The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Archives for cyber incidents

April 3, 2018 By AMK

Researchers at Georgia Tech design robot to defend factories against cyberthreats

It’s small enough to fit inside a shoebox, yet this robot on four wheels has a big mission: keeping factories and other large facilities safe from hackers.
Cybersecurity experts have a new tool in the fight against hackers – a decoy robot. Researchers at Georgia Tech built the “HoneyBot” to lure hackers into thinking they had taken control of a robot, but instead the robot gathers valuable information about the bad actors, helping businesses better protect themselves from future attacks.

Meet the HoneyBot. 

Developed by a team of researchers at the Georgia Institute of Technology, the diminutive device is designed to lure in digital troublemakers who have set their sights on industrial facilities. HoneyBot will then trick the bad actors into giving up valuable information to cybersecurity professionals.

The decoy robot arrives as more and more devices – never designed to operate on the Internet – are coming online in homes and factories alike, opening up a new range of possibilities for hackers looking to wreak havoc in both the digital and physical world.

“Robots do more now than they ever have, and some companies are moving forward with, not just the assembly line robots, but free-standing robots that can actually drive around factory floors,” said Raheem Beyah, the Motorola Foundation Professor and interim Steve W. Chaddick School Chair in Georgia Tech’s School of Electrical and Computer Engineering. “In that type of setting, you can imagine how dangerous this could be if a hacker gains access to those machines. At a minimum, they could cause harm to whatever products are being produced. If it’s a large enough robot, it could destroy parts or the assembly line. In a worst-case scenario, it could injure or cause death to the humans in the vicinity.”

Internet security professionals long have employed decoy computer systems known as “honeypots” as a way to throw cyberattackers off the trail. The research team applied the same concept to the HoneyBot, which is partially funded with a grant from the National Science Foundation. Once hackers gain access to the decoy, they leave behind valuable information that can help companies further secure their networks.

“A lot of cyberattacks go unanswered or unpunished because there’s this level of anonymity afforded to malicious actors on the internet, and it’s hard for companies to say who is responsible,” said Celine Irvene, a Georgia Tech graduate student who worked with Beyah to devise the new robot. “Honeypots give security professionals the ability to study the attackers, determine what methods they are using, and figure out where they are or potentially even who they are.”

The gadget can be monitored and controlled through the internet. But unlike other remote-controlled robots, the HoneyBot’s special ability is tricking its operators into thinking it is performing one task, when in reality it’s doing something completely different.

“The idea behind a honeypot is that you don’t want the attackers to know they’re in a honeypot,” Beyah said. “If the attacker is smart and is looking out for the potential of a honeypot, maybe they’d look at different sensors on the robot, like an accelerometer or speedometer, to verify the robot is doing what it had been instructed. That’s where we would be spoofing that information as well. The hacker would see from looking at the sensors that acceleration occurred from point A to point B.”

In a factory setting, such a HoneyBot robot could sit motionless in a corner, springing to life when a hacker gains access – a visual indicator that a malicious actor is targeting the facility.

Rather than allowing the hacker to then run amok in the physical world, the robot could be designed to follow certain commands deemed harmless – such as meandering slowly about or picking up objects – but stopping short of actually doing anything dangerous.

So far, their technique seems to be working.

In experiments designed to test how convincing the false sensor data would be to individuals remotely controlling the device, volunteers in December 2017 used a virtual interface to control the robot and could not to see what was happening in real life. To entice the volunteers to break the rules, at specific spots within the maze, they encountered forbidden “shortcuts” that would allow them to finish the maze faster.

In the real maze back in the lab, no shortcut existed, and if the participants opted to go through it, the robot instead remained still. Meanwhile, the volunteers – who have now unwittingly become hackers for the purposes of the experiment – were fed simulated sensor data indicating they passed through the shortcut and continued along.

“We wanted to make sure they felt that this robot was doing this real thing,” Beyah said.

In surveys after the experiment, participants who actually controlled the device the whole time and those who were being fed simulated data about the fake shortcut both indicated that the data was believable at similar rates.

“This is a good sign because it indicates that we’re on the right track,” Irvene said.

