Technology Sectors

Market Sectors

Security Services

GSN 2012 Awards announced: White House deputy of homeland security recognized for leadership at annual gala

GSN Awards 2012

Hundreds of the best of the homeland security community’s federal, state and municipal government officials, government contractors, systems integrators, IT vendors and physical security product and solutions providers all came together the night of November 29 in a ballroom of the Washington, D.C. convention center to receive accolades.

The GSN awards dinner, which has become a Washington tradition over the last four years, offered a chance for the excellence and civic-minded spirit of homeland security efforts nationwide to be recognized.

Not only were the best tools and technologies acknowledged , but the people and groups who use them, from local police departments in Florida and Washington state, to the White House, were honored at the event.

During the awards ceremonies, Richard Reed, Deputy Assistant to President Obama for Homeland Security, received the second annual Government Security News/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security. Reed was chosen for tireless work in his key role in leading the development of national policy related to resilience, transborder security and community partnerships. He has been described as the president’s eyes and ears during disasters. In crises, such as the Gulf oil spill, H1N1 pandemic, and Haiti earthquake, Reed has sprung into action at the White House, coordinating information and gathering people to cope with these catastrophes.

Reed told Government Security News in an interview after the dinner that gatherings like GSN’s awards ceremony were invaluable in demonstrating that the hard work of creating a resilient, strong response to crises is performed by thousands of individuals, like those in attendance. Gatherings that bring the diverse emergency response and homeland security communities together can broaden perspectives and spur new ideas, he said.

Reed has been a determined, mostly behind-the-scenes, captain of federal emergency response efforts during the Bush and Obama administrations, helping prepare for, and respond to, some of the worst natural disasters the nation has known, from one of the deadliest tornado seasons in history in the Midwest, to historic wild fires in the west, and massive storms in the eastern U.S.

Reed said the key to capable response to such staggering events lies not only in federal hands, but in enabling state, local and even personal responses. Getting resources and training in place before disasters happen goes a long way in an effective response and recovery, he said. “The true first responders are friends, neighbors and co-workers” in the immediate aftermath of a disaster, said Reed. Local police, firefighters and other agencies arrive second, he said. Enabling people with information concerning what resources are available or where they can go for help or supplies empowers them, said Reed.

Government Security News managing partner Adrian Courtenay has made the GSN/Raytheon award an annual tradition. The prize is sponsored by the Raytheon Company, a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world, which is headquartered in Waltham, MA.

Notable 2012 government excellence award winners included the local police departments in Tampa and St. Petersburg, FL, for their ground-breaking work in preparing for the Republican National Convention in Tampa this past summer. The departments put together comprehensive plans to gently defuse potentially volatile political demonstrations at the event. Both departments were also praised for implementing an innovative interoperable communications network during the GOP convention.

The Lawrence Livermore National Laboratory was recognized for its groundbreaking work on a small radiation detector. The Naval Air Systems Command won an award for its work on the Kestrel Wide Area Persistent Surveillance program, which developed an aerostat for long-term surveillance capabilities to protect ground soldiers in Afghanistan.

The complete list of GSN’s 2012 Award winners appears below: 

CATEGORY 1 – VENDORS OF IT SECURITY PRODUCTS AND SOLUTIONS

 

Best Anti-Malware Solution

 

Invincea

 

Best Identity Management Platform

 

Alert Enterprise

 

Best Certificate Management Solution

 

Entrust

 

Best Compliance /Vulnerability Assessment Solution

 

Agiliance

 

Best Data Security/Loss Management Solution

 

WAVE Systems

 

Best Endpoint Security Solution

 

StillSecure

 

Best Forensic Software

 

Silvertail

 

Best Intelligence Data Fusion and Collaborative Analysis Solution

 

Lookingglass Cyber Solutions

 

Best Intrusion Detection/Prevention Solution

 

Intellidyne

Vanguard Integrity Professionals

 

Best Network Security/Enterprise Firewall

 

Black Lotus

 

Best Privileged Access Management Solution

 

Kikusema

Xceedium

 

Best Real-Time Dynamic Network Analysis

 

Fidelis Security

 

Best Continuous Monitoring Solution

 

ForeScout

Redseal

 

Best Security Incident/Event Management Solution (SIEM)

 

NetIQ

 

CATEGORY 2 – VENDORS OF PHYSICAL SECURITY PRODUCTS & SOLUTIONS

 

