malicious software | The Contracting Education Academy

September 29, 2020 By cs

Pentagon acquisition chief hints Section 889 supply chain waiver may be extended

The Pentagon and the Office of the Director of National Intelligence are discussing extending a waiver that gives the defense industrial base more time to ensure certain noncritical weapons systems comply with a new rule aimed at excising Chinese telecommunications equipment from the supply chain, according to the Defense Department’s acquisition chief.

Undersecretary for Acquisition and Sustainment Ellen Lord talked briefly about implementation of Section 889 Part B, a provision of the 2019 National Defense Authorization Act, during a Defense News Conference. Her remarks came a day ahead of a feedback webinar the General Services Administration will host to solicit questions, comments and concerns from stakeholders about Section 889 implementation.

“So what we did is we got a waiver from ODNI for noncritical weapons systems,” Lord said. “We continue to discuss an extension beyond September of that with them.”

Part B of Section 889 officially went into effect August 13, about a month after the final version of the rule was released in July. The rule prohibits federal agencies from contracting with entities that use equipment from certain covered companies including Huawei and ZTE. In effect, Part B requires contractors to search through their supply chains to determine and disclose to the government whether they use any of the covered equipment or services.

Keep reading this article at: https://www.nextgov.com/cio-briefing/2020/09/pentagon-acquisition-chief-hints-section-889-supply-chain-waiver-may-be-extended/168332/

August 20, 2020 By cs

Ban on Chinese products starts despite confusion over acquisition rule

The second and more arduous deadline for agencies and vendors to ensure they are no longer using certain Chinese made telecommunications products and services is here, and few are happy about it.

Industry and agencies alike continue to sound the alarm about the potential and real impacts of the interim rule implementing part B of Section 889 of the 2019 National Defense Authorization Act.

“There is likely going to be significant impacts that will be felt across the federal sector,” said one government official, who requested anonymity in order to talk more candidly about the interim rule. “It’s very clear that the Defense Department and other agencies fully support the intent of the rule. We all know there is a lot of information about how China transmitted data and stole intellectual property so the intent of the rule is to protect our national security is good. But there will be unintended consequences because of how the specific language was written.”

Under the interim rule, which remains open for comments through mid-September, agencies cannot award new contracts, task orders or modify existing contracts to any vendor who doesn’t self-certify that they are not using products from Chinese companies like ZTE and Huawei.

Keep reading this article at: https://federalnewsnetwork.com/acquisition-policy/2020/08/ban-on-chinese-products-starts-today-despite-confusion-over-acquisition-rule/

June 20, 2018 By AMK

New federal contracting rule cuts off Kaspersky

The government is seeking to eliminate all traces of cybersecurity firm Kaspersky Labs from federal systems, issuing a new interim rule in the June 15 Federal Register to extend the governmentwide ban to contractors.

The rule, issued by the General Services Administration, the Department of Defense and the National Aeronautics and Space Administration, amends the Federal Acquisition Regulation to require that all contracts and solicitations finalized after July 16, 2018, include language prohibiting the presence of Kaspersky hardware, software and products.

The rule applies not just to federal contracts but also smaller “micro” purchases and the purchase of commercial off the shelf items, which are often exempt from many contracting regulations. The notice states that the interim rule was issued without prior opportunity for public comment due to “urgent and compelling reasons.”

Keep reading this article at: https://fcw.com/articles/2018/06/15/kaspersky-rule-contractors.aspx

April 27, 2018 By AMK

Navy wants a better way to keep China’s nose out of its contracts

The other day, the U.S. Navy was about to issue a contract — nothing remarkable for an organization that awards dozens each week.

Then the contracting office realized that the specific division of the company they wanted to work with was in a joint venture with Chinese smartphone maker Huawei. All of a sudden, the service “turned around and said, ‘Whoa, stop the horses,’” Navy Secretary Richard Spencer told lawmakers Thursday.

In 2014, concerns about espionage led the U.S. to ban Huawei, which was founded by a former People’s Liberation Army engineer, from bidding on government contracts. In February, U.S. intelligence chiefs cautioned even the average American against buying Huawei products.

In this case, the Navy didn’t automatically kill the contract — though they did put a hold on it as they talked with the prime contractor.

Keep reading this article at: https://www.govexec.com/contracting/2018/04/navy-wants-better-way-keep-chinas-nose-out-its-contracts/147603/

August 17, 2017 By AMK

Why are local governments using a Russian software the feds won’t?

The Washington Post revealed on July 23rd that several local governments across the U.S. are using a Russian brand of security software that the federal government fears could be leveraged by the foreign country for cyberespionage.

In July, the federal government removed Kaspersky Lab, a Moscow-based company that sells anti-virus security software, from its list of approved vendors. Meanwhile, nearly all the local governments interviewed by the Post appeared unaware of the controversy. Upon learning about it, most said that they had no immediate plans to stop using the product.

The news is merely the latest development in an ongoing debate about whether local governments are doing enough to protect themselves from cyber threats.

Cybersecurity experts have long been sounding the alarm about local governments’ vulnerability to cyberattacks and the impact such an intrusion could have. They say most local governments face great barriers to protecting their data and systems, including lack of funding, shortage of cybersecurity professionals and general ignorance about the seriousness of the threat.

Keep reading this article at: http://www.governing.com/topics/mgmt/gov-local-governments-cybersecurity-kaspersky-russia.html

The second and more arduous deadline for agencies and vendors to ensure they are no longer using certain Chinese made telecommunications products and services is here, and few are happy about it.

The government is seeking to eliminate all traces of cybersecurity firm Kaspersky Labs from federal systems, issuing a new interim rule in the June 15 Federal Register to extend the governmentwide ban to contractors.

The other day, the U.S. Navy was about to issue a contract — nothing remarkable for an organization that awards dozens each week.

The Washington Post revealed on July 23rd that several local governments across the U.S. are using a Russian brand of security software that the federal government fears could be leveraged by the foreign country for cyberespionage.

Search this Website