Signals & Space Monthly Briefing

January 2021

Prepared by the CyberWire (Monday, January 4, 2021) At a glance. US Government agencies and companies come to grips with a massive Russian cyberespionage campaign. Responding to Solorigate. Developments in satellite technology. Space Force continues to find its place in the Department of Defense and the Intelligence Community. Space Force works toward building a Service culture. The SVR scores a major espionage success against the US. On December 13th security company FireEye disclosed its discovery of a major cyberespionage campaign that centered on exploitation of the software supply chain for SolarWinds' widely used Orion network management platform. Early reports suggested that the threat actors gained access to FireEye's red-teaming tools and were able to appropriate them for their own use, although no exploitation of those tools had been seen in the wild. The campaign was soon determined to extend far beyond FireEye, and that FireEye deserved some credit for both its vigilance and prompt disclosure. SolarWinds soon thereafter acknowledged that it had become apprised of "a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020." This would appear to be the source of the FireEye breach, which is now known to have not been confined to FireEye. The attack involved the introduction of a backdoor into the Orion Platform. That backdoor was subsequently propagated in the form of a software update that contained the malware. The potential risk may be very widespread: SolarWinds' customers include large corporations, government agencies, and military services. The Washington Post reports that five major US agencies—the Departments of State, Homeland Security, Commerce, and the Treasury, and the National Institutes of Health—are now known to have been affected. It's worth noting that a supply chain attack can be notoriously difficult to contain. The New York Times reports that "parts of the Pentagon" were compromised, though the extent is still unclear. A Pentagon spokesman told the Times, "The D.O.D. is aware of the reports and is currently assessing the impact." The effects may well be international, too. The Telegraph reports that GCHQ is investigating the potential impact of the incident on the UK. The risk is complex: there is, of course, the risk that sensitive information British agencies may have shared with their US counterparts could have been compromised, or that Cozy Bear might have succeeded in executing a trans-Atlantic pivot. But the principal risk is more immediate and direct: SolarWinds' customers in the UK include the Ministry of Defence, the Cabinet Office, GCHQ, and other government organizations.  FireEye calls the backdoor "Sunburst." Microsoft's Security Response Center has a detailed account of how the malware functions; Redmond has called the complex attack "Solorigate." Both FireEye and Microsoft have upgraded their security products to include measures for detecting and protecting against the attack. The incident isn't confined entirely to SolarWinds. CISA updated Alert (AA20-352A) to say that the SAML-abuse cyberespionage campaign wasn't confined to SolarWinds' Orion platform: "CISA has evidence that there are initial access vectors other than the SolarWinds Orion platform. Specifically, we are investigating incidents in which activity indicating abuse of SAML tokens consistent with this adversary's behavior is present, yet where impacted SolarWinds instances have not been identified. CISA is working to confirm initial access vectors and identify any changes to the TTPs." Russia's SVR foreign intelligence service appears to have been behind the campaign, the Wall Street Journal reports. The SVR has earned a reputation during operations against US campaigns in 2015 and 2016 for being quieter and less obtrusive than its GRU cousins. That seems to have been the case in the SolarWinds incident. FireEye has blogged that the threat actor's work was characterized by a: "Light malware footprint: Using limited malware to accomplish the mission while avoiding detection," "Prioritization of stealth: Going to significant lengths to observe and blend into normal network activity," and "High OPSEC: Patiently conducting reconnaissance, consistently covering their tracks, and using difficult-to-attribute tools." Moscow denies having done anything, and regrets, Reuters says, the US rejection of bilateral cooperation. Such calls for international cooperation, usually although this time not yet accompanied by good-citizen expressions of a desire to see and weigh the evidence, routinely accompany the Kremlin's protestations of innocence in such matters. The New York Times' review of the Solorigate affair puts the tally of affected networks, both government and corporate, at upwards of two-hundred-fifty. The campaign is thought to have succeeded, in part, because it was staged through servers in the US at a time when NSA and US Cyber Command were focused on election security and their own penetration of hostile infrastructure. The cyberespionage is unusually troubling because the persistence it established could amount to battlespace preparation for future destructive attacks. Microsoft last week updated its account of Solorigate, the large cyberespionage campaign generally attributed to Russia's SVR. Redmond says the threat actors gained access to several of the company's source code repositories. The intrusion is believed to have been limited to inspection of the code. Microsoft reports that it found no evidence that any code had been altered, that it's contained and remediated the infestations it found, and that the company's "assume breach" approach to security limited the damage. Whatever the SVR has obtained from its quiet, months-long shuffle through American networks (and NBC News, with good reason, calls the SVR's operation "close to a worst case scenario") it's likely to be large and serious. Not an act of war, probably, nor the long-predicted "cyber Pearl Harbor," but more serious than most espionage operations because of the campaign's potential as battlespace preparation. An op-ed by former US Homeland Security Advisor Thomas Bossert probably has it right in saying that the breach is "hard to overestimate." Bossert's assessment is worth quoting at some length: "The Russians have had access to a considerable number of important and sensitive networks for six to nine months. The Russian SVR will surely have used its access to further exploit and gain administrative control over the networks it considered priority targets. For those targets, the hackers will have long ago moved past their entry point, covered their tracks and gained what experts call 'persistent access,' meaning the ability to infiltrate and control networks in a way that is hard to detect or remove. "While the Russians did not have the time to gain complete control over every network they hacked, they most certainly did gain it over hundreds of them. It will take years to know for certain which networks the Russians control and which ones they just occupy. "The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated. But it is unclear what the Russians intend to do next. The access the Russians now enjoy could be used for far more than simply spying." Responding to Solorigate. In response to the incident, the US Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 21-01, outlining immediate steps Federal agencies should take to protect themselves from attacks exploiting the backdoor. The agency is particularly concerned