Military Technology 06/2021

74 · MT 6/2021 Homeland Security Forum vulnerabilities in Microsoft Exchange servers, which were “highly likely to have been initiated and exploited by a Chinese state-backed threat actor”. The review goes on to state this attack “was highly likely to enable large-scale espionage” and, as a result, the NCSC issued tailored advice to more than 70 organisations. “The attack on Microsoft Exchange servers was another serious example of a malicious act by Chinese state-backed actors in cyberspace,” NCSC Director of Operations, Paul Chichister, ex­ plained. “This kind of behaviour is completely unacceptable and, along- side our partners, we will not hesitate to call it out when we see it.” In the 2020/21 timeframe covered by the review, the agency respon­ ded to 777 cyber incidents, an increase on the previous year’s 723 and a record high since the organisation was formed in 2016. This is partially a result of increasing work the agency has undertaken to proactively iden­ tify threats, and may also reflect generally increasing awareness of cyber security, the work the NCSC has done (including a TV advertising cam­ paign) that has raised the profile of its threat-reporting channels, and the increasing ability individuals may have to recognise attempted intrusions such as fake ‘phishing’ emails designed to steal passwords and other personal data. Taken together, it is likely these factors mean more inci­ dents are being reported to the NCSC. A short section in the review outlines some of the work the NCSC has done with the MoD and its industrial suppliers. “The NCSC supported the development of the Digital Strategy for Defence [published May 27 th ], which set out plans for how the Armed Forces will use data to underpin technology; worked with the MOD on embedding secure-by-design prin- ciples, and helped create a modern assurance and accreditation model,” it says. Other activities in the defence sector include establishing a team “to maintain the highest levels of cyber security for the Continuous-At- Sea-Deterrent, including ongoing support to the DREADNOUGHT pro- gramme,” which will replace the UK’s current VANGUARD-class subma­ rines. The review also says the NCSC supported Carrier Strike Group 21 on its first deployment, via joint workshops with the Royal Navy and “providing cyber threat intelligence and technical capabilities.” The NCSC also worked with the UK’s Civil Aviation Authority and the World Economic Forum to develop international standards for cyber resil­ ience in aviation. Other international outreach included the NCSC chairing a working group with equivalent agencies from the other ‘Five Eyes’ na­ tions, which produced a first joint paper on common vulnerabilities in July. The full review can be downloaded from  https://www.ncsc.gov.uk/ collection/ncsc-annual-review-2021 Norway Orders Additional Sectra TIGER/S Encryption Systems The Norwegian Defence Materiel Agency (NDMA) has ordered additio­ nal units of the TIGER/S approved mobile encryption system developed by international cybersecurity and medical imaging IT specialist Sectra, the company announced on 17 November. The solution enables Norwegian government agency officials to communicate securely and efficiently, preventing the risk of eavesdropping or information leakage. The new order encom­ passes the latest version of Sectra TIGER/S, which also guarantees the user higher availabil­ ity from anywhere and at any time. “Our customers place [stringent] demands on security, flexibility and mobility. This new order confirms the Norwegian government’s continued confidence and trust in the ability of Sectra’s solution to protect their most Homeland Security Forum NBC-Sys Automates Filter Production The newly-installed automated production line at Saint-Chamond. (Photo: NBC-Sys/Nexter Group) NBC-Sys, a Nexter Group company, has inaugurated a fully automated production line for its entire range of nuclear, bacteriological and chemical filter cartridges, the company announced on 25 November. Installed at the Saint-Chamond plant, the strategic asset will guarantee the French armed forces’ supply of current cartridges, as well as the en­ tire range of cartridges for the new EPIA (individual protection kit for the armed forces) programme by 2025. The occasion was also used to mark the delivery of the one millionth ARFA respirator, production of which con­ tinues at the rate of tens of thousands per annum. Under the EPIA programme, NBC-Sys is designing the French armed forces’ future gas mask – intended to equip them for the next 30 years. Deputy CEO, Jean-Marie Mathelin, observed that the new produc­ tion line reinforces “the position of NBC-Sys as the strategic supplier of CBRN individual protection solutions for the French armed forces for the next decades.” UK’s National Cyber Security Centre Highlights Increasing Threats The National Cyber Security Centre (NCSC) – the public-facing part of Britain’s signals-intelligence agency, GCHQ [General Communications Headquarters], has pointed to ransomware and supply-chain vulnerabil­ ities as representing two of the biggest threats it is seeing to national in­ terests. In its Annual Review, published today, the agency again identifies Chinese and Russian state-sponsored actors as being behind some of the most serious incidents it has responded to. “In addition to the direct cyber security threats posed by the Russian state, it became clear that many of the organised crime gangs launching ransomware attacks against western targets were based in Russia,” the review says. China, meanwhile, continued to demonstrate “a proven inter- est in the UK’s commercial secrets.” The review’s authors say that “how China evolves in the next decade will probably be the single biggest driver of the UK’s future cyber security.” The two state-sponsored incidents the review concentrates on are the compromise of the American software company SolarWinds, which has been attributed to Russian-backed actors, and exploitation of Sectra’s TIGER/S 7401 LTE. (Photo: Sectra) f