Recently Browsing 0 members
No registered users viewing this page.
Microsoft wins JEDI contract from the U.S. Dept. of Defense
by Paul Hill
The United States Department of Defense has awarded Microsoft with an enterprise general-purpose cloud contract called Joint Enterprise Defense Infrastructure (JEDI). The base contract period will last for two years with a $1 million guarantee but spending is likely to increase to around $210 million in those two years, driven by user adoption of the product.
The DOD’s decision to find a firm to offer the contract to has been going on for quite a while now, with Microsoft and Amazon being the only contenders for the contract since at least October 2018. The process has not been smooth sailing with both IBM and Oracle raising issues over the matter. Despite this, the DOD said in its statement that all of the firms who partook were “treated fairly and evaluated consistently”.
Commenting on the news, DOD Chief Information Officer, Dana Deasy, said:
The DOD’s JEDI contract is part of a wider technology overhaul to modernize systems. With JEDI, Microsoft's aim will now be to deliver a product that gives the military better access to data and the cloud from battlefields and other remote areas. On the back of the news, Microsoft’s stock price has risen by more than 3% in after-hours trading.
By Usama Jawad96
Microsoft employees protest company's HoloLens deal with U.S. military
by Usama Jawad
Back in November 2018, Microsoft was awarded a $480 million contract by the U.S. military to supply it with augmented reality technology, notably the HoloLens, for training purposes. Now, a group of Microsoft employees have penned a letter to CEO Satya Nadella and President Brad Smith, to protest the deal.
As reported by NBC, the letter (which can be read here) has been signed by 50 employees who have voiced concern over Microsoft's contract with the U.S. military. The petitioners say that even though the company has worked with the army before, it has never participated in the development of weapons before. However, with the recent Integrated Visual Augmentation System (IVAS) deal, the Redmond tech giant is aiding in building systems that are designed to make it easier for soldiers to kill in actual combat.
The letter went on to state that:
As a result, the signatories have urged Microsoft to cancel the deal, stop developing weapons technology, draft an "acceptable use policy", and to instate an ethics review board that enforces it. Furthermore, they have also cautioned the company to be careful about "who we're empowering and what we're empowering them to do", and not to become war profiteers in the process.
This is not the first time that Microsoft employees have protested the company's involvement with law enforcement. Last year, many employees urged Microsoft to stop working with the U.S. Immigration and Customs Enforcement (ICE). With HoloLens 2 just around the corner, it will be interesting to see if the tech firm responds to the concerns of some of its workers.
By Hamza Jawad
Microsoft and Thales collaborate to create a Defence Cloud solution for armed forces
by Hamza Jawad
With increasing digitalization of armed forces all over the world, the Thales Group has now announced that it will partner up with Microsoft to provide a Defence Cloud solution to armed forces by making use of the tech giant's Azure Stack.
The major aim of the two multinationals is to offer a flexible cloud application platform, one that provides advanced functionalities which current defence clouds are not capable of providing. As such, the companies hope that it will help enhance the storage, management, and in particular, the analyzation of large amounts of data for real-time intelligence gathering and further important applications on and off a battlefield.
Microsoft's Azure Stack - a cloud computing software solution designed to deliver on-premise Azure services - will be used as the baseline system for this whole operation, enabling smooth integration with Thales's cybersecurity and encryption solutions. This will also guarantee the security of sensitive data, whether it is being deployed in the field or being hosted at Ministry of Defence (MoD) headquarters. Interestingly, each integrated system will be portable and capable of working offline due to the varying environmental conditions the cloud solution will be expected to operate in.
Jean-Philippe Courtois, EVP and President of Global Sales, Marketing & Operations at Microsoft, commented on the partnership, noting:
Microsoft started the shipping of Azure Stack integrated systems back in September. Considering the massive scope of the Azure cloud platform, Thales is hoping that this will be a major step in providing armed forces "maximum flexibility with maximum security".
By Oscar S
Military and intelligence personnel details exposed in data leak
by Richard Tyr Blewitt
It has been confirmed by the international security firm TigerSwan that the personal details of thousands of former and current US, NATO coalition, and other service personnel were inadvertently exposed and left openly accessible for a long period of time.
The discovery was made by Director of CyberRisk Research Chris Vickery at the security firm UpGuard. Chris found that the resumes, home addresses, contact details, employment history, and in some cases, more sensitive information such as passport numbers, driver’s license numbers, partial Social Security numbers, and other crucial personal information of staff with 'Top Secret' clearance were publicly accessible online due to an erroneously configured Amazon Web Services S3 storage bucket.
The former and current places of work and job roles of some of the people left exposed included the Secret Service, various 'Special Forces', Guantanamo Bay Naval Base, several police departments, foreign translators from Iraq and Afghanistan, military intelligence roles, and various private security companies such as DynCorp, Blackwater, Aegis, Kellogg Brown Root, Lockheed Martin, and Titan.
TigerSwan appears to have received these details as part of the application processes for vacancies at the company.
This poses a real threat to many of the people affected as some of them are active military personnel, who may still be deployed in conflict zones or may have done so in the past, such as in Iraq and Afghanistan, and now may have their personal details exposed and families left vulnerable. Of particular concern are the details of the Iraqi and Afghan translators, whose families may still be living in areas that are very close to enemy combatants who could possibly locate them for revenge attacks.
TigerSwan has released a statement explaining that they had delegated the management of its resume databases to TalentPen, a third party vendor. TigerSwan had subsequently terminated its working relationship with TalentPen in February of 2017 and had securely transferred the posession of all the documents that TalentPen held; however, TalentPen was apparently responsible for leaving the details in question accessible on the Amazon storage bucket. The details have now been removed.
There were 9,402 documents left exposed, but TigerSwan has not declared how many people this could have affected. The firm has stated that anyone who submitted their resume with it between 2008 till 2017 can contact it for further information about how much of their personal information was accessible online.
There are an increasing amount of stories about companies extracting data without permission and about online identity theft in general. In this case, the information was filed voluntarily by prospective employees looking for a job with the firm, but this kind of story emphasizes that cyber security and defense is arguably just as important to security services as their conventional defense measures are.
Sources: UpGuard and IB Times |Image via CBS News
By Timi Cantisano
The US military will finally upgrade its email system to utilize STARTTLS
by Timi Cantisano
According to an investigation that was conducted in 2015, the military left itself open to major security issues because of its email system that did not use STARTTLS. The technology is used to encrypt emails and makes it so that they cannot be intercepted by those who might be trying to plot something nefarious or even just curious lookie–loos.
Luckily, that will all change very soon, as the Defense Information Systems Agency (DISA), a branch of the Pentagon that oversees emails, has stated that it will start using STARTTLS sometime within the year. Currently, the military uses its own cloud-based email system called mail.mil, which has around 4.5 million users.
STARTTLS is not a new technology by any means, being introduced over a decade ago. It is a way to upgrade an insecure connection and making it secure using SSL/TLS. While this upgrade can't happen soon enough, don't expect it to happen overnight. The expected timeframe for it to be completed is set for sometime in July, 2018.
Source: Motherboard via Engadget | Image via Shutterstock