to warn enterprises against the possibility of kerberoasting, an attack technique in which credentials are stolen from memory and then cracked offline. A joint statement yesterday from the US FBI, CISA, and ODNI says that the Government has invoked Presidential Policy Directive (PPD) 41 to establish a Cyber Unified Coordination Group to coordinate a whole-of-Government response to the Russian cyber operation that exploited SolarWinds' Orion platform. The FBI has the lead for threat response. It's investigating for purposes of attribution, pursuit, and disruption of the threat actors. It's presently doing so by engaging with "known and suspected victims." CISA, the Cyberspace and Infrastructure Security Agency, has the the lead for asset response activities. Emergency Directive 21-01 was its first step in helping contain and remediate the damage. The Office of the Director of National Intelligence is coordinating the Intelligence Community's collection and analysis of the incident. According to KrebsOnSecurity, FireEye, Microsoft, and GoDaddy cooperated on a response to the SolarWinds compromise by establishing a killswitch to disable Sunburst backdoor instances still beaconing to their original domain. As FireEye said in widely quoted statement, "this actor moved quickly to establish additional persistent mechanisms to access...victim networks beyond the SUNBURST backdoor," so the killswitch, while a welcome contribution, is very far from representing a thorough remediation, and the three companies understand that. BleepingComputer has a summary of what's publicly available so far. The participants have been tight-lipped about the details. ZDNet reports that Microsoft has seized and sinkholed the domain that served as a command-and-control server for the malware used in the operation. Microsoft Defender also began blocking known malicious SolarWinds versions: the company states that it "will quarantine the binary even if the process is running." In a security advisory, SolarWinds urges its customers to "upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible." CISA has reviewed the fixes and directed all Federal organizations to upgrade their SolarWinds Orion instances to version 2020.2.1. Mopping up after the SVR's cyberespionage campaign will be arduous. SecurityWeek quotes Bruce Schneier to the effect that the only way to ensure a network is secure after this kind of breach is "to burn it down to the ground and rebuild it." "It's going to take a lot of digging, " a US Defense Department source told C4ISRNet, and TechCrunch is even glummer. To its headline question, "Just how bad is that hack that hit US government agencies?" TechCrunch answers in the lede as follows: "Spoiler: It's a nightmare scenario." And that indeed seems to be the consensus. All Defense contractors should take Solorigate into account as they prepare their Cybersecurity Maturity Model Certification (CMMC). C4ISRNet describes how the Department of Defense program is shaping up. It also has an account of how some companies are approaching the challenge. Forbes sees the incident as more reason for greater involvement in security on the part of corporate boards and (especially) the boards' audit committees; ThinkAdvisor extends that advice to advisory bodies. And Lexblog offers a useful short list of immediate action: "Mirror impacted systems to preserve forensic data for further investigation "Deactivate the platform "Retain the services of a firm with expertise in cyberthreat hunting to actively look for anomalies in the business' systems and networks "Change all passwords and account credentials "Implement multifactor authentication "For firms currently using 128-bit encryption, upgrade to 256-bit encryption "To the extent that the Orion Platform was part of an entity's cyber risk management strategy, alternative processes and procedures should be implemented." Developments in satellite technology. Space Force intends to expand its partnership with commercial satellite companies, Breaking Defense reports, adding that the 2021 NDAA expresses a Congressional desire that the Service significantly and rapidly expand its use of commercial tracking services. According to C4ISRNet, Lockheed Martin has prepared the fifth geosynchronous Space Based Infrared System satellite (SBIRS GEO-5) for 2021 launch. Via Satellite reports that SBIRS GEO-6 should be ready to fly in 2022. The fourth GPS-III satellite, which was carried into orbit on November 5th aboard a SpaceX Falcon 9, has achieved operational acceptance by US Space Force. C4ISRNet says that the satellite reached that goal ten days faster than any of its predecessors, a tribute to an expedited evaluation process. C4ISRNet also reports that Space Force officially took control of the sixth and final Advanced Extremely High Frequency (AEHF) satellite in December.The 4th Space Operations Squadron has operational control of the satellite and its integrated into the AEHF constellation, successor to the old MILSTAR system. Space Force continues to find its place in the Department of Defense and the Intelligence Community. President Trump has issued a National Space Policy that seeks to lend a degree of permanence to his Administration's approach to space matters. The creation of Space Force is of course the centerpiece of the outgoing Administration's policy. Some had thought that Space Force would prove ephemeral, a readily dismissed artifact of the outgoing Administration. But that now seems unlikely in the extreme, as both TheHill and the Washington Examiner conclude. Recent organizational developments continue to solidity the new Service's place in both the Department of Defense and the Intelligence Community. In December Space Force chief General Raymond became the eighth member of the Joint Chiefs of Staff. UPI reports that he joins the Chair, the Vice Chair, the Army Chief of Staff, the Commandant of the Marine Corps, the Chief of Naval operations, the Air Force Chief of Staff, and the Chief of the National Guard Bureau on the JCS. General Raymond characterized the move as follows: "By establishing the U.S. Space Force and having the chief of space operations become a member of the Joint Chiefs of Staff, it demonstrates that our nation recognizes the critical role Space Force plays in national security." Another move that consolidates Space Force's position is its addition to the Intelligence Community. While details are being worked out, Space Force will become the eighteenth member of the IC, according to Federal News Network. Space Force: a retrospective on a year of building a Service culture. As 2020 drew to a close, Space Force took several steps toward shaping its culture. Here are a few of those steps. Semper supra, Custodes (whatever you've decided to call yourselves, Guardians, we're with you...) . In the first step toward developing that rank structure, Space Force has decided (and C4ISRNet says the Service carefully considered suggestions from the ranks as well as from interested outsiders) on its equivalent of "Soldier," "Sailor," "Marine," and "Airman." They'll be "Guardians." On December 18th Space Force explained its choice via Twitter: "Today, after a yearlong process that produced hundreds of submissions and research involving space professionals and members of the general public, we can finally share with you the name by which we will be known: Guardians. The opportunity to name a force is a momentous responsibility. Guardians is a name with a long history in space operations, tracing back to the original