Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk.
DHS, FBI Release Malware Report on North Korea
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a report yesterday on a malware program from North Korea that reveals technical details of a remote access trojan dubbed Keymarble. The application is a malicious 32-bit Windows executable file. When executed, it de-obfuscates its application programming interfaces (APIs) and using port 443, attempts to connect to a group of IP addresses hard-coded into its programming. After connecting, the malware waits for further instructions. In the report, DHS said the malware “is capable of accessing device configuration data, downloading additional files, executing commands, modifying the registry, capturing screen shots, and exfiltrating data.” Keymarble is just one piece of North Korea’s larger hacking campaign, dubbed Hidden Cobra by the Federal government.
Nakasone Submits Recommendations on NSA, U.S. Cyber Command Split
Change may be afoot at U.S. Cyber Command and the National Security Agency (NSA), two Defense Department agencies currently led by Army Gen. Paul Nakasone. NSA confirmed to MeriTalk that Gen. Nakasone completed his 90-day assessment on the status of the dual-hat leadership arrangement and said he will provide his recommendation to the Secretary of Defense and the Chairman of the Joint Chiefs of Staff. Both the agency and Gen. Nakasone have been mum about what course of action may be included in the report. “I will allow him to read it and leave it at that,” Nakasone said Thursday during an Intelligence National Security Alliance leadership dinner, according to Politico.
FAS Revamping Identity Protection Services Requirements
The General Services Administration’s (GSA) Federal Acquisition Service (FAS) is proposing some changes to its Identity Protection Services (IPS) requirements for vendors. The agency released revisions to its existing guidelines, which define enrollee and impacted individual, as well as clarifying the scope of System Security Plan Requirements for the purposes on SIN 520-20. “It was determined in the existing version of SIN 520-20 as written, there was ambiguity resulting in higher pricing exceeding commercial rates offered for same or similar services. The planned changes will provide industry clarity on ‘impacted individual’ and ‘enrollee’ in regards to their usage in the pricing tables and result in better pricing offered to the Government mirroring commercial rates,” GSA noted in its draft changes. The agency is soliciting comment from industry, and will host a webinar on the subject August 15th.
Army Announces Cobra OTA for Cybersecurity Prototypes
The U.S. Army’s Program Executive Office Enterprise Information Systems (PEO EIS) announced a new Other Transaction Agreement (OTA) with SOSSEC Inc. for cybersecurity prototypes, titled Cyber Operations Broad Agreement, or COBRA. “The purpose of COBRA is to spur innovative development, demonstration, and expedited delivery of prototypes to increase Armed Forces readiness via rapid and responsive projects,” the PEO EIS said in a statement. SOSSEC will serve as the consortium administrative organization (CAO), and will lead the consortium in conducting “critical research, experiments, development, testing, modeling, architecture, and evaluation of innovative technology to support prototype effort.” The COBRA OTA is scheduled for the next five years.
US-CERT Releases Guidance to Keep Kids Safe Online
The United States Computer Emergency Readiness Team (US-CERT) released cybersecurity guidance for parents ahead of children returning to school. The guide, released today, includes information on keeping children safe online, cyber safety rules children should follow, and cell phone safety. US-CERT also provides resources on how to discuss technology safety with teens, how to build a digital defense for school children and a concerned parents internet safety toolbox.
MANRS Gets Endorsement from Cyber Tech Accord
The Cybersecurity Tech Accord, a collection of 44 global-scale companies that aims to empower civilians online and improve the security of cyberspace, issued a statement endorsing the Mutually Agreed Norms for Routing Security (MANRS), an initiative launched in 2014 that works to increase the resiliency and security of the internet’s global routing system. “The MANRS initiative reflects the values at the core of the Cybersecurity Tech Accord: to identify cybersecurity challenges that we can only address as a collective and to act to solve them,” the group said. The Cybersecurity Tech Accord includes global technology companies including Microsoft, Facebook, and Cisco.