PHYSICAL SECURITY ACCESS CONTROL & INDENTIFICATION

 

Best Biometric Identification Solution

 

Fulcrum Biometrics

 

Best Integrated System for HSPD 12/FIPS 201 Compliance

 

Brivo

 

Best Platform for Physical and Logical Access

 

Alert Enterprise

 

COMMUNICATIONS

 

Best Interoperable First Responder Communications

 

Covia Labs

 

Best Mass Notification Systems

 

AtHoc

 

Best Regional or National Public Safety Communications Deployment

 

Desktop Alert

 

DETECTION PRODUCTS

 

Best Explosives Detection Solution

 

AS&E

 

Best Long Range Detection Systems

 

Vidisco

 

Best Nuclear/Radiation Detection

 

Lawrence Livermore National Laboratory

 

VIDEO SURVEILLANCE

 

Best Intelligent Video Surveillance Solution

 

Panasonic

 

Best Thermal/Night Vision/Infrared Cameras

 

HGH Infrared Systems

Vumii

 

Best Network IP Cameras

 

Axis Communications

 

Best Video Storage/Digital Transmission Systems

 

Panasonic

 

OTHER PRODUCTS

 

Best Perimeter Protection Solution

 

Senstar

 

Best Crash Barriers

 

Nasatka

 

Best Physical Security Information Management (PSIM) Solution

 

NICE Systems

 

SERVICES

 

Best Disaster Preparedness or Disaster Recovery & Clean-up Service

 

High-Rise Escape Systems

 

Best Facility Security/Force Protection Service

 

Whitestone Group

 

Best Homeland Security Training/Higher Education Solutions

 

Bellevue University

 

Category 3: Government Security News 2012 Government Excellence Awards

 

Most Notable Airport Security Award

 

Defense Manpower Agency

 

Most Notable Maritime/Port Security Program

 

Ohio Department of Public Safety/Northern Border Initiative

 

Most Notable Railroad/Mass Transit Security Program

 

Denver Regional Transportation Authority

 

Most Notable Critical Infrastructure Program, Project or Initiative

 

U.S. Veterans Administration Hospital, Tucson, AZ

 

Most Notable Cyber Security Program, Project or Initiative

 

U.S. Department of Energy

 

Most Notable Emergency Response Implementation

 

U.S. National Guard

Federal Emergency Management Agency (FEMA)

 

Most Notable Law Enforcement Interdiction, Arrest or Counter-Terrorism Program

 

Orange County Intelligence Assessment Fusion Center

 

Most Notable Municipal/County Programs, Projects or Initiatives

 

Seattle, Washington Police Department

Tampa and St. Petersburg, Florida Police Departments

 

Federal Government

 

Naval Air Systems Command (Kestrel Wide Area Persistent Surveillance)

GSN 2011 Awards Program opens for entries on April 26

Government Security News has announced that its 2011 Homeland Security Awards Program  will officially open for business and start accepting entries in the program’s 45 awards categories on Tuesday, April 26.

The 2011 program contains a number of exciting new categories, reflecting the dynamically changing threat environment, in all three of the overall awards groupings: Best Vendors of IT Security Products and Solutions, Best Vendors of Physical Security Products and Solutions, and the 2011 Government Excellence Awards.

The cost for each entry in the 2011 program is $295 for vendors of IT security and physical security products and solutions. As in previous years, there is no cost for entries in the 10 categories of awards for federal, state and local government agencies.

Vendors of IT and physical security products and solutions may nominate themselves or be nominated by colleagues or government clients, while government agencies or departments may similarly nominate themselves or be nominated by other agencies, colleagues or vendors.

Adrian Courtenay, Managing Partner of GSN’s parent company, World Business Media, LLC, cited two intriguing new categories in the government sector that have been selected to acknowledge solid “boots on the ground” achievements of federal, state or local agencies in responding to emergencies, countering terrorism and stopping crime. These categories are “Most Notable Emergency Response Implementation – Federal, State or Local” and “Most Notable Law Enforcement Interdiction, Arrest or Counter Terrorism Program – Federal, State or Local.”

Acknowledging the increasing importance of cyber security and the threat of cyber war among nation-states, Courtenay also pointed out that the government awards in 2010 have been expanded to include a category titled, “Most Notable Cyber Security Program or Technology – Government or Military.”