command motto of Air Force Space Command in 1983, 'Guardians of the High Frontier.' The name Guardians connects our proud heritage and culture to the important mission we execute 24/7, protecting the people and interest of the U.S. and its allies." The reaction of the Twitterverse was predictably mixed, the mixture as usual made worse by constraint to the character-limited zinger, the genre that shapes expression of thought in that medium. (The thoughts we quote above, for example, took the Guardians three whole Tweets to complete. They added a fourth, a zesty "Semper supra!" as a kind of hoo-wah coda to the initial thread.) The ranks for the Guardians remain to be determined. The most recent version of the National Defense Authorization Act gave Space Force leave to pick its own rank structure. The bill contents itself with offering some strong encouragement that Space Force consider "all the military services['] historic rank structures," Military.com reports. So, sorry, Mr. Shatner, but Congress won't require Navy ranks So let's review the roads not taken. We know General Raymond had long ruled out "Spaceman," which sort of struck us as both hasty and peremptory, but that hadn't excluded other good options. We confess we'd been hoping for "Spacewoman," "Spacewoman First Class," and so on (because if "Airman" why not "Airwoman?") with some occupation-based ranks like "Spaceship Rigger Second Class" introduced at the right place. For officer ranks, revive "Cornet," perhaps "Orbital Cornet," and then mix them up from air and naval inspirations: "Sky Commodore" and Robert Heinlein's "Sky Marshall" could be up near the top. General Raymond could become Sky Chief Marshall Raymond. And, following Heinlein again, they could have chosen "Trooper" as the generic name for those in the ranks. Maybe the Ferengi rank DaiMon could find a place, too? There's also the possibility of reviving ancient or medieval ranks. "Legionnaire" is now clearly out, although we hope it might be picked up by any future Armeé de l'Espace that France might choose to establish, but what could be more historic than Centurion? (Maybe an E-8, Centurions having been as much top kicks as they were company commanders.) Or moving about a millennium closer to nowadays, how about Vintener (leader of twenty longbowmen; say an O-1), Centenar (who pushed a hundred archers, obviously an O-3), or Millenar (a thousand-archer leader, perhaps an O-4 or O-5). All suitably modifiable, of course, with "Space," "Sky," or perhaps "Orbital," although that last might be too limiting for a Service whose domain is after all cislunar and beyond. We admit our preferred rank structure is unlikely in the extreme to be adopted, but if one's reach didn't exceed one's grasp, what would the heavens be for? Well, "Guardians" it will be, but that's just a baseline, and the specific rank and rating structure remains to be filled out. We can still hope for ratings like "Solar Panel Jack" or "Able Bodied Spacewoman," right, Chief Sky Marshall? Semper supra, we say. And, Space Force? You're welcome. Uniforms and music. More culture is coming soon: Military.com reports, inter alia, that the Service will get a distinctive uniform sometime in 2021, and an Air Force band is working on an official Space Force song. (The official song is unlikely to be Kokomo.) Designs that purport to show concepts for the new uniforms have been circulating through social media. The general look is vaguely 1930-ish, a bit like the uniforms sported by the New Jersey State Police. Task & Purpose reassuringly pooh-poohs the sketches as unofficial, apparently traceable to a nameless Guardian's labor-of-love on Reddit. "The uniform graphic being shared on social media is not an official U.S. Space Force uniform design concept," a Space Force spokesman told Task & Purpose, adding, "The Space Force service dress uniform is still in development." Challenge coins are low-hanging cultural fruit... In an unrelated note on emerging Space Force culture, Task & Purpose finds much to dislike about the new Service's challenge coin, which it derides as looking "like tokens you'd spend at Chuck E. Cheese." That seems harsh, but in truth the pictures it publishes of the coin make it look a little sparse and almost derivative, like a casual Roddenberrian knock-off, circa 1968, the sort of thing a visiting Star Fleet Admiral might give a red-shirted ensign just before Ensign Red Shirt beamed down to get the schnitz from the Gorm. Challenge coins, should you be unfamiliar with them, have become an American military custom, handed out on the spot by visiting V.I.P.s like Sky Marshals and Cislunar Millenars in a gesture of approval, appreciation, or inspiration. Our favorite challenge coin was a wooden nickel once handed out by the 3rd Armored Division's combat aviation brigade, which promised redemption in the form of "One tank destroyed or one helicopter ride." Think along those lines, Sky Chief Marshall. (But Task & Purpose has buried the lede: the real story here is that its readers share Chuck E. Cheese as one of their cultural touchstones. Know your audience.) ...but remember, creating a culture is harder than it looks. Look: it's easy to have fun at the expense of any new organization, especially a newly fledged military service. Service culture is tough to create, and much inherited culture comes along with the novel. We've of course enjoyed watching Space Force come up with the ranks, structures, insignia, and so on that any Service probably must have, but we'd be sorry if this affectionate observation of the youngest American Service's first steps should be misinterpreted as mockery or disrespect. Neither are intended, and we wish Space Force and all of its Guardians nothing but success, appreciation, and honor in what we hope will be the annus mirabilis of 2021. (And we're sure we're with Mr. Shatner in doing so.) Happy new year, Space Force, and above all, semper supra. [3299]   Today's edition of the CyberWire reports events affecting China, Japan, Russia, and the United States. Selected Reading Attacks, Threats, and Vulnerabilities (26) Security Patches, Mitigations, and Software Updates (1) Trends (2) Marketplace (22) Products, Services, and Solutions (16) Technologies, Techniques, and Standards (22) Design and Innovation (9) Research and Development (18) Academia (1) Legislation, Policy, and Regulation (44) Litigation, Investigation, and Law Enforcement (4) Attacks, Threats, and Vulnerabilities Wide-reaching hack has defense firms on their toes (C4ISRNET) Some major defense contractors use the compromised software at the center of the breach, but figuring out whether hackers got inside their systems will be difficult and time-consuming. National security is the defense industrial base's responsibility too (Defense News) Contractors must embrace an unwavering commitment to implement security controls to effectively defend their IT infrastructures, a cybersecurity expert advises. Next-Generation Program Protection: The Next Federal Cybersecurity Challenge (Nextgov) As the government aims to buy more innovative products, we must make critical advancements in program protection. How Russia's 'Info Warrior' Hackers Let Kremlin Play Geopolitics on the Cheap (Wall Street Journal) Moscow, with its growing cyber capabilities, appears undeterred by Western sanctions and other countermeasures. Emergency Directive 21-01 (CISA) A site for cybersecurity directives and implementation guidance, from the Cybersecurity and Infrastructure Security Agency. DHS orders federal