Quick Study

Quick Study

By Brian Robinson

View all blogs

NSA stakes another claim to cybersecurity leadership

Much is being made of the recent Wall Street Journal story about the National Security Agency’s “Perfect Citizen” program, which reportedly is aimed at putting sensors into networks at such places as defense contractors, power plants and big Internet companies in order to better sniff out cyberattacks before they can wreak major damage.

Most of the commentary so far has been about the potential Big Brother aspects of this, with the government spying on private industry and so on. However, it should come as no surprise to people who have been following the progress of the government’s Einstein 3 system, since the clear implication is to get that also into the critical public infrastructure as well as government networks.

But there are other interesting nuggets in these reports, such as the program being voluntary but that NSA is dangling incentives to companies such as additional government contracts if they comply. There’s also an implicit threat there, since if companies already have government contracts, then non-compliance could damage their future dealings with government.

The NSA must follow the federal acquisition regulations, but it doesn’t usually advertise its procurements and it makes liberal use of the national security exemption in awarding contracts. It would be naive to think that agencies and the government overall don’t use procurement as a giddy-up to companies to get them to do certain things, but this seems to steer close to outright bribery.

Some commentators wonder why the NSA is going so public with this story. But while there’s a lack of official statements, all of the inside sources quoted suggests some kind of informal leak.

Perhaps we should look no further than that ancient government practice of turf war. Cyber security has quickly gone from being a blip on the policy radar to a major concern, at least the high levels of government. The Obama Administration has been hot for it from the get-go, and now Congress is hammering away at legislation.

Which means cybersecurity is probably the biggest item in terms of influence and potential budget gains in Washington, D.C. right now. The Homeland Security Department is being pushed as a leader on all of this, but the NSA has made it plain through various means that it thinks it should be fronting this. Its involvement has been a big reason for previous government cyber czars quitting their jobs.

Perfect Citizen should be seen as another shout-out from the NSA in its claim to be the agency that’s on top of cybersecurity.

Posted on Jul 08, 2010 at 7:27 PM0 comments

Beware of that bug: It could be following you

When you think of intelligence-gathering robots the images that most readily come to mind today are of low-flying unmanned aerial vehicles such as the Predator drone, scanning vast regions of land below them and using high-resolution cameras and sophisticated sensor technology to detect enemy men and materiel.

In the future, however, UAVs may more closely resemble fluttering insects.

In the long term, the U.S. Army certainly sees miniature “bug” UAVs as a big part of its battlefield operations. According to a recently released roadmap, clouds of them would be used to survey buildings and various sites before soldiers enter them.

That future may be closer than people imagine, given the pace of developments in this field. The University of Washington, for example, has developed thermal-powered bug robots that can carry up to seven times their own weight, something that will be essential if these things are to operate in the field for any extended periods while also hefting the sensors needed to gather intelligence.

Needless to say, the Defense Advanced Research Projects Agency is one of the sponsors of this research, along with the National Science Foundation.

Another development consists of small robots that use a new form of artificial intelligence to use insect-like instincts to land and stick to any surface, and then release on command. That doesn’t sound like a big deal, but it’s something that is essential for these robot swarms to move over rough terrain, such as would be needed for use in areas devastated by natural or man-made catastrophes.

This perching mechanism allows the tiny bots to conserve energy to the maximum, and is apparently a big advance on past swooping maneuvers used for landing. Releasing has also apparently not been easily possible before. Here’s a cool video showing this.

All things being said, as difficult as a lot of this seems, it’s probably more viable than another DARPA plan to use real insects as spies.

Posted on Jul 02, 2010 at 7:27 PM0 comments

'Encryption on a chip' raises hopes for better security

Encryption is often cited as one of the answers to cybersecurity woes, but it's a tough process to handle for many of the smaller devices that people now carry around—and tend to lose—along with all of the sensitive data on them (think laptops at the Defense and Veterans Affairs departments, among others).

Putting encryption into the processors that run these devices would greatly simplify things.

Huzzah! Chipmaker Intel Corp. recently announced it has come up with a process that would allow the random-number generator, which is the basis for encryption, to be made with the same semiconducting material and at the same feature size now used for modern processors. The generators would also be all digital, rather than the current generation of hard-to-handle analog components.

An IEEE Spectrum story quotes Greg Taylor, director of Intel's Circuit Research Lab, as saying that this new device can generate billions of random bits per second and is more random than current analog generators, which means the encryption is even stronger.

Here's an example of what encryption can do for you, if done properly. Brazilian police trying to get a look at the hard drive on a suspected financial criminal's computer were unable to crack the encryption he used after months of trying and after getting the FBI and its famed investigators involved.

One of the algorithms apparently was based on the venerable 256-bit AES encryption standard, which is one of the standards recommended by NIST.

However, as security guru Bruce Schneier points out (and hat-tip to him for the Brazilian story lead), it's how you apply encryption that matters.

Posted on Jun 30, 2010 at 7:27 PM2 comments

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
contracts DB


  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Read More

  • Is SBA MIA on contractor fraud? Nick Wakeman

    Editor Nick Wakeman explores the puzzle of why SBA has been so silent on the latest contractor fraud scandal when it has been so quick to act in other cases. Read More


  • How Do You Support the Project Lifecycle?

    How do best-in-class project-based companies create and actively mature successful organizations? They find the right mix of people, processes and tools that enable them to effectively manage the project lifecycle. REGISTER for this webinar to hear how properly managing the cycle of capture, bid, accounting, execution, IPM and analysis will allow you to better manage your programs to stay on scope, schedule and budget. Learn More!

  • Sequestration, LPTA and the Top 100

    Join Washington Technology’s Editor-in-Chief Nick Wakeman as he analyzes the annual Top 100 list and reveals critical insights into how market trends have impacted its composition. You'll learn what movements of individual companies means and how the market overall is being impacted by the current budget environment, how the Top 100 rankings reflect the major trends in the market today and how the biggest companies in the market are adapting to today’s competitive environment. Learn More!