Returning for its third year as a sponsor of the GSN Awards Program is founding sponsor ArcSight, now a business unit of Hewlett Packard Software and Solutions, whose enterprise threat and risk platform is an integrated product for collecting, analyzing and assessing security and risk information. ArcSight is also a repeat winner in the GSN awards program for its Security Incident Event Management (SIEM) products for collecting, analyzing and assessing security incident event information.

Also returning as event sponsors are General Dynamics C4, located in Phoenix, AZ, a major developer and integrator of secure communications and information systems and technology; and  Mutualink, another GSN award winner, which creates networks of interoperable communities that can instantly share radio, voice, text, video and data files, and telephone communications in a secure environment.

The fourth and final sponsor to date in the 2011 Awards Program is Behavioral Recognition Systems, Inc., of Houston, TX, also known as BRS Labs, whose software uses the fascinating, scientifically developed cognitive reasoning and artificial intelligence of behavioral analytics to leverage a stream of intelligence from millions of surveillance cameras worldwide, in order to provide alerts regarding abnormal or suspicious behavior.

Profiles of each of the 2011 sponsors will be posted on the GSN Web site in the coming weeks.

Additional companies or organizations interested in joining the ranks of 2011 sponsors of the GSN 2011 Homeland Security Awards Program should contact GSN Publisher and World Business Media President, Edward Tyler, at 212-344-0759, ext. 2001.

According to Courtenay, the 2011 Awards Program will culminate with the annual awards dinner in early November at a venue to be announced shortly. “It’s going to be hard to top last year’s elegant dinner and spectacular after-dinner keynote presentation by four-star General Barry McCaffrey (USA-Ret.). But we’re going to try!”

In 2010, the GSN awards were presented to a sold-out ballroom at the JW Marriott Hotel in Washington, DC, that included many distinguished government and military officials, academics, law enforcement and public safety professionals from across the country, along with the systems integrators, defense contractors and vendors of products and solutions used in homeland security.

Photos of the 2010 awards reception and dinner are available at:

www.flickr.com/photos/[email protected]/.

Further information and entry forms for the 2011 Awards Program are available at:

www.gsnmagazine.com/hsa2011/welcome.

T3 Motion

Gary Joubert, VP of Sales and Marketing, reports that T3 provides electric vehicles for law enforcement that are used in almost every police department in the U.S., as well as in government agencies around the world. Other markets for the made-in-the-USA T3 series include the military, general transport and the private security business. Recent improvements have been well received, and business is great!

Alert (TA18-004A) Meltdown and Spectre Side-Channel Vulnerability Guidance

Systems Affected

CPU hardware implementations

Overview

On January 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as Meltdown(link is external) and Spectre(link is external)— that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.

Description

CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware. Meltdown affects desktops, laptops, and cloud computers.  Spectre is a flaw that an attacker can exploit to force a program to reveal its data. The name derives from speculative execution—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, cloud servers, and smartphones. Many of these security issues are remediated through the Kernel Address Isolation to have Side-channels Efficiently Removed (KAISER) patch described in detail in an academic paper named “KASLR is Dead: Long Live KASLR.” While this paper identifies a fix for Linux operating systems, the exploit concepts in the article can apply to other operating systems.

More details of these attacks are described in detail by

Impact

An attacker can gain access to the system by establishing command and control presence on a machine via malicious Javascript, malvertising, or phishing. Once successful, the attacker’s next attempt will be to escalate privileges to run code on the machine. Running code will allow the attacker to exploit the Meltdown and Spectre vulnerabilities. Sensitive information could be revealed from a computer’s kernel memory, which could contain keystrokes, passwords, encryption keys, and other valuable information.

Solution

NCCIC encourages users and administrators to refer to their hardware and software vendors for the most recent information. In the case of Spectre, the vulnerability exists in CPU architecture rather than in software, and is not easily patched; however, this vulnerability is more difficult to exploit. 

MICROSOFT

Microsoft has temporarily halted updates for AMD machines. More information can be found here: https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices(link is external)

For machines running Windows Server, a number of registry changes must be completed in addition to installation of the patches.  A list of registry changes can be found here: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution(link is external)

ANTIVIRUS

Microsoft has recommended that third-party antivirus vendors add a change to the registry key of the machine that runs the antivirus software. Without it, that machine will not receive any of the following fixes from Microsoft:

  • Windows Update
  • Windows Server Update Services
  • System Center Configuration Manager 

More information can be found here: https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software(link is external).