agencies to update SolarWinds Orion platform (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek) News coverage of the SolarWinds supply-chain attacks and useful security resources, including analysis and indicators of compromise (IOC). Microsoft Says Russian Hackers Viewed Some of Its Source Code (New York Times) The hackers gained more access than the company previously understood, though they were unable to modify code or get into its products and emails. Cyber attack on U.S. government may have started earlier than initially thought - U.S. senator (Reuters) The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said on Wednesday. SolarWinds Attribution: Are We Getting Ahead of Ourselves? (Recorded Future) SolarWinds breach attribution — are we getting ahead of ourselves by assuming it's Russia? John Wetzel takes a contrarian view in this blog. SolarWinds: What the Intelligence Tells Us (Recorded Future) Recorded Future's David SooHoo provides a brief recap of the first five days following disclosure of the SolarWinds attack incident. SolarWinds Hack Infected Critical Infrastructure, Including Power Industry (The Intercept) The companies involved used compromised software, but it's not clear if hackers entered their networks. Finding out could be difficult. New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds (SecurityWeek) A piece of malware named Supernova and a zero-day vulnerability exploited to deliver this malware indicate that SolarWinds may have been targeted by a second, unrelated threat actor. How Can the U.S. Rebuild After Shocking Series of Cyber Breaches (The Cipher Brief) President-Elect Joe Biden's incoming national security adviser Jake Sullivan told NPR this week that the Defense Department hasn't granted a meeting to the Biden transition team since Dec. 18. That – Sullivan tells NPR – is complicating the ability of the incoming administration of being read-in on the current administration's response to what experts are … Continue reading "How Can the U.S. Rebuild After Shocking Series of Cyber Breaches" Actionable Threat Intelligence Available for Sunburst Cyber Attacks on SolarWinds (Anomali) On Dec. 13, FireEye published a detailed analysis about the attack carried out against SolarWinds, which appears to have compromised its Orion IT monitoring and management platform to spread the Sunburst Backdoor malware. The Russians Have Issued a Wake Up Call (The Cipher Brief) Weeks after a massive cyber breach of U.S. government agencies and private sector companies was publicly announced, there is still not a clear response from the administration on who is responsible and what will be done about it. While the government has yet to officially name the nation-state that is believed to be behind the … Continue reading "The Russians Have Issued a Wake Up Call" Everybody Spies in Cyberspace. The U.S. Must Plan Accordingly. (The Atlantic) Because all countries engage in espionage, intrusions like Russia's latest data hack are devilishly hard to deter.   Russia's global hacking efforts are going to unwind in 2021 (WIRED UK) "Skirmishes in cyberspace will intensify in 2021 with pre-planned ambushes on the side of the attackers" SolarStorm Timeline: Details of the Software Supply-Chain Attack (Unit42) The SolarStorm timeline summarized here is based on the information available to us and our direct experience defending against this threat. CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity (CISA) CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. If left unchecked, this threat actor has the resources, patience, and expertise to resist eviction from compromised networks and continue to hold affected organizations at risk. Congress Fears DoD Not Prepared For NC3 Cyber Attacks (Breaking Defense) NC3 is "the last line of communication capabilities and associated equipment that we know will always be there during our worst day," explains Air Force Lt. Gen. James Dawkins, deputy CSAF for strategic deterrence and nuclear integration. Putin: Arms race with US 'has already begun' (Washington Examiner) An arms race between Washington and Moscow "has already begun," according to Russian President Vladimir Putin. 'Very difficult to defend': What happens if hackers are inside the Pentagon's networks? (Marine Corps Times) Suspected Russian hackers' ability to burrow into Pentagon networks through lateral movement after the SolarWinds breach poses tremendous challenges for the department. The Sunburst hack was massive and devastating – 5 observations from a cybersecurity expert (The Conversation) Cyberwarfare is more like cancer than bombs and bullets. Cybersecurity experts are just beginning to make their diagnosis of the Sunburst hack. Op-ed: What nobody else will say about the new cybersecurity crisis (CNBC) The culprit is said to be Russia, but equal responsibility lies much closer to home. North Korea ICBM test likely next year, think tank says (UPI) North Korea could test an intercontinental ballistic missile between now and March to challenge the administration of U.S. President-elect Joe Biden and increase Pyongyang's bargaining power, a think tank said. Security Patches, Mitigations, and Software Updates SolarWinds releases updated advisory for new SUPERNOVA malware (BleepingComputer) SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. Trends Study: U.S. Military Communications Technology and Cyber Defense Challenges Remain (PR Newswire) Despite the Department of Defense (DoD) making strategic moves to improve its communications technologies, a new study finds challenges still... Drones Are Destabilizing Global Politics (Foreign Affairs) Simple Vehicles Make Conflict Tempting and Cheap Marketplace DISA Opens For Bids On $11.7B Defense Enclave Services (Breaking Defense) Defense Enclave Services will "establish the modern infrastructure foundation and united frame of thought needed to deliver cohesive combat support capabilities to the warfighter." Lockheed Martin to acquire Aerojet Rocketdyne for $4.4 billion (Washington Post) The deal is expected to close in the second half of 2021 Lockheed To Vertically Integrate Space, Rocket Work With AJR Buy | Aviation Week Network (Aviation Week) Lockheed Martin's proposed $4.4 billion cash takeover of aerospace and defense propulsion stalwart Aerojet Rocketdyne– already a key supplier– fits well within Lockheed and will secure the Pentagon's leading contractor as a hypersonics, rocket and military space leader for decades to come. Northrop Grumman Invests in Deepwave Digital's AI (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) is set to begin collaborating and investing in Deepwave Digital, to support research, development and integration of artificial intelligence (AI) technologies. This... How Northrop's tech scouting led them to this AI startup (Washington Technology) Like all defense companies, Northrop Grumman is on the hunt for technologies outside of its own industry that could be beneficial to themselves and their customers. Here's how that search led Northrop to invest some equity in a Philadelphia-based AI startup and how others can at least get on the radar. Northrop Grumman Named Large Company of the Year by SpaceNews (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) is being recognized for significant contributions to the global space industry in 2020. SpaceNews has honored Northrop Grumman with the Award for Excellence & Innovation as the Large... Northrop Grumman to Sell Federal IT and Mission Support Business to Veritas Capital for $3.4 Billion (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) and Veritas Capital, today announced that Peraton, an affiliate of Veritas, has signed a definitive agreement to acquire Northrop Grumman's federal IT and mission support... Peraton's 'transformative' deal to buy Northrop's IT business boosts both, experts say (Washington Business Journal) The anticipated divestiture hones Northrop's strategic priorities while tripling the size of Peraton. Altamira Announces $8.5M Space Mission Data Processing Award | WashingtonExec (WashingtonExec) U.S. Space Force's Space and Missile Systems Center has awarded Altamira Technologies a prototype project contract valued at $8.5 million for the Future Blue Canyon Technologies Announces Completion of Acquisition by Raytheon Technologies (BusinessWire) Leading small satellite manufacturer and mission services provider Blue Canyon Technologies ("BCT" or "Blue Canyon") announced today the completion of Raytheon Technologies secures $611.5M contract for CCSS from Air Force (NYSE:RTX) (SeekingAlpha) Raytheon Technologies (NYSE:RTX) has been awarded a ceiling of $611.5M, firm-fixed-price, cost-plus-fixed-fee, cost-reimbursable-no-fee, IDIQ contract for command and control switching systems ('CCSS').This contract provides electronic digital telecommunications system developed for military command and control. The CCSS is the key component of the Defense Red Switch Network, enabling secure and non-secure voice and data telecommunications at multiple levels, large scale voice conferencing capabilities and is inter-operable with other secure devices.Work to be performed at multiple government facilities and is expected to be completed by December 31, 2032.Shares +0.23% AH. Raytheon Technologies Board of Directors Authorizes $5 Billion Share Repurchase Program (PR Newswire) Raytheon Technologies' (NYSE: RTX) Board of Directors authorized today the repurchase of up to $5 billion of the company's outstanding common... Mercury Systems Completes Acquisition of Physical Optics Corporation (Mercury Systems, Inc.) The Investor Relations website contains information about Mercury Systems, Inc.'s business for stockholders, potential investors, and financial analysts. Mercury Systems Receives $14M Order for Digital Signal Processing Modules (GlobeNewswire) Mercury Systems Inc. (NASDAQ: MRCY, www.mrcy.com), a leader in trusted, secure mission-critical technologies for aerospace and defense, announced it received a $14 million order from a leading defense prime contractor for digital signal processing modules for deployment in a multi-mode tactical radar application. Is SpaceX versus China the only space race that matters? (Quartz) The pioneering space company is waiting for a competitor. SpaceX wins $150 million contract to launch Space Development Agency satellites (SpaceNews) SpaceX has been awarded a $150.4 million contract to launch as many as 28 satellites for the Pentagon's space agency. SpaceX's very big year: A 2020 filled with astronaut launches, Starship tests and more (Space.com) Elon Musk's company averaged one launch every two weeks in 2020. Counter-drone startup Epirus raises $70M, plans to hire 100 people (Defense News) Venture-backed startup Epirus has raised $70 million to speed its counter-drone technology to market. IoT startup Totum Labs raises $13M Series A funding to revolutionize global connectivity with a constellation of low with Earth Orbit (LEO) nanosatellites (Tech News | Startups News) Totum Labs, a San Diego, CA-based tech startup that is revolutionalizing wireless technology by enabling low-cost, global, indoor tracking and monitoring of billions of assets, today announced it has closed $13 million Series A funding to accelerate the deployment and commercialization of … Ligado investors should be scared of its future (Defense News) By now it shouldn't be any surprise that I oppose the decision by the Federal Communications Commission to approve Ligado Networks' application to repurpose low-band spectrum for a terrestrial commercial network that will interfere with GPS and satellite communications signals. NASA will buy moon dirt from these 4 companies (Space.com) NASA will pay a grand total of $25,001 for the cosmic samples. Space Force dominates online video game tournament in the name of veterans employment (Military Times) Competitive gamers from the U.S. and U.K. militaries competed in an annual tournament on Friday to benefit veterans employment. Products, Services, and Solutions Colorado Springs defense firm using gaming to train Space Force personnel (Colorado Springs Gazette) A Colorado Springs defense contractor wants to use a gaming-based training system it developed, with a name chosen from one of Star Trek's most feared villains, to prepare U.S. Space Airbus' five-meter reflector for radar satellites qualified by Europe (Intelligent Aerospace) After the fairing is released, the reflector will unfold like a flower – from 1.6 to five meters. NRO partners with SpaceX for final launch of 2020 (C4ISRNET) The National Reconnaissance Agency's sixth and final mission of 2020 launched aboard a SpaceX Falcon 9 rocket on Dec. 19. Capella Space unveils new high-resolution synthetic aperture radar imagery (C4ISRNET) The imagery is designed to meet the needs of government customers, including the U.S. military and intelligence community. NASA Makes Blue Origin Eligible to Launch Future Missions Without Crews (Wall Street Journal) Jeff Bezos and his company's New Glenn rocket, which hasn't yet flown, received the nod to potentially carry scientific payloads later this decade. Virgin Galactic's SpaceShipTwo suffers apparent abort in 1st launch from Spaceport America (Space.com) SpaceShipTwo and its two pilots landed safely after the abort. Virgin Galactic's stock price drops following failed spaceflight attempt (Ars Technica) "As we do with every test flight, we are evaluating all the data." NBN Co rolls out disaster satellite services (CRN Australia) Opens first facility in Canberra. General Dynamics Unveils Space & Avionics Tech Encryption Module (ExecutiveBiz) General Dynamics has introduced a cryptographic module the company designed to secure communications SpaceX's Starlink satellite network wins $885M in federal aid for rural broadband (GeekWire) SpaceX's Starlink satellite network has been awarded $885.5 million in federal subsidies to boost high-speed internet service to rural Americans. SpaceX's 1st upgraded Dragon cargo ship docks itself at space station with science, goodies and new airlock (Space.com) Its SpaceX's first-ever autonomous Dragon docking. SpaceX launches new cargo Dragon to Space Station for 100th successful Falcon 9 flight (Yahoo) SpaceX launched its 21st Commercial Resupply Services (CRS) mission for NASA to the International Space Station on Sunday, using a brand new variant of its Dragon capsule spacecraft. This new cargo Dragon has greater carrying capacity and can dock fully autonomously with the Space Station, both improvements over the last iteration. This is the first launch for this redesigned cargo Dragon, and also the first mission for SpaceX's new series of CRS missions under a renewed contract with NASA. SpaceX Launches—and Crashes—Its Starship Mars Rocket (Wired) The test flight didn't come close to the edge of space, but the prototype was a big step toward the rocket's first orbital mission. These 3 astronauts will launch SpaceX's Crew-3 mission to the International Space Station in 2021 (Space.com) A fourth crewmember will be named later. Astra reaches space during 2nd