This material is based upon work supported by the National Science Foundation under Grant No. 544332. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

Source: http://www.rh.gatech.edu/news/604462/robot-designed-defend-factories-against-cyberthreats

Filed Under: Georgia Tech News Tagged With: cyber attacks, cyber incidents, cyberthreat, Georgia Tech, hackers, honeybot, honeypot, manufacturing, NSF, robotics

April 2, 2018 By AMK

Government’s acquisition training website restored

Inoperable since February, the Federal Acquisition Institute Training Application System (FAITAS) came back online on Friday, March 30th.

The Federal Acquisition Institute (FAI) previously stated that FAITAS was unavailable due to “unscheduled maintenance,” but there was widespread speculation that the site suffered a cyber incident.  FAITAS is operated for FAI by the U.S. Army through its Army Training Requirements and Resources System (ATRRS).

FAI has updated its Frequently Asked Questions (FAQs) about use of FAITAS to request training, document continuous learning points, and related matters.  The FAQs can be found here: https://www.fai.gov/drupal/sites/default/files/FY18MILRestriction_AccessRestored_FAQs.pdf.

FAITAS, and the training accessible through FAITAS, can be accessed only by civilian and military members of the government.  FAI operates a helpdesk that can be reached via email at training@fai.gov or by phone at 703-752-9604.

Vendors who have had their courses verified by FAI for purposes of meeting Federal Acquisition Certification in Contracting (FAC-C) standards are listed at: https://www.fai.gov/drupal/certification/verified-contracting-course-vendor-listing.

 

 

Filed Under: Government Contracting News Tagged With: acquisition training, acquisition workforce, Army, ATRRS, contracting officer, contracting officer's representatives, contracting officers, cyber attacks, cyber incidents, FAC-C, FAI, FAITAS

March 23, 2018 By AMK

SAM hacked: New vendor registrations require paper documentation

The General Services Administration reports that there is “an active investigation into alleged third-party fraudulent activity” within the System for Award Management (SAM).

SAM is essentially the vendor database of the federal government.  GSA is in the process of integrating a total of ten databases within SAM.

The alleged breach was identified by GSA’s Office of Inspector General (OIG).  GSA is concerned that vendor’s financial information and points of contact could be exposed.

GSA reports that entities whose financial information has changed within the last year are in the process of being notified and are being advised to validate their registration information, particularly their financial information.  GSA’s notification process began on March 22, 2018.

An “entity” is any company, business, or organization who has registered within SAM as a federal contractor or would-be federal contractor.

In the announcement of the breach, GSA advises that “entities should contact their Federal agency awarding official if they find that payments, which were due their entity from a Federal agency, have been paid to a bank account other than the entity’s bank account.”   SAM contains bank routing information on each entity.

New SAM registration procedures are now in effect, presumably temporarily.  An original, signed notarized letter identifying the authorized Entity Administrator for the entity associated with the DUNS number must be submitted before a new SAM entity registration will be activated.

Update: GSA has produced a template for the notarized letter.  It is available at: SAM_Notary_Letter_Template_4.12.18_GSA_version

Information on GSA’s work-around SAM registration process is detailed on the Federal Service Desk’s web site at: https://www.fsd.gov/fsd-gov/answer.do?sysparm_kbid=d2e67885db0d5f00b3257d321f96194b&sysparm_search=sam

 

Filed Under: Government Contracting News Tagged With: breach, cyber incidents, cyberattacks, financial risk, fraud, GSA, hack, SAM, vendor registration

October 3, 2017 By AMK

Georgia Tech cyber security summit declares 2017 a turning point for attribution

Is the ability to identify a cyber attacker good and getting better? 

At the Georgia Institute of Technology on Wednesday, Stewart A. Baker, the first assistant secretary for policy at the U.S. Department of Homeland Security, proposed that 2017 might just be a transformational moment in the quest for better cyber attribution.

“We are entering a golden age of attribution where perpetrators are increasingly being called out with reasonable certainty; but while the brave have gotten a lot of press out of it, will they regret their business approach and are their methods good enough and specific enough to be useful?” said Baker, who delivered the keynote address at the 15th Annual Georgia Tech Cyber Security Summit held Sept. 27.  Today, he is a partner in Steptoe & Johnson LLP.

Baker reviewed four problems with attribution now: the balkanization of security, limited incentives to do attribution, speed of response, and availability of tools. He called for “data man traps” and cyber “beacon die-packs” like those used by banks that could make it easier for law enforcement or intelligence communities to locate cyber hackers.