MITIGATION

Mitre has published Common Vulnerability and Exposure (CVE) notes for Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715).

NCCIC recommends administrators review CISCO TALOS Snort SIDs: 45357 – 45368  and apply the necessary updates. These twelve rules were released as an emergency update on January 4, 2018, to cover the detection of Meltdown and Spectre side-channel vulnerabilities, and relate to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. These signatures cover the specific proofs of concept and sample code outlined in the Spectre and Meltdown whitepapers. While these signatures have the potential to detect variants, they may not work for all cases.

The table provided below lists available advisories and patches. As patches and firmware updates continue to be released, it is important to check with your hardware and software vendors to verify that their corresponding patches can be applied, as some updates may result in unintended consequences. Note:Download any patches or microcode directly from your vendor’s website.

NCCIC recommends using a test environment to verify each patch before implementing.

After patching, performance impacts may vary, depending on use cases. Administrators should ensure that performance is monitored for critical applications and services, and work with their vendor(s) and service provider(s) to mitigate the effect, if possible.

Additionally, users and administrators who rely on cloud infrastructure should work with their CSP to mitigate and resolve any impacts resulting from host OS patching and mandatory rebooting.

 

Vulnerability Note VU#584653

__________________________________________

CPU hardware vulnerable to side-channel attacks

__________________________________________

 

 

 

 

Overview

CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre.

Description

Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.

CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by Google Project Zero, the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants:

  • Variant 1 (CVE-2017-5753, Spectre): Bounds check bypass
  • Variant 2 (CVE-2017-5715, also Spectre): Branch target injection
  • Variant 3 (CVE-2017-5754, Meltdown): Rogue data cache load, memory access permission check performed after kernel memory read

Spectre

Spectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions.

With Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target.

With both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted.

While the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the Project Zero blog post describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre.

Meltdown

Meltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle.

Meltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised.

The impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary.

The Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them.

 

 

Impact

An attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks.

To execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk.

 

 

 

Solution

Apply updates

Operating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems will no longer receive security updates via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary.

Consider CPU Options

Initial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities.

BlackRidge Technology Forms Government Advisory Board and Appoints Four Proven Leaders

RENO, Nev., Jan. 17, 2018 -- BlackRidge Technology International, Inc. (OTCQB: BRTI), a leading provider of next generation cyber defense solutions, has formed a Government Advisory Board and named David L. Peed, Kevin Carroll, Rhett A. Hernandez, and Cindy E. Moran to the board. The BlackRidge Government Advisory Board was created to add expert executive perspective and insights into the specific network and cyber security needs of the U.S. Department of Defense (DoD) IT environment as well as mission-critical federal government networks. BlackRidge products have completed the rigorous testing process required for use in DoD information networks.

The BlackRidge Government Advisory Board inaugural appointees are


    •    David L. Peed, who will chair the advisory board. Mr. Peed is currently Vice President and General Manager of Equinix Government Solutions responsible for shaping and executing Equinix's Americas Public Sector strategy. Previously he was the President of ITekFED of which he co-founded. Mr. Peed is the former VP & GM for Ciena Government Solutions, Inc. (CGSI) where he was instrumental in the growth of the organization during his nine-year tenure with Ciena. Under his leadership, CGSI became a major player in critical networks for the U.S. Department of Defense, Internet2, as well as many others in the government community. Mr. Peed has more than 30 years of experience in the telecom industry.


    •    T. Kevin Carroll, President of The Kevin Carroll Group from 2007 to the present. Mr. Carroll provides consulting advice to information technology companies on Federal Government acquisitions, with key focus on the Department of Defense, Veteran Administration and Army procurements. Previously he was the Army Program Executive Officer, Enterprise Information Systems (PEO EIS), responsible for the program management of the DOD and Army business and combat service support systems, as well as related Army communication and computer infrastructure. Mr. Carroll has over 30 years in government service, primarily in leading Army information technology procurement and contracting organizations.


