Point(s) of Contact
Pamela Hamilton / FSO
843.327.3273
pamela@appliedsecurityknowledge.com
Richard Carmichael / ITPSO
678.221.7834
rcarmichael@laochservices.com
DoD Hotline
dodig.mil/hotline / 800.424.9098
SOURCE: CNN by Sean Lyngaas – November 6, 2023
Sensitive personal information like the apparent home addresses and health conditions of thousands of active-duty US military personnel can be bought cheaply online from so-called data brokers, according to a study published Monday by Duke University researchers.
The researchers could shop for data on servicemembers based on geolocation, including whether they lived or work near Fort Bragg, Quantico or other sensitive military locations. In some cases, they were able to buy the data for as cheap as $0.12 per record.
The study points to longstanding national security concerns from US officials and outside experts that a foreign intelligence service, for example, could build a picture of the whereabouts and vulnerabilities of US military members simply by shopping for the information online. Scammers could also use the data to stalk or blackmail military families, the researchers concluded.
SOURCE: The Register by Laura Dobberstein – November 2, 2023
Boeing has acknowledged a cyber incident just days after ransomware gang LockBit reportedly exfiltrated sensitive data from the aerospace defence contractor.
"We are aware of a cyber incident impacting elements of our parts and distribution business," Boeing told The Register. The company added that the issue did not affect flight safety, and that it is investigating the incident and coordinating with authorities.
"We are notifying our customers and suppliers," the spokesperson added.
At the time of writing, the company's parts and distribution website was "down due to technical issues."
Aftermarket sales of spare parts are lucrative - so much so that in 2016 Boeing invested to grow its own parts operation, and to secure more revenue from third-parties that make compatible parts under license
SOURCE: ClearanceJobs by Katie Keller – November 16, 2023
You may think it's cringe when you see a paid partnership on Instagram, but even the White House is having special briefings for influencers to get its message out to their massive audiences on social media.
Now, should you be trying to reach security clearance talent on TikTok? Likely not, but working with influencers can be a great way to build your brand awareness and highlight open billets you need to staff.
Here are three targeted methods HR and recruitment teams working in industry can use to boost your hiring efforts.
SOURCE: ClearanceJobs by Jillian Hamilton – November 14, 2023
For the second quarter in a row, we see security clearance processing times on a continued upswing, with investigation inventory growing too. Current security clearance processing times for DoD/Industry are 170 days for Top Secret security clearance and 100 days for a Secret security clearance. These numbers continue to reflect the averages for the fastest 90% of applicants, something that will change in the future.
The inventory numbers are increasing, with the investigation phase steadily climbing – especially for Top Secret security clearances. But Secret security clearance investigations have also climbed in FY 2023. Both Top Secret and Secret Investigations ended the year with over 18,000 in inventory, steadily increasing over the course of the year. However, adjudication inventory increased for both Top Secret and Secret security clearances.
SOURCE: Federal News Network – November 15, 2023
A useful way for federal agencies to think about artificial intelligence (AI) starts with asking two questions: Will the technology help solve a real mission-related challenge? And did the technology reveal to you how it solved the challenge?
If the answer to the second question is yes, "that's what we call trustworthiness," said Mark Johnson, vice president of technology for the U.S. federal market at IBM. Trust hinges on whether you are "able to point back to how the answer was developed." And as the foundation of any AI solution, the how includes "understanding what data is being used, how that data is being used and the source or origin of that data," added Susan Wedge, managing partner for the U.S. public and federal market at IBM Consulting.
Critically thinking about these key considerations and potential risks while building or implementing AI systems is especially true for federal government agencies. Part of the challenge is that AI is evolving so quickly that frameworks, tools and guidance need to be continuously updated and improved.
SOURCE: ForeignPolicy.com by Craig Singleton – October 30, 2023
The Biden administration wants half of all new cars sold in the United States to be electric by 2030. Meanwhile, the European Union has taken even bolder steps, mandating that all new cars and vans sold after 2035 emit zero emissions. Taken together, that's good news—for China.
Today, companies with close ties to the Chinese Communist Party (CCP) control nearly half of the global supply of electric vehicle (EV) batteries. While there is certainly merit in decarbonizing the transportation sector, a hasty embrace of EVs would do more than cement the market positions of Beijing's battery behemoths. It could also expose the United States and European nations to dangerous cyber threats, similar to how Chinese technology giant Huawei's unchecked expansion paved the way for China to gain access to critical Western telecommunications networks.
SOURCE: AP News by Colleen Slevin – October 23, 2023
DENVER (AP) — A former National Security Agency employee from Colorado pleaded guilty Monday to trying to sell classified national security information to Russia.
Federal prosecutors agreed to not ask for more than about 22 years in prison for Jareh Sebastian Dalke when he is sentenced in April if he adheres to the terms of a plea deal, but the judge will ultimately decide his punishment.
Dalke, a 31-year-old Army veteran from Colorado Springs, technically faces up to a possible life sentence for giving the information to an undercover FBI agent who prosecutors say Dalke believed was a Russian agent. However, accepting responsibility for a crime usually leads to a lighter sentence.
SOURCE: Security Week by Kevin Townsend – November 16, 2023
Arkose Labs has analyzed and reported on tens of billions of bot attacks from January through September 2023, collected via the Arkose Labs Global Intelligence Network.
Bots are automated processes acting out over the internet. Some perform useful purposes, such as indexing the internet; but the majority are Bad Bots designed for malicious ends. Bad Bots are increasing dramatically — Arkose estimates that 73% of all internet traffic currently (Q3, 2023) comprises Bad Bots and related fraud farm traffic.
The top five categories of Bad Bot attacks are fake account creation, account takeovers, scraping, account management, and in-product abuse. These haven't changed from Q2, other than in-product abuse replacing card testing. The biggest increases in attacks from Q2 to Q3 are SMS toll fraud (up 2,141%), account management (up 160%), and fake account creation (up 23%).
SOURCE: CDSE
