Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
    • GTPAC COVID-19 Resource Page
    • Cybersecurity
    • Veterans Verification Video
    • GTPAC Community
    • Other Training Audio & Video
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • COVID-19
  • New Client Application
  • Contact Us

CBP reportedly suspends subcontractor over cyberattack

July 16, 2019 By Andrew Smith

The US Customs and Border Protection has reportedly suspended a subcontractor following a “malicious cyberattack” in May that caused it to lose photos of travelers into and out of the country.  Perceptics, which makes license plate scanners and other surveillance equipment for CBP, has been suspended from contracting with the federal government, The Washington Post reported Tuesday.

On June 12, CBP had confirmed that in violation of its policies, a subcontractor had “transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network.”  The subcontractor’s network was then compromised by a cyberattack that affected under 100,000 people who entered and exited the US in a vehicle through several specific lanes at one land border during a 1.5-month period.

Continue reading at:  CNET News

Filed Under: Contracting News Tagged With: Customs and Border Protection, cyber crime, cyber incidents, cyberattack, cybersecurity

Chinese government hackers steal massive amounts of data from Navy contractor computers

June 12, 2018 By Andrew Smith

Chinese government hackers have stolen large swaths of highly sensitive data on undersea warfare from a Navy contractor’s computers, The Washington Post reports.

The stolen information includes secret plans to develop a supersonic anti-ship missile to be used by submarines by 2020, American officials told the Post.

The incidents took place in January and February, but officials did not disclose the contractor that was targeted, the newspaper reported Friday.

Although the information was highly sensitive, it was housed on the contractor’s unclassified network, according to the Post.

“Per federal regulations, there are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information,” Navy Lt. Marycate Walsh said in a statement. “It would be inappropriate to discuss further details at this time.”

Keep reading this article at: http://wtkr.com/2018/06/08/wapo-chinese-government-hackers-steal-massive-amounts-of-data-from-navy-contractor-computers/

Filed Under: Contracting News Tagged With: controlled unclassified information, CUI, cyber, cyber incident, cyber incidents, cyberattack, FBI, hack, hackers, investigation, Navy, network services, unclassified information, undersea warfare

Faster detection, cleanup of network infections are goals of $12.8 million Georgia Tech project

May 18, 2018 By Andrew Smith

Cybersecurity researchers at the Georgia Institute of Technology have been awarded a $12.8 million contract to develop fundamentally new techniques designed to dramatically accelerate the detection and remediation of infections in local and remote networks. Using novel machine learning techniques that take advantage of large datasets, the researchers will develop ways to detect network infections within 24 hours – before invaders can do serious damage.

The technical goal for the new system, dubbed “Gnomon,” is to detect changes in individual computer systems by analyzing suspicious network traffic that appears weeks or months before any evidence of malicious software – or malware – can be identified. As a proof-of-concept, the researchers will work with two major U.S. telecommunication companies and several petabytes of data in basic research aimed at detecting signals of malicious activity on their networks.

Funded by the Defense Advanced Research Projects Agency (DARPA), the four-year award is part of the agency’s Harnessing Autonomy for Countering Cyberadversary Systems (HACCS) program. Beyond rapid detection of infections, the project will also accelerate the cleanup after such infections, creating a clearer pathway in a process known as remediation.

“A compromise becomes a breach only if the original infection remains undetected long enough for the adversaries to do damage,” said Manos Antonakakis, an assistant professor in Georgia Tech’s School of Electrical and Computer Engineering and the project’s co-principal investigator. “If you look at the major breaches that have occurred, you see that the adversaries were in the systems for months. We want to identify them in a matter of hours to contain the infection before any real damage can be done.”

The new techniques to be developed will address the realization that network attacks cannot be completely blocked by existing defenses and malware-based detection systems. Dynamic intelligence will be a key feature of the system, with the intent of creating a continuously-updated dossier of every address in IPv4 space.

“Gnomon will search for illicit behavior in computer systems and network signals that indicate the start of an infection,” said Michael Farrell, chief strategist at the Georgia Tech Research Institute (GTRI), and the principal investigator on the program. “We’ll use our experience with taking down botnets – networks of infected computers – to accelerate the detection and remediation process. It’s imperative to evolve our view of the internetwork infrastructure at the same pace that the threat evolves.”

To protect millions of computers on the networks of the two companies, the researchers must find ways to identify troubling behavior on individual IP addresses without endangering the privacy of individuals. Among the signs of trouble are communications with network locations known to house malicious activity. Such communication is necessary for malicious groups to control computers that have been compromised, and to move data stolen from them.