    •    Rhett A. Hernandez, LTG, Retired,who served nearly 40 years in the United States Army as a Commander, Senior Staff Officer and Strategist, focusing on combat operations and cyber security. His last active duty assignment was as the first Commander of Army Cyber Command, where he was responsible for the daily operations, defense and risk management of all Army networks. Mr. Hernandez also served in numerous command and key staff assignments, including Deputy Chief of Staff for Army Operations, Commander Human Resources Command and Operations Division, and senior military advisor to Ambassador Saudi Arabia. He currently serves as the West Point Cyber Chair to the Army Cyber Institute and as President, CyberLens, LLC, which focuses on leadership, strategic planning, and risk management.


    •    Cindy E. Moran, a highly regarded expert within the defense information systems field having spent nearly 30 years working for the DoD with communications networks. Ms. Moran is currently the President and managing partner for Pikes Way LLC, an IT consulting firm specializing in strategic planning and management in the telecommunications sector. Her post government experience has her serving as a director on public and private boards. She previously served as the Director for Network Services, Defense Information Systems Agency (DISA), where her responsibilities included systems management of all DISA terrestrial and satellite communications networks supporting the DoD Information Network (DODIN). Ms. Moran has held multiple positions in support of DoD information technology systems, including hands-on network and system administration roles.
"The BlackRidge Government Advisory Board appointees bring extensive experience and strategic insights to BlackRidge, to help us advance the company as a trusted provider of world-class cyber security solutions to public sector customers," said Bob Graham, Chairman and CEO of BlackRidge Technology. "We look forward to working with these outstanding individuals who are proven leaders and have extensive backgrounds in building and securing highly sensitive networks."


About BlackRidge Technology


BlackRidge Technology provides an adaptive cyber defense solution that enables our customers to deliver more secure and resilient business services in today's rapidly evolving technology and cyber threat environments. The BlackRidge Adaptive Trust solution provides end-to-end security that proactively isolates cloud services, protects servers and segments networks. Our patented First Packet Authentication™ technology authenticates user and device identity and enforces security policy on the first packet of network sessions. This new level of real-time protection blocks or redirects unidentified and unauthorized traffic to stop attacks and unauthorized access. BlackRidge was founded in 2010 to commercialize its military grade and patented network security technology. For more information, visit www.blackridge.us.

ASRC Federal Subsidiary Awarded $428 Million DHS Contract

BELTSVILLE, Md., Jan. 16, 2018 -- The Science and Technology Directorate (S&T) of the United States Department of Homeland Security (DHS), has awarded ASRC Federal Field Services the Plum Island Animal Disease Center (PIADC), Center-Wide Support Program (CWSP) contract to manage, operate and maintain the Center's infrastructure and scientific support activities. The multiple-year contract has a potential value of $428 million.

In addition to supporting PIADC operations, ASRC Federal Field Services will assist with the eventual transition of the Center's animal disease research and training missions to the new National Bio and Agro-Defense Facility (NBAF) under construction in Manhattan, Kan.

"For more than a decade we have had the privilege of supporting the DHS mission at Plum Island, and our team looks forward to continuing a successful partnership," said Mark Gray, ASRC Federal president and CEO. "The training and research conducted at Plum Island are vital to protecting our country's livestock. We appreciate the trust the customer continues to have in us to help them support this important mission."

PIADC consists of 49 buildings on 840 acres, maintaining a staff of nearly 400 employees who provide a host of high-impact, indispensable preparedness and response capabilities, including vaccine R&D, diagnostics, training, and bioforensics.

About ASRC Federal
ASRC Federal comprises a family of companies that deliver engineering, information technology, infrastructure support, professional and technical services to U.S. civil, defense, and intelligence agencies. ASRC Federal companies have employees in over 40 states across the U.S. focused on providing reliable, cost-efficient services that help government customers achieve mission success. Headquartered in Beltsville, Md., ASRC Federal is a wholly owned subsidiary of Arctic Slope Regional Corporation. For more information, please visit: www.asrcfederal.com

HID Global to Collaborate with ThreatMark on its New Cyber Threat Solutions for Banking and Finance Sectors

ID Global®, a worldwide leader in trusted identity solutions, today announced that it has signed a collaboration agreement with ThreatMark, a threat and fraud detection technology company, to develop new capabilities that will enhance the ability of financial institutions to detect cyber threats, such as malware, application hacking, phishing, account takeover, identity theft and fraudulent transactions. 

HID’s expertise in Identity & Access Management (IAM) includes multi-factor authentication, credential management system software and identity verification capabilities in complex environments. HID’s capabilities complement ThreatMark’s expertise in cyber-criminal detection and fraud prevention. The two companies will work together to extend threat and fraud detection in order to meet today’s ever-increasing risk from cyber attacks. 

“With cyber threats continuously evolving, HID Global is committed to advancing and extending our threat detection capabilities,” said Martin Ladstaetter, Vice President Products for IAM Solutions at HID Global. “Working with ThreatMark not only provides a partnership with a very successful company with domain know-how, but it also gives us visibility into an even broader attack surface that needs to be addressed, ensuring that we are staying ahead of cyber threats today and in the future.”

“Collaborating with HID gives ThreatMark the opportunity to combine our expertise to improve the overall security ecosystem through threat and fraud detection,” said Michal Tresner, CEO ThreatMark. “ThreatMark has differentiated itself by providing innovative deep behavioral profiling  technology that, together with advanced analytics, can help to understand how cyber-criminal work. Collaboration with companies like HID Global allow us to broaden our reach and develop better integrated solutions.”   

HID Global provides the broadest range of market-leading IAM solutions as the only company that can truly deliver a converged physical and logical identity management solution for high assurance and multi-factor authentication. ThreatMark’s solution integrated with HID Global’s portfolio for securing both consumer and employee transactions in banking and finance will greatly enhance security while maintaining a frictionless user experience that is important to the banking industry.

 

About HID Global

HID Global powers the trusted identities of the world’s people, places and things.  We make it possible for people to transact safely, work productively and travel freely. Our trusted identity solutions give people convenient access to physical and digital places and connect things that can be identified, verified and tracked digitally. Millions of people around the world use HID products and services to navigate their everyday lives, and over 2 billion things are connected through HID technology. We work with governments, educational institutions, hospitals, financial institutions, industrial businesses and some of the most innovative companies on the planet. Headquartered in Austin, Texas, HID Global has over 3,000 employees worldwide and operates international offices that support more than 100 countries. HID Global® is an ASSA ABLOY Group brand. For more information, visit www.hidglobal.com

 

About ThreatMark

ThreatMark is highly specialized research and development laboratory combining hacker level security know how with latest machine learning technology to combat cyber threats and online fraud. ThreatMark’s research into malware detection, artificial intelligence and behavioral biometry, is applied into the production environment of global banks, lending and payment providers and other online businesses that trust ThreatMark during their everyday operation.

ThreatMark solutions are designed to address the weakest link in security – the human factor. By monitoring subtle changes of the complex human behavior during their online business interactions even the stealthiest cyber-attack or fraud attempt can be identified and mitigated in the real-time. To learn more please visit www.threatmark.com

# # #

DHS, DOJ Report: Three Out of Four Individuals Convicted Of International Terrorism and Terrorism-Related Offenses Were Foreign-Born

WASHINGTON – On January 16, 2018, the Department of Homeland Security (DHS) and the Department of Justice (DOJ) released a report revealing that three out of every four, or 402, individuals convicted of international terrorism-related charges in U.S. federal courts between September 11, 2001, and December 31, 2016 were foreign-born. Over the same period, U.S. Immigration and Customs Enforcement removed approximately 1,716 aliens with national security concerns. Further, in 2017 alone DHS had 2,554 encounters with individuals on the terrorist watch list (also known as the FBI’s Terrorist Screening Database) traveling to the United States.

This report was prescribed by Executive Order 13780, Protecting the Nation from Foreign Terrorist Entry into the United States, which declared that “it is the policy of the United States to protect its citizens from terrorist attacks, including those committed by foreign nationals,” and directed a series of actions to enhance the security of the American people.

The actions directed by Executive Order 13780 have—among other things—raised the baseline for the vetting and screening of foreign nationals, improved our ability to prevent the entry of malicious actors, and enhanced the security of the American people.

“My top priority as Secretary of Homeland Security is to ensure the safety and security of the American people,” said Secretary Nielsen. “This report is a clear reminder of why we cannot continue to rely on immigration policy based on pre-9/11 thinking that leaves us woefully vulnerable to foreign-born terrorists, and why we must examine our visa laws and continue to intensify screening and vetting of individuals traveling to the United States to prevent terrorists, criminals, and other dangerous individuals from reaching our country. Without legislative change DHS will continue to see thousands of terrorists a year attempt to enter the United States, and while we must be right every time, the terrorists only need to be lucky once. Therefore, DHS has personnel deployed around the world and along our borders working with our global and domestic law enforcement partners to stop terrorists before they enter the homeland.” 