orbital test launch (Space.com) "HUGE SUCCESS!!!!!!!" Astra representatives tweeted today. Northrop Grumman Completes First Flight of Global Hawk Ground Station Modernization Program (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) successfully completed the first flight for the Global Hawk Ground Station Modernization Program (GSMP) at Edwards Air Force Base, Calif. earlier this month. Leveraging agile... Technologies, Techniques, and Standards Government cyber breach shows need for convergence (C4ISRNET) Keeping offensive and defensive cyber operations in silos results in exploitable weaknesses, according to three cyber experts. The SolarWinds Breach: What We Know Now and What Businesses Can Do to Protect Themselves (LexBlog) Earlier this month, we learned that the SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1*, released between March 2020 and June 2020, were compromised by an advanced persistent threat actor (or APT). The perpetrators of this sophisticated attack implanted a Trojan into a legitimate update to the Orion Platform that was [… ] 3 Ways to Step Up Cybersecurity in Wake of SolarWinds Breach (ThinkAdvisor) Use these events as a learning opportunity and strive to make [your] data more secure," says F2 Strategy's Scott Lamont. The SolarWinds Breach Reinforces Why Boards And Audit Committees Need More Tech Expertise (Forbes) Boards' ability to monitor cybersecurity is hampered by directors' experience, outdated committee charters and fragmented oversight. Five meaningful actions by boards, audit committees and executives can change that. Roper Says USAF's Software Factories Need Inside Defense Against Hacking (Air Force Magazine) USAF software factories are vulnerable to hack attacks like the SolarWinds incursion that compromised numerous U.S. agencies, including the Pentagon. Data Security Business Advisory (Department of Homeland Security) This Advisory describes the data-related risks American businesses face as a result of the actions of the People's Republic of China (PRC) and outlines steps that businesses can take to mitigate these risks. Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC, as well as with firms that have PRC citizens in key leadership and security-focused roles (together, "PRC firms"). Due to PRC legal regimes and known PRC data collection practices, this is particularly true for data service providers and data infrastructure. Airbus-built CSO-2 French Military Earth Observation Satellite Launched Successfully (Aviation Pros) Airbus-built CSO-2 (Composante spatiale optique) Earth observation satellites for the French Armed Forces, has been successfully launched on a Soyuz launcher from the Kourou European Spaceport in French Guyana. Operational planning simulation for defense against an attacking drone swarm (Help Net Security) A multi-year effort to develop an operational planning simulation for defense against an attacking drone swarm has been established. How NASA Scrambled to Save OSIRIS-REx From Leaky Disaster (Wired) The $800 million craft successfully collected precious asteroid material from a near-Earth asteroid. Then it started spilling regolith into space. Electromagnetic spectrum management tool coming next year (C4ISRNET) The solution will help commands strengthen battle plans to track and stop threats over the waves. New AI-Based Navigation Helps Loon's Balloons Hover in Place (Wired) Reinforcement learning might be the next step in keeping broadband-carrying balloons afloat above remote areas. Could Venus be next? The Space Force's next missile warning satellite is ready for a 2021 launch (C4ISRNET) The fifth geosynchronous satellite in the Space Based Infrared System constellation is officially complete and ready for its 2021 launch, according to the U.S. Space Force. Lockheed Martin's SBIRS GEO-5 Satellite Readies for Launch in 2021 (Via Satellite) Lockheed Martin revealed Wednesday that the fifth Space Based Infrared System Geosynchronous Earth Orbit (SBIRS GEO-5) satellite is complete and ready for launch in 2021, as determined by the U.S. Space Force. SBIRS GEO-5 is the first military space satellite built on Lockheed Martin's LM 2100 combat bus. The SBIRS Fourth GPS III satellite receives operational acceptance in record time (C4ISRNET) The addition of the satellite to the GPS constellation marks another step toward making M-Code — a more robust GPS signal for military use — available to the war fighter. Space Operations Command takes over final AEHF satellite (C4ISRNET) The sixth Advanced Extremely High Frequency satellites is expected to receive operational acceptance by the end of the year. Lockheed Martin on Mission to Get Astronauts to Moon for First Time Since 1972 (Cheddar) Jeff Bezos says that his space company, Blue Origin, will take the first woman to the moon's surface. This comes as NASA nears a decision to pick its first privately-built lunar landers capable of sending astronauts to the moon by 2024. Artemis: Nasa picks astronauts for new Moon missions (BBC News) Nasa has announced 18 astronauts who will travel to the Moon under the agency's Artemis programme. One Of The Navy's First Female Submarine Officers May Be Headed To The Moon (The Drive) Half of those picked for NASA's Artemis program, aimed at going back to the moon by 2024, come from the U.S. military. Here's a bit more about them. More than half of NASA's moon-bound astronauts are active-duty military (Military Times) NASA's Artemis program plans to return to the moon by 2024. Among the crew will be the first woman to walk on the moon. SpaceX's 1st crewed Mars mission could launch as early as 2024, Elon Musk says (Space.com) "If we get lucky." AI Is Reshaping the US Approach to Gray-Zone Ops (Defense One) Artificial intelligence and machine learning tools aren't just for big hot wars, but also for places where the battle lines aren't clear. U-2 Spy Plane Taps Into Computers On The Ground To Expand Data Processing Ability Mid-Mission (The Drive) The test demonstrated how an aircraft could link up with computers on the ground for tasks that demand high levels of computing power. Design and Innovation Space programs boost Defense Innovation Unit budget (C4ISRNET) Congress increased DIU's R&D budget by $20 million over last year's appropriations. NGA launches new tech accelerator in St. Louis (C4ISRNET) The accelerator program adds to the National Geospatial-Intelligence Agency's investment in the St. Louis area, where the agency is building a new state-of-the-art facility to house NGA West. Here's How 'Vanguard' Programs Could Stay for Good (Air Force Magazine) The Air Force's science advisers say the service needs to make its approach to cutting-edge "Vanguard" programs more concrete and repeatable. How do you fix a flying computer? Seeking resilience in software-intensive mission systems (Atlantic Council) Defense organizations confront unanticipated and highly impactful disruptions, but must continue to operate using complex mission systems. NATO needs a strategy for emerging and disruptive technologies (Defense News) As U.S. and European leaders set their collective agenda at the next NATO summit, a top priority should be establishing a NATO framework for emerging and disruptive technologies. Space Force: Convergence of New Tech is the Real Disruptor (Air Force Magazine) The real game-changing disruptions in space come when new technologies converge with each other, U.S. Space Force acquisition officials said Dec. 7. This company wants to launch satellites into space via drone (C4ISRNET) The reusable drone will be able to launch small payloads into low Earth orbit with a 180 minute turnaround time, potentially providing a much-desired responsive launch solution for the Department of Defense. Hypersonic Missile Coming Five Years Faster Thanks to Acquisition Reform (Air Force Magazine) The Air Force's Air-launched Rapid Response Weapon will become operational in 2022, five years faster than it would have under previous acquisition rules. Space balloon company raises funds, will conduct first test flight next year (Ars Technica) No ticket price has been revealed, but it likely will be on the order of $125,000. Research and Development AFOSR awards 17 quantum research grants (Intelligence Community News) The Air Force Research Laboratory's Air Force Office of Scientific Research (AFOSR) recently awarded 17 quantum information science grants. NASA's SLS megarocket 'hot fire' test delayed after early shutdown in fueling trial (Space.com) NASA and Boeing's 'wet dress rehearsal' of a launch of the core stage of a Space Launch System rocket ended early; engineers are still determining what happened. The Steampunk Rover Concept That Could Help Explore Venus (Wired) 50 years after the first spacecraft touched down on our super hot neighbor (and promptly died), NASA has a plan for a tougher mechanical lander. US Air Force tests artificial intelligence on board a U-2 aircraft (Air & Cosmos) The US Air Force experimented with artificial intelligence on board a Lockheed U-2 in a simulated mission. Pilot and artificial intelligence shared the tasks, with the pilot doing the flying. The equipment was designed to be easily transferable to another aircraft, thus representing the very beginning of the flight tests. THOR: Air Force Tests Counter-Drone Microwave In Africa (Breaking Defense) "I've watched it in action and its really quite impressive," says Air Force Chief Scientist Richard Joseph. Northrop Grumman and NASA Complete Final Sunshield Deployment Test on the James Webb Space Telescope (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) and NASA have successfully completed the final sunshield deployment test on the James Webb Space Telescope in preparation for its 2021 launch. "The success of this... Intel Agencies Seek to Perfect Biometric Recognition from Drones (Nextgov) Intelligence and military researchers want to merge facial recognition with other biometric methods to identify people from long distances and steep angles From interstellar space, twin Voyager probes spot 'electron burst' (Space.com) The discovery could shed new light on the mechanisms of flaring stars. Japanese space capsule carrying pristine asteroid samples lands in Australia (Space.com) Japan has done it again. Japanese scientists get first peek inside Hayabusa2 asteroid sample-return capsule (Space.com) Time to see what the "treasure box" holds. How to Watch Hayabusa2 Return an Asteroid Sample to Earth (Wired) The Japanese Hayabusa2 mission to asteroid Ryugu marks a major milestone this weekend with the return of pristine space rock. Chang'e-5: China's Moon Sample Return Mission (The Planetary Society) China's Chang'e-5 mission will bring Moon samples back to Earth to help us find out what was happening late in the Moon's history. China's Chang'e 5 lands on the moon to collect the 1st fresh lunar samples in decades (Space.com) Chang'e 5 is the first lunar sample-return mission since 1976. Amazing panorama shows China's Chang'e 5 landing site on the moon (photos) (Space.com) See Mons Rü mker in all its dusty gray glory. The Arecibo Observatory Is More Than Just a Telescope (Wired) The world's second largest radio telescope collapsed on Tuesday. But its legacy is indestructible. The Arecibo radio telescope's massive hanging platform has collapsed (Space.com) The hanging structure crashed through Arecibo's radio dish after major cable failures. On Mars, internal heat may have powered habitable hotspots long ago (Space.com) If life emerged on ancient Mars, it may have had the planet's internal heat to thank. Bill has $25M for Rome Lab projects (Rome Daily Sentinel) Congressman says approved House defense spending plan has language to protect DFAS and AIS Academia NU forms alliance with other Midwestern universities to lure Space Command to Offutt (Omaha.com) NU President Carter said the partnership with the University of North Dakota, K-State and Purdue would develop new degree programs and research initiatives specifically designed for the Space Command. Legislation, Policy, and Regulation In a first, Congress overrides Trump veto of NDAA (Federal News Network) In an extraordinary New Year's Day session, the Republican-controlled Senate easily turned aside Trump's objections to the $740 billion bill. Congress gives more power to DoD's industrial base official (Defense News) The National Defense Authorization Act creates the role of assistant secretary of defense for industrial policy. Moon by 2024 no more? NASA's Artemis deadline for crewed lunar landings likely to relax under Biden (Space.com) 2024 wasn't terribly realistic anyway. For NASA, It Should Be Mars or Bust (Wall Street Journal) After decades of nostalgia for the Apollo program, it's time for NASA to send astronauts on a radical new adventure, worthy of America's pioneering spirit NASA receives $23.3 billion for 2021 fiscal year in Congress' omnibus spending bill: report (Space.com) The bill does not include NASA's requested funding levels for its Artemis moon lander. Which NDAA cyber provisions have the most impact for DoD? (C4ISRNET) Lawmakers make several changes impacting oversight of DoD cyber operations. Congress provides $130 million for hypersonic missile warning satellites (C4ISRNET) The latest legislation seems to resolve a disagreement between the Pentagon and lawmakers over which agency should be in charge of the constellation. Trump signs Space Policy Directive-6 on space nuclear power and propulsion (Space.com) One goal laid out in SPD-6 is the testing of a fission power system on the moon by the mid- to late 2020s. White House Unveils New Space Policy, But Does It Matter? (Breaking Defense) "I just think it's a little too late for trying to have a stamp on something. It is just trying to say that they did something," said veteran space policy wonk Erin Neal. There Are No Real Rules for Repairing Satellites in Space—Yet (Wired) Fixing, refueling, and upgrading satellites in orbit is about to become more common. A group is pushing for international standards to keep these missions safe. British defense secretary says 'tough choices' are coming due on spending (Defense News) Britain's forces face some difficult decisions over whether to junk capabilities and make cuts to legacy programs. Clock is Ticking on New START Extension (Air Force Magazine) President-elect Joe Biden will have 16 days to strike a deal with Russia to extend the New START arms control pact after Inauguration Day. Congress requires shake-up in electromagnetic spectrum operations (C4ISRNET) The FY21 NDAA is requiring the secretary of defense to transfer electromagnetic spectrum operations responsibilities away from the commander of Strategic Command. Why the Pentagon must think harder about inadvertent escalation (Defense News) The conventional capabilities that have enabled the U.S. to reduce its reliance on nuclear weapons have also increased the risk of misperception that could spark a nuclear war. All Domain Requires New Requirements Process; DoD, Congress Must Compromise: Lt. Gen. Hinote (Breaking Defense) "We have got to come up