Organizations are beginning to publicly voice who they suspect is behind highly publicized breaches. Sony Pictures identified North Korea as their culprit. The Democratic National Committee identified Russia. Meanwhile, universities such as Georgia Tech are working closely with government sponsors and commercial partners to develop an initial science of traceback around how attribution should be performed.

“Georgia Tech is building frameworks for attribution so that others can leverage our approach by applying their own data and analyzing the result,” said Michael Farrell, Co-Director of the Institute for Information Security & Privacy (IISP) and organizer of the Summit.

But once analyzed, key questions still remain, even when methods are sound.  What is the right response when facing a nation-state hacker versus the individual criminal?  What does it mean to hold nation states and companies responsible?  How should the private sector use attribution information to better defend themselves and mitigate risk? What if government is wrong when it claims who is behind an attack?

“We have to start with the assumption that cybersecurity is not something the public entirely has their head around,” said Hannah Kuchler, journalist for the Financial Times, who participated on a panel at the Summit moderated by Baker. “When government agencies offer conflicting opinions, it is confusing for the public.”

“There is a dissatisfaction in Washington, D.C., with the deterrence toolbox right now,” said Robert Knake, senior fellow at the Council on Foreign Relations and also a panelist at the Summit. “A basic problem here is contagion. [Hack back tools] can reach targets they weren’t intended for. To ban certain targets as off limits [during a counterattack], you’d also have to ban certain types of attacks. I’m not sure that will work.”

In addition to Kuchler and Knake, the panel included Kim Zetter, investigative journalist and author of a 2014 book about the Stuxnet virus; Cristin Goodwin, assistant general counsel for Microsoft Corp.’s security business, and Chad Hunt of the FBI’s Atlanta office.

“What are the private actions that are available to companies?” asked Goodwin. “There are different standards of evidence when talking about attribution of individuals or groups of actors.

“What’s so frustrating about attribution right now is that governments are still wrestling with what does cyberwarfare mean,” she said. “What are the rights of states? What are the private actions that are available to companies?… Our core value at Microsoft is how do we increase the cost of an attack to make it less valuable [for the perpetrator]?”

Hunt said he finds most companies don’t actually care who is behind an attack; they “want to know what resources they’re up against” and if their technical investments are enough.

Zetter, who has covered cyberwarfare and hacking since 1999, challenged whether governments should rely on private companies for attribution assistance.

“When you have the government relying on third-party companies for evidence, I think we’re getting into really muddy ground,” she said.

The choices available to executives, law enforcement, front-line cybersecurity practitioners, and diplomats present unique facets to the problem of “what to do next” after a breach, said Farrell.

“Right now, we lack a deterrence mindset in cyberspace,” he said. “We can’t just dust off the Cold War playbook from 50 years ago and assume it applies.  Attribution is a key component to dealing with malicious cyber activity that is increasing in severity and volume.  Georgia Tech research is working to change that and help inform decision-makers so they can be proactive in mitigating information risk.”

Source: https://cyber.gatech.edu/georgia-tech-cyber-security-summit-declares-2017-turning-point-attribution

Filed Under: Georgia Tech News Tagged With: cyber, cyber attacks, cyber attribution, cyber incidents, cybersecurity

October 2, 2017 By AMK

DFARS cyber compliance deadline is approaching

Many people are unaware that a significant number of U.S. companies are subject to regulations that share some similarities with the European General Data Protection Regulation (which has companies that handle European data scrambling to get into compliance).

Specifically, government contractors have obligations pursuant to Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7000 et. seq. 

The DFARS regulations were adopted in October 2016 when the U.S. Department of Defense issued a final rule. (See 82 Fed. Reg. 72986 Oct. 21, 2016, available here.)

Entities subject to the provisions were given until Dec. 31, 2017, to comply with certain aspects as discussed below. If your organization is a contractor or subcontractor that handles “controlled unclassified information” (see here) you need to make sure your house is in order to comply.

Keep reading this article at: https://www.law360.com/articles/968247/dfars-cyber-compliance-deadline-is-approaching

Filed Under: Government Contracting News Tagged With: controlled unclassified information, CUI, cyber, cyber incidents, cybersecurity, DFARS, DoD, NIST

  • « Previous Page
  • 1
  • 2

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2022 · Georgia Tech - Enterprise Innovation Institute