“This report reveals an indisputable sobering reality—our immigration system has undermined our national security and public safety,” said Attorney General Sessions.  “And the information in this report is only the tip of the iceberg: we currently have terrorism-related investigations against thousands of people in the United States, including hundreds of people who came here as refugees.  Our law enforcement professionals do amazing work, but it is simply not reasonable to keep asking them to risk their lives to enforce the law while we admit thousands every year without sufficient knowledge about their backgrounds.  The pillars of President Trump’s immigration policy—securing our porous borders, moving to a merit-based immigration system that ends the use of diversity visas and chain migration, and enforcing our nation’s laws—will make their jobs easier and make the United States a safer place.”

The report reveals that at least 549 individuals were convicted of international terrorism-related charges in U.S. federal courts between September 11, 2001, and December 31, 2016.  An analysis conducted by DHS determined that approximately 73 percent (402 of these 549 individuals) were foreign-born.  Breaking down the 549 individuals by citizenship status at the time of their respective convictions reveals that:

  • 254 were not U.S. citizens;
  • 148 were foreign-born, naturalized and received U.S. citizenship; and,
  • 147 were U.S. citizens by birth.

According to information available to U.S. Immigration and Customs Enforcement (ICE), since September 11, 2001, there were approximately 1,716 removals of aliens with national security concerns. 

As mentioned above, in FY 2017, DHS encountered 2,554 individuals on the terrorist watchlist (also known as the FBI’s Terrorist Screening Database) traveling to the United States. Of those individuals, 335 were attempting to enter by land, 2,170 were attempting to enter by air, and 49 were attempting to enter by sea. Where consistent with the law, such individuals are denied entry into the United States, while in some cases law enforcement authorities are notified and can take appropriate action.

From October 1, 2011, to September 30, 2017, a total of 355,345 non-U.S. citizen offenders, were administratively arrested after previously being convicted of an aggravated felony, as defined in 8 U.S.C. § 1101(a)(43), or two or more crimes each punishable by more than one year (felony offenses).  During that same period, a total of 372,098 non-U.S. citizen offenders were removed from the United States after conviction of an aggravated felony or two or more felonies. 

Data from U.S. Citizenship and Immigration Services’ Fraud Detection and National Security Directorate shows that between 2007 and 2017, USCIS referred 45,858 foreign nationals who applied for immigration benefits to ICE for criminal or civil enforcement action, based on information indicating that such foreign nationals had committed egregious public safety-related offenses within the United States.

Between FY 2010 and FY 2016, CBP identified and prevented the boarding of 73,261 foreign travelers on flights destined for the United States, who may have presented an immigration or security risk.

In October, the Trump Administration sent to Congress a list of legislative priorities that would enhance our national security—such as eliminating the diversity visa lottery and extended family chain migration, funding the wall, closing loopholes in our asylum system, combatting visa overstays, and closing other loopholes in existing law that potentially benefit aliens who pose threats to our national security.

Background on the Executive Order

Section 11 of Executive Order requires the Secretary of Homeland Security, in consultation with the Attorney General, to collect and make publicly available the following information:

  1. Information regarding the number of foreign nationals in the United States who have been charged with terrorism-related offenses while in the United States; convicted of terrorism-related offenses while in the United States; or removed from the United States based on terrorism-related activity, affiliation with or provision of material support to a terrorism-related organization, or any other national-security-related reasons;
  2. Information regarding the number of foreign nationals in the United States who have been radicalized after entry into the United States and who have engaged in terrorism-related acts, or who have provided material support to terrorism-related organizations in countries that pose a threat to the United States;
  3. Information regarding the number and types of acts of gender-based violence against women, including so-called “honor killings,” in the United States by foreign nationals; and,
  4. Any other information relevant to public safety and security as determined by the Secretary of Homeland Security or the Attorney General, including information on the immigration status of foreign nationals charged with major offenses.

The link to the report is available HERE.

Block MEMS Awarded Phase II of $10.7 Million IARPA Contract to Detect Explosives and other Threats

Block MEMS, LLC (Block) has been awarded Phase II of the Intelligence Advanced Research Programs Activity (IARPA) Program for the standoff detection of explosives and toxic chemical threats. Block was chosen for Phase II in a competitive down-selection process.
Under Phase I, Block successfully demonstrated the ability to detect trace quantities of explosives and other threats on multiple surfaces at 1 and 5 meter standoff distances in a few seconds.
A critical achievement under Phase I has been the development of a benchtop system based on quantum cascade lasers and an innovative chemical detection algorithm. The algorithm combines powerful data processing techniques, simulations of light/material interactions, and modeling of anticipated detected signatures in order to eliminate the effect of clutter, reduce false alarm rates, and improve limits of detection.
The IARPA program is called "Standoff Illuminator for Measuring Absorbance and Reflectance Infrared Light Signatures" (SILMARILS). The contract value of the program is now at $10.7 Million. The program is managed by the U.S. Air Force Research Laboratory at Wright-Patterson Air Force Base, Ohio.
Dr. Anish Goyal, Block's VP of Technology and Principal Investigator of the SILMARILS Program at Block, commented, "I am very pleased to receive the second Phase of the SILMARILS Program. The achievements of the previous Phase have taken a significant step towards the ultimate goal of the SILMARILS Program to be able to detect explosives and other chemicals at standoff distances of 30 and 50 meters. The ability to not only detect Chemical Warfare Agents (CWAs), but Explosives and Pharmaceutical Based Agents (such as Fentanyl) as well at these standoff distances is addressing a strong need within the Intelligence Community, the Defense Department and the Department of Homeland Security."
Dr. Petros Kotidis, Block's CEO added, "We are honored to receive this award and I am very proud of the accomplishment of the Block team under the SILMARILS Program. The technology being developed under this program has far reaching applications within the Security Markets, as it will eventually enable the highly sought-after capability of Standoff Detection of trace chemical threats. Ranging from protection of soft targets against explosive terrorist attacks and faster check-in lines at transportation terminals and airports, to detection of Chemical Warfare Agents (CAWs) and better surveying of contaminated ground and surfaces, the SILMARILS capability will revolutionize the field of chemical security."

Privacy Incident Involving DHS Office of Inspector General Case Management System

On January 3, 2018, select DHS employees received notification letters that they may have been impacted by a privacy incident related to the DHS Office of Inspector General (OIG) Case Management System.  The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized unauthorized transfer of data.

 

Message Received by Affected DHS Employees
This message is to inform you of a privacy incident involving a database used by the Department of Homeland Security’s (DHS) Office of the Inspector General (OIG).  You may have been impacted by this privacy incident if you were employed by DHS in 2014, or if you were associated with a DHS OIG investigation from 2002 through 2014.


On May 10, 2017, as part of an ongoing criminal investigation being conducted by DHS OIG and the U.S. Attorney’s Office, DHS OIG discovered an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee.


This privacy incident involved the release of personally identifiable information (PII) contained in the DHS OIG case management system and affects two groups of individuals. The first group consists of approximately 247,167 current and former federal employees that were employed by DHS in 2014 (the “DHS Employee Data”).  The second group is comprised of individuals (i.e., subjects, witnesses, and complainants) associated with DHS OIG investigations from 2002 through 2014 (the “Investigative Data”).


The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized exfiltration.
All individuals potentially affected by this privacy incident are being offered 18 months of free credit monitoring and identity protection services. Notification letters were sent to all current and former employees who were potentially affected by the DHS Employee Data on December 18, 2017.  Due to technological limitations, DHS is unable to provide direct notice to the individuals affected by the Investigative Data. Therefore, if you were associated with a DHS OIG investigation from 2002 through 2014, you may contact AllClear ID at (855) 260-2767 for information on credit monitoring and identity protections services.


The Department of Homeland Security takes very seriously the obligation to serve the Department’s employees and is committed to protecting the information in which they are entrusted. Please be assured that we will make every effort to ensure this does not happen again.  DHS is implementing additional security precautions to limit which individuals have access to this information and will better identify unusual access patterns. We will continue to review our systems and practices in order to better secure data. DHS OIG has also implemented a number of security precautions to further secure the DHS OIG network.


We sincerely apologize for any inconvenience this may have caused.  See below for additional information you may find useful.
Sincerely,
Phillip S. Kaplan
Chief Privacy Officer
U.S. Department of Homeland Security

Pages

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...