“If you know where the infecting groups are located, you can very easily exclude most of the benign activities occurring on the network,” Antonakakis said. “We need to be able to identify what has changed in computers throughout the network, understand why the change has happened, and determine whether that change can be attributed to benign or malicious activity. This is a groundbreaking new approach to network security that will require tremendous computing power and infrastructure.”

Ever since the first viruses hit computers in the 1980s, cybersecurity has seen rapid evolution of detection and attack tactics. The success of Gnomon will likely drive adversaries to new attack techniques that may be more complex – and expensive – than existing activities. Making cyberattacks more costly to launch may reduce the profit from such activities, making them less attractive.

“If we can clean up our networks faster and more efficiently, that will increase the cost of the attack, making the adversaries work harder,” Antonakakis said. “If you raise the cost of an attack, the return on investment becomes smaller, while the risk of getting identified becomes higher. We would like to make the business of an attack so unprofitable and so risky for the adversaries that it will not make sense for them to conduct major operations in our networks.”

Success in developing new techniques with the first two telecommunication companies could open the door for scaling up Gnomon to other large networks in industry – and to U.S. government systems.

“Not only will deployment have an obvious benefit of improved hygiene for a significant portion of the U.S. internet infrastructure, but the public-private partnership will allow us to provide valuable feedback throughout the HACCS program on the sort of prototypes that will be necessary to have true business and mission impact in the real world,” Farrell said. “The goals are very ambitious, but if we’re successful, we’ll be able to close the gap between an infection and remediation.”

This program is the latest interdisciplinary research collaboration in cybersecurity at Georgia Tech, orchestrated by the Institute for Information Security & Privacy (IISP). In addition to the School of Electrical and Computer Engineering and GTRI, the project will include Professor Brian Kennedy from Georgia Tech’s School of Physics.

Attribution of malicious cyber activity is an established research thrust at Georgia Tech, and this new contract builds on the early success of another Department of Defense (DoD) sponsored program to enhance attribution. The “Rhamnousia” program is now a $25.3 million contract being led by the same research team of Farrell and Antonakakis.

This material is based upon work supported by the Defense Advanced Research Projects Agency (DARPA) under contract number HR001118C0057. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Defense Advanced Research Projects Agency (DARPA).

Source: http://www.news.gatech.edu/2018/05/14/faster-detection-cleanup-network-infections-are-goals-128-million-project

Filed Under: Georgia Tech News Tagged With: cyber, cyber incidents, Cyber Security, cyberthreat, DARPA, data breach, Georgia Tech, GTRI, hack

Next NDAA might add more cyber provisions

May 8, 2018 By Andrew Smith

The next defense authorization bill could have a slew of new cyber provisions aimed at streamlining the Defense Department’s collaboration with the rest of government.

The House Armed Services Committee’s Subcommittee on Emerging Threats and Capabilities released a markup of the 2019 National Defense Authorization Act on April 26 that includes a range of cyber provisions and recommendations focusing on expanding cyber forces, protecting critical infrastructure and consolidating cyber responsibilities.

Key provisions include:

  • Studying state cyber teams.
  • Protecting critical infrastructure with more hackathons.
  • Boosting breach notification requirements. 
  • Prioritizing tech needs at DOD installations.
  • Fully integrating DIUx’s Silicon Valley vibe into defense labs. 
  • Mapping cyber vulnerabilities in weapons systems. 
  • Cyber Command absorbing (some of) DISA’s responsibilities.

Read details on each of these provisions at: https://washingtontechnology.com/articles/2018/04/27/ndaa-markup-cyber.aspx

Filed Under: Contracting News Tagged With: critical infrastructure, cyber, Cyber Command, cyber incidents, Cyber Security, DISA, DIUx, HASC, House Armed Services Committee

Changes coming to GSA’s contractor cybersecurity requirements

January 23, 2018 By Andrew Smith

The General Services Administration (GSA) plans to officialize regulations on how contractors should handle and protect sensitive information for federal clients, as well as report any incidents that could put that information at risk.

GSA’s proposed contractor cybersecurity rules changes — a pair of actions included in a Federal Register notice published Jan. 12 — follow in the footsteps of the Pentagon’s move last year to update its acquisition regulations, heightening the security standards of the defense contractors who work with sensitive DoD data.

The actions aren’t exactly new. In part, GSA is putting existing contractor information security requirements through the rulemaking and public comment process so they will be be officially added to the GSA Acquisition Regulation, or GSAR, with any subsequent updates.

Keep reading this article at: https://www.fedscoop.com/changes-coming-gsas-contractor-cybersecurity-requirements/

GTPAC has created a video and a template to help businesses comply with DoD’s cybersecurity requirements.  These new resources appear at: http://gtpac.org/cybersecurity-training-video/

Filed Under: Contracting News Tagged With: cyber, cyber incident, cyber incidents, cