US Government Identifies North Korean Hacking Tool

Silicon | May 10, 2019

Authorities in the United States have this week identified malware allegedly from North Korea, which is said to be part of that country’s hacking program to raise funds from targets aboard. The malware, dubbed ‘ElectricFish’, was identified by both the FBI and Department for Homeland Security (DHS). The US Cyber Emergency Response Team (US-Cert) published a report warning both the security industry and the general public about the new malware on Thursday. “Working with US Government partners, DHS and FBI identified a malware variant used by the North Korean government,” warned the report. “This malware has been identified as ElectricFish.” The US Government said the malware is part of the “malicious cyber activity by the North Korean government,” a campaign it calls Hidden Cobra. “DHS and FBI are distributing this MAR to enable network defense and reduce exposure to North Korean government malicious cyber activity,” the report added.

Spotlight

Digital modernization refers to the process of utilizing technology, whether through adoption of new tools or the improvement of existing ones, to achieve organizational goals. This can include enhancing the user experience, ensuring high uptime, implementing robust security measures, reducing latency, and streamlining processes for resolving issues. All levels of government are going through a digital transformation to deliver services and programs more effectively,transparently, and economically.To meet the demands of citizens who have adapted to the technological advancements in society, digital government transformation has become a vital aspect of providing efficient and effective services. However, one of the biggest hurdles in this process for federal agencies is striking a balance between leveraging technology for its benefits and maintaining robust security and privacy measures. Federal agencies handle confidential information regularly, making it imperative to safeguard against data breaches. Consequently, agencies must ensure that their digital systems and procedures are secure and adhere to relevant regulatory requirements.

Spotlight

Digital modernization refers to the process of utilizing technology, whether through adoption of new tools or the improvement of existing ones, to achieve organizational goals. This can include enhancing the user experience, ensuring high uptime, implementing robust security measures, reducing latency, and streamlining processes for resolving issues. All levels of government are going through a digital transformation to deliver services and programs more effectively,transparently, and economically.To meet the demands of citizens who have adapted to the technological advancements in society, digital government transformation has become a vital aspect of providing efficient and effective services. However, one of the biggest hurdles in this process for federal agencies is striking a balance between leveraging technology for its benefits and maintaining robust security and privacy measures. Federal agencies handle confidential information regularly, making it imperative to safeguard against data breaches. Consequently, agencies must ensure that their digital systems and procedures are secure and adhere to relevant regulatory requirements.

Related News

EMERGING TECHNOLOGY,CYBERSECURITY

QinetiQ US Completes Acquisition of Avantus Federal

Avantus Federal | November 24, 2022

Lorton, VA and McLean, VA – QinetiQ US, a wholly owned subsidiary of QinetiQ Group plc, an integrated global defense and security company, announced today that it completed its acquisition of Avantus Federal (Avantus) from NewSpring Holdings for an enterprise value of $590 million. The combination of QinetiQ US and Avantus creates a unique platform to offer comprehensive mission-led innovation for the most sensitive and complex challenges intelligence, defense, homeland, civilian, and other government customers face today. This transaction was previously announced August 5, and the transition is expected to be seamless for customers, partners, and employees. This integration will combine QinetiQ’s leadership in robotics and autonomous systems, sensing, protection systems, and next-generation technology services with Avantus’ advantages in strategic planning, operations, and stakeholder collaboration in a host of government operations, including cyber, data, government facility, and outer space solutions. The combination will deliver mission-led innovation in hardware, software, and mission services to the growing needs of defense, intelligence, homeland security, and law enforcement organizations, along with civilian agencies in the United States and close-U.S. allied nations including the United Kingdom and Australia. “I am delighted that we have completed the acquisition of Avantus today – it is a strategic milestone in our five-year ambition to build an integrated global defence and security company, delivering innovation for our customers’ mission, This acquisition extends our customer base, strengthens our capabilities and builds scale in the largest defence and security market in the world. With a strong track record of 10%+ growth at attractive margins, Avantus is a brilliant strategic and cultural fit and positions us to meet the increasing mission-critical needs of our US defence and intelligence customers with agility and pace.” -Steve Wadey, Group Chief Executive Officer for QinetiQ Group plc. Andy Maner, Chairman and Chief Executive Officer of Avantus, said the combination with QinetiQ US is key to providing more opportunities and growth for our people and customers. We started this journey with our great partner, NewSpring Holdings, and now we’re taking a critical step forward that allows our collective team to leverage additional scale and investments across our world class talent, technology, and processes at a pivotal time in our market and geopolitical landscape. “We are thrilled to welcome our Avantus colleagues to QinetiQ US, Avantus’ elite talent, differentiated technology solutions, and dedication to mission complement our innovative culture. I am honored to lead a combined team that shares a focus on performance and a proven ability to be agile in impactful delivery at the speed of our customers’ missions.” QinetiQ is a leading science and engineering company dedicated to protecting lives and securing the vital interests of defense and security customers with distinctive offerings in experimentation and technology; cyber and information advantage; engineering services and support; robotics and autonomous systems; training and mission rehearsal; and, test and evaluation. This is complimented by the Avantus capabilities to leverage a strong consulting force to deliver technology, cyber, data, digital engineering and integration, intelligence analysis, and operations strategy and tactics to its clients, ensuring maximum efficiency and impact. -Shawn Purvis, President and Chief Executive Officer of QinetiQ US. About QinetiQ US: QinetiQ US is a leading defense and security company in the United States providing mission-led innovation at pace. QinetiQ US is a provider of technologically advanced services and products to the US Department of Defence and national security agencies, positioned to deliver key aspects of the modernization required to address our customers’ pivot to counter near peer adversaries. QinetiQ’s engineering services span the DoD and Intel community providing subject matter expertise in the areas of communications, sensor integration and research and development, survivability and unmanned ground combat systems. QinetiQ US operates as the U.S. arm of QinetiQ Group plc (QQ.LSE), an integrated global defense and security company focused on innovation for defense, security and civil customers. QinetiQ US employees are based predominantly in Virginia and Massachusetts and operate under a Special Security Agreement (SSA) with the U.S. Defence Counterintelligence & Security Agency (DCSA). QinetiQ US is creating new ways of protecting what matters most; testing technologies, systems, and processes to make sure they work as expected; and enabling customers to deploy new and enhanced-existing capabilities with the assurance they will deliver the outcomes required. About Avantus Federal: Avantus Federal is a mission-focused data, cyber, and space services and solutions company. As a mid-market powerhouse with an intentional blend of elite talent, infrastructure, and speed to impact, Avantus and its approximately 1,150 highly cleared professionals lead with technical and domain expertise for its Defence, Intelligence, Homeland Security, and Federal Civilian customers.

Read More

EMERGING TECHNOLOGY,INFRASTRUCTURE

LaunchDarkly Federal Feature Management Program Authorized by FedRAMP

Launchdarkly | January 25, 2023

On January 24, 2023, LaunchDarkly, a feature management platform, received moderate impact authorization from the FedRAMP (Federal Risk and Authorization Management Program) for its LaunchDarkly Federal solution, with endorsement from the Center for Medicare and Medicaid Services (CMS). For years, LaunchDarkly has worked directly with US government agencies to drive innovation and increase resiliency in their software deployments. Many government organizations now use the platform to manage feature releases and deployments across their agencies and infrastructures. Customers can use the LaunchDarkly Federal solution to perform targeted rollouts efficiently, significantly improve release experiences, and confidently deploy new technology to millions of users. LaunchDarkly Federal supports connected and disconnected operations and is the market's first feature management platform to receive FedRAMP authorization. It is now better positioned to provide the public sector with an enterprise-class feature management solution that enables government agencies and their private sector partners to safely modernize and migrate applications while maintaining exceptional control. This authorization comes at a crucial time when government agencies strive to operate in the safest environments possible in the face of rising cyber security concerns. The platform is uniquely positioned to assist these agencies as they advance their DevSecOps initiatives to incorporate Continuous Integration/Continuous Delivery (CI/CD). LaunchDarkly's commitment to enhancing the privacy and security of its platform is furthered by its FedRAMP authorization at a moderate impact level. The company has also confirmed that its platform supports HIPAA compliance, offering healthcare providers that adhere to strict privacy regulations with the confidence and capabilities they need to innovate continuously with less risk. About LaunchDarkly Founded in 2014 and based in Oakland (California), LaunchDarkly is a scalable feature management program. Feature management enables development teams to innovate rapidly by fundamentally altering how software is delivered to customers. DevOps teams can accelerate their journey to the cloud, standardize safe releases at scale, and collaborate more effectively with business teams with the ability to gradually release new software features on any platform to any segment of users. Currently, the platform deploys 20 trillion feature flag peaks daily, and this number continues to rise. LaunchDarkly is on the Forbes Cloud 100 list, Enterprise Tech 30 list, and InfoWorld's 2021 Technology of the Year list.

Read More

GOVERNMENT BUSINESS,CYBERSECURITY

SentinelOne Announces Membership with CISA’s Joint Cyber Defense Collaborative

Cybersecurity and Infrastructure Security Agency | January 17, 2023

SentinelOne, an autonomous cybersecurity solution provider, recently announced that it joined the Joint Cyber Defense Collaborative (JCDC). The membership further supports the US Government's strategy to protect the cyber ecosystem and critical infrastructure. Cybersecurity and Infrastructure Security Agency (CISA) founded JCDC in 2021. The collaborative aims to unite the international cyber community and defend cyberspace. SentinelLabs and SentinelOne's autonomous cybersecurity platforms will aid JCDC in collecting, analyzing, and disseminating data on cyber threats. SentinelOne will lend its insights and support to JCDC's strategic planning and offer advice as part of the partnership. As a result, JCDC will have unprecedented insight into new threats through this collaboration, allowing them to prevent attacks even before they happen. SentinelLabs is a top-tier team of security researchers dedicated to discovering and analyzing critical vulnerabilities, attack vectors, malware strains, and threat actors. "JCDC goes beyond other public-private partnerships, delivering collaborative engagement between the nation's top cyber minds with a focus on planning, action, and mitigation. With exceptional speed, scale and intelligence, our team and technology will play a crucial role in the organization's continued success. We have partnered closely with CISA for years and look forward to continuing that relationship, helping protect the world's most critical assets and information," said Jared Phipps, SVP of Americas Sales and Solution Engineering. (Source: Business Wire) About Cybersecurity and Infrastructure Security Agency Cybersecurity and Infrastructure Security Agency (CISA) established JCDC in August 2021 to transform traditional public-private partnerships into real-time private-public operational collaboration and shift the paradigm from reacting to threats and vulnerabilities to proactively planning and taking steps to mitigate them. The company leads the national effort to understand, manage, and reduce risk to its cyber and physical infrastructure. Its multi-faceted mission is home to more than 15 career fields including business administration, cybersecurity, program management, communications, and data science.

Read More