paperwork, scanning will start within 72 hours and organizations will begin receiving reports within two weeks. Note: vulnerability scanning helps secure internet-facing systems from weak configurations and known vulnerabilities and encourages the adoption of best practices.
  • Get your Stuff Off Search (S.O.S.). While zero-day attacks draw the most attention, frequently, less complex exposures to both cyber and physical security are missed. Get your Stuff Off Search–S.O.S.–and reduce internet attack surfaces that are visible to anyone on web-based search platforms.

Free Services and Tools

After making progress on the measures above, organizations can use the free services and tools listed below to mature their cybersecurity risk management. These resources are categorized according to the four goals outlined in CISA Insights: Implement Cybersecurity Measures Now to Protect Against Critical Threats:

  1. Reducing the likelihood of a damaging cyber incident;
  2. Detecting malicious activity quickly;
  3. Responding effectively to confirmed incidents; and
  4. Maximizing resilience.

Reducing the Likelihood of a Damaging Cyber Incident

Take Steps to Quickly Detect a Potential Intrusion

Ensure That The Organization is Prepared to Respond if an Intrusion Occurs

Maximize the Organization's Resilience to a Destructive Cyber Incident

 

Tuesday, February 1, 2022

UNDERWATER AUTONOMY | ADBR

UNDERWATER AUTONOMY | ADBR: Regional advances in underwater autonomous devices Back in 1957, Britain’s Defence White Paper saw a future in which the supremacy of guided missile systems meant the era of the manned…

adbr.com.au

UNDERWATER AUTONOMY | ADBR

by Max Blenkin

(BOEING)

Regional advances in underwater autonomous devices

Back in 1957, Britain’s Defence White Paper saw a future in which the supremacy of guided missile systems meant the era of the manned fighter aircraft was effectively over. That turned out to be somewhat premature – as we well know, human-piloted combat aircraft are still around.

Some analysts are saying much the same about crewed submarines, that emerging sensors will make the sea “transparent,” eliminating the fundamental submarine stealth advantage, and that uncrewed surface and underwater hunter-killer systems will be so effective that traditional submarines won’t stand a chance in the conflict of the future.

Uncrewed aerial system (UAS) perform many useful functions, including surveillance and strike. Air combat of the future will feature crewed aircraft such as F-35 and Super Hornet operating in conjunction with UAS such as Boeing’s Loyal Wingman.

The war under the sea will likely be much the same, with a growing role for Unmanned (uncrewed) Underwater Vehicles (UUVs). 

The Royal Australian Navy already operates UUVs performing underwater survey and mine clearance. Collins class submarines – now destined for many more years of service – will likely soon go to sea with an onboard UUV in a Loyal Wingman-type role, as will their nuclear-powered successors.

The roles of UUVs will likely soon expand – from surveying, sensing for surface and submarine threats and, if need be, serving as a decoy, to ultimately go to war in their own right, fighting autonomously against adversary crewed and uncrewed platforms.

With Australia now embarking on the long journey to acquire nuclear subs, a number of commentators have suggested we should also acquire a large UUV such as the Boeing Orca (title pic), now in trials with the US Navy.

Orca is a development of the Echo Voyager, a fully autonomous 15.5 metre 45 tonne UUV, able to dive to depths of 3,000 metres and cover 6,500 nautical miles. Power is diesel-electric with lithium-ion batteries.

With no requirement to accommodate humans, uncrewed submarines can be simple and compact. The US Navy has big ideas for Orcas which could perform surveillance and intelligence gathering, mine countermeasures, anti-surface warfare, anti-submarine warfare, electronic warfare, and strike missions. 

So far it has ordered five at a price of US$274.4m (A$366.5m) – much cheaper than any crewed platform.

“The RAN, working in early, close partnership with the US Navy and US and Australian industrial partners to develop and field the Orca, and make a range of different payloads for it, is the path that is likely to bring the most undersea combat power most quickly to Australia’s military,” wrote Australian Strategic Policy Institute (ASPI) senior analyst Michael Shoebridge in March.

That was before the government announced Australia would acquire nuclear submarines (see article on page 26), when it seemed the new conventionally-powered Attack class boats were unlikely to enter service before the mid-2030s. But the new nuclear subs are likely to be even further away. Meanwhile Australia’s submarine capabilities will be delivered by upgraded but increasingly ageing Collins boats (see article on page 30).

Bluefin 12 UUV

CHINA
Shoebridge said it was unfortunately obvious that even the most sophisticated crewed submarine would need to work with a range of sensors and other systems including UUVs if it was to operate safely and effectively against adversary systems like China was already fielding. “That’s probably true right now in a place like the South China Sea, and it’ll only get more manifestly obvious between now and 2035,” he said.

Unsurprisingly, China says little about its own UUV capabilities, manifested through occasional display of vessels on the back of trucks during various military parades, or through Indonesian fishermen netting glider-like surveillance UUVs as far south as the Java Sea.

China is developing a range of UUVs for different applications. The largest seems to be the Haishen 6000, a 3.5-tonne eight-metre prototype reportedly capable of diving to 6,000 metres.

How good are Chinese UUVs? We just don’t know. It does appear that China’s most mature capabilities are in marine surveying and reconnaissance, but growing competencies in artificial intelligence (AI) would appear to have significant implications for its future UUV capabilities. That’s because any UUV, unless tethered to a mother vessel, is effectively on its own.