with a compromise with the people's representatives when it comes to defining requirements in the future," he said. EXCLUSIVE: Space Is At Heart Of JADC2, Says Maj. Gen. Crider (Breaking Defense) "As a new service, we have an opportunity here to really establish ourselves in a new way -- leveraging digital technologies, and leveraging digital processes and practices in a new way," says Maj. Gen. Kim Crider, Space Force acting chief technology innovation officer. Defense policy bill prepares Pentagon for operational 5G (C4ISRNET) The plan taps the CIO as the lead on the issue in the future and establishes a 5G cross-functional team. DoD officials: Small changes in thinking about electronic warfare tools could give U.S. upper hand (C4ISRNET) The military wants to begin taking a more holistic view of electronic warfare capabilities rather than specific platforms to outmaneuver adversaries. National Geospatial-Intelligence Agency in Midst of Revolution (U.S. DEPARTMENT OF DEFENSE) When it comes to geospatial intelligence, the National Geospatial-Intelligence Agency is in the middle of a revolution, its director for operations said. Air Force Woos Congress On Space Acquisition Reform (Breaking Defense) "Given where we are at this point in the administration, it's unlikely that we would see a nominee" for an independent Space Force acquisition head, said Shawn Barnes, Air Force deputy assistant secretary for space acquisition. Cross-agency plans for space cybersecurity will strengthen the US in all domains (C4ISRNET) Just as cybersecurity has become an integrated element of terrestrial goods and services, the same level of resiliency and safeguards must apply in space. 2021: A Space (Force) Odyssey: Norms, Arms Control & Warfighting (Breaking Defense) "I will be very curious to see how the Space Force shakes out in the next year or so. It's not going away but how it manifests itself could be different," said Victoria Samson, Washington Office director for Secure World Foundation. At nearly a year old the Space Force joins the Intelligence Community (Federal News Network) The Space Force will be the 18th member of the collection of agencies providing national security information. Space Force Gen. John Raymond joins Joint Chiefs of Staff (UPI) Gen. John Raymond, chief of the U.S. Space Force, will become the eighth member of the Joint Chiefs of Staff, the Defense Department announced on Friday. Biden should preserve Space Force, one of Trump's proudest achievements, experts believe (Washington Examiner) As the Space Force nears the first anniversary of its creation on Dec. 20, some space security experts believe that the Biden administration should preserve one of President Trump's proudest achievements. Space Force expected to live on past Trump era (TheHill) President-elect Joe Biden has pledged to reverse or review many of President Trump's changes at the Pentagon, but one of Trump's signature achievements is expected to live on: the Space Force. Space Force Poised to See Major Growth, New Uniforms in 2021 (Military.com) The military relies heavily on space-based technologies to keep its edge on the battlefield. Raymond: Air Support Coming to US Space Command (Air Force Magazine) The Space Force's top general this week indicated the Air Force will create an organization to offer aircraft and other resources in support of SPACECOM. Space Force Should Hire Commercial Tracking Services ASAP: 2021 NDAA (Breaking Defense) Congressional authorizers approved some $10.4 billion in Space Force RTD&E, an almost $85 million bump from the budget request. Space Force Will Boost Reliance On Commercial Sats: Gen. Raymond (Breaking Defense) "We see a huge opportunity here to have a fused relationship with industry that will provide great advantage," Gen. Raymond says. Omaha and Offutt shoot for moon in seeking Space Command HQ (Omaha.com) Local boosters say Offutt Air Force Base has "a solid chance" to host the new U.S. Space Command. But the five other finalists will be tough to beat. Space Force Won't Be Forced to Use Navy Ranks, Lawmakers Decide (Military.com) Lawmakers "strongly encouraged" service leaders to consider "all the military services historic rank structures." The Army has soldiers. The Navy has sailors. The Space Force now has 'guardians.' (Washington Post) The name became an immediate punch line on Twitter. In the race to host US Space Command, Colorado Springs is light years ahead (Military Times) In this commentary, a retired four-star Air Force general says Colorado Springs, Colorado, has always been the center of the military's space operations. Space Force Is Getting Its First 2 Bases (Military.com) Cape Canaveral and Patrick Air Force Base will be known as "Cape Canaveral Space Force Station and Patrick Space Force Base." Trump Admin to Rename Two Bases for Space Force Over Military Objections (Defense One) The Air Force had quietly agreed with Congress not to change anything until the NDAA settles a way forward on Confederate base names. DoD announces cybersecurity certification pilots (C4ISRNET) The tiered cybersecurity framework grades companies on their cyber hygiene. Doing Things Differently at DISA (SIGNAL Magazine) The combat support agency seeks to drive innovation as it focuses on cybersecurity, infrastructure modernization and enterprise communications. Air Force Mulling New Career Fields for Coders, Data Analysts (Air Force Magazine) The Department of the Air Force is working to create new career fields in areas like software development and data science. Biden picks Lloyd Austin, retired Army general, to lead Pentagon (Defense News) Austin would require a wavier from Congress to serve. As term winds down, Trump shifts Pentagon line of succession (Defense News) Shuffling the line of succession at the defense department is not a new move for presidents. Biden's Incoming National Security Adviser Faults Pentagon's 'Obstruction' (NPR) Jake Sullivan tells NPR in an exclusive interview that the transition isn't getting what it needs from the outgoing Trump administration to take power properly next month. Space Force troops get lapel pin and badge to wear on their Air Force uniforms for now (Stars and Stripes) Space Force service members will soon get lapel pins and service badges to wear on their Air Force dress uniforms to better distinguish the branches. The new Space Force challenge coins look like tokens you'd spend at Chuck E. Cheese (Task & Purpose) If you're going to hand out a challenge coin, you should make it look as cool as possible — something the Space Force failed miserably at Litigation, Investigation, and Law Enforcement Space Force delays deal to 'further evaluate' contractor found to have acted fraudulently (Washington Post) Facts uncovered in a Texas lawsuit prompted the military to review a $12 billion space technology program Amazon Web Services challenges Pentagon decision to stick with Microsoft for cloud contract (C4ISRNET) AWS alleges "even more egregious" mistakes in the DoD's re-award of the JEDI cloud to Microsoft. How an online relationship with a Russian woman led to a Navy chief getting busted down to E-4 (Navy Times) The former chief's attorney said their relationship might rekindle when he gets out of the brig. A Missile Engineer's 'Dark Fantasy' and Alleged Revenge Plot (The Daily Beast) James Robert Schweitzer lost his security clearance over medical marijuana. What the feds say happened next is completely off the rails.

Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not CyberWire, Inc. or Cosmic AES