That’s fine for conducting defined brief missions such as mine clearance, but for extended operations as will be performed by Orca, the vessel needs to make its own decisions without regular input from an operator.

UUVs face the same communication constraints as regular submarines. Radio works fine on the surface but only transmissions at Very Low and Extremely Low Frequencies (VLF/ELF) can reach subs at operational depths. And those transmissions are one way – the sub can’t respond until it surfaces – are slow, have low bandwidth, and require vast onshore infrastructure, such as the Harold E. Holt Naval Communications Station in Western Australia.

A Royal Australian Navy Bluefin 9. (ADF)

AUSTRALIAN UUVs
It may not be particularly visible or widely known, but the Royal Australian Navy has a strong interest in UUV technology, and has maintained a close watch on developments and already fields a number of systems.

Late last year, the Navy released its Robotics, Autonomous Systems, and Artificial Intelligence (RAS-AI) Strategy. While the strategy doesn’t single-out specific technologies, it does identify common enablers required to make the Navy RAS-AI ready. 

It says some technology is available now, able to conduct simple well-defined missions, with human oversight. But by 2030, technologies will be maturing, able to perform missions independently, automatically adapting to changing situations. And by 2040, systems will feature advanced understanding of scenes from their sensors, an ability to perform ideas-based reasoning, and able to navigate in dense and dynamic environments.

In the near term, UUVs will be able to track submarines in support of ASW operations, conduct long-endurance ISR, navigation and networking, and attack surface vessels. Further out, UUVs will be able to perform time-critical strikes from a submerged platform against land targets.      

With a vast area of interest and limited platforms and personnel, the Navy is looking to autonomous systems to generate mass and tempo on a scale it otherwise could not achieve.

The Navy first used remotely operated systems more than three decades ago with a surface system to tow targets. Minehunters – the old Bay class and the Huon class – both used tethered UUVs to hunt sea mines. Next generation mine-hunting systems – which are on the way through Project SEA 1905 – will use more sophisticated UUVs to ensure humans and valuable vessels go nowhere near minefields.

For deployable mine countermeasures, the RAN currently operates the 70kg General Dynamics Bluefin 9 and the 213kg Bluefin 12, while actual mine disposal is performed by the Sonartech Atlas Seafox, an expendable UUV which destroys itself and the mine. For rapid environmental assessment of a harbour or landing beach, the Navy will use a pair of 37kg REMUS 100 UUVs.

Submarines of the future – ours, those of allies, and adversaries – will be equipped with onboard UUVs, now an emerging capability. 

Long before they retire, Australia’s Collins boats will go to sea with embarked UUVs, possibly the in-service Bluefin 12 or its larger sibling, the Bluefin 21, a 750kg long-endurance UUV able to reach depths of 4,500 metres.

Launching such UUVs is not a problem – Bluefin 21 is 21 inches in diameter, the same as a standard torpedo tube. Smaller UUVs can swim right out, although the US Navy is investigating sabot systems. But recovery is more problematic, as UUVs can’t easily swim back down the torpedo tube, though that may come. 

Various underwater recovery systems have been proposed, among them using divers to manually retrieve the UUV or a remotely operated deck-mounted capture arm. Under the US Navy’s Snakehead program, the dry deck shelter which is used for deploying SEALs and their swimmer vehicles, will be modified for launch and recovery of large UUVs.

Australia has good understanding of allied capabilities thanks to the Autonomous Warrior exercise series which Navy describes as its flagship program to demonstrate, evaluate, and trial emerging systems at various technical readiness levels.

Autonomous Warrior 2018, which followed Unmanned Warrior 2016 in Scotland, was held in Jervis Bay and involved realistic trials of 77 air, surface, and underwater platforms and systems from various nations and Australian and overseas companies.

The most recent AW activity was a virtual conference held in June and hosted by Warfare Innovation Navy.. 

Atlas Seafox. (SONARTECH)

This article appeared in the Sep-Dec 2021 issue of ADBR.

 

Undersea Combat Includes Way More Than Submarines | SIGNAL Magazine

Undersea Combat Includes Way More Than Submarines | SIGNAL Magazine

#Undersea warfare is a lot more than just #submarine versus submarine. My job is to make sure our undersea forces—and that includes our ballistic missile submarines, our attack submarines, our carrier strike group ASW [anti-submarine warfare] forces, maritime patrol aircraft, fixed systems, #unmanned and #autonomous systems, all of that—are able to integrate as part of an undersea battle force,” explains Rear Adm. Richard Seif, USN, https://lnkd.in/ggG3CRd3 commander, Undersea Warfighting Development Center (UWDC), Groton, Connecticut https://lnkd.in/g4PAqt4Y.

“Given constraints on the number of submarines we may be able to afford as a country, frankly, the ability to deploy unmanned systems as a system-of-systems approach is going to be critical. And then #artificialintelligence and #machinelearning for that decision superiority and data-driven decision making, I think all fits together,” he asserts.

The UWDC is exploring a variety of unmanned systems for the undersea mission. “We’re making tremendous progress on a whole family of systems, everything from small, unmanned vehicles to fully autonomous vehicles, able to carry a variety of payloads. We certainly see that as not just a need but a real value to the force to be able to integrate unmanned systems for everything from wide area search to surveys to delivering effects if we need to,” he says.

Novel AI System Achieves 90% Accuracy in Detecting Drone Jamming Attacks

Loss convergence analysis using test data under LoS and NLoS conditions     Novel AI System Achieves 90% Accuracy in Detecting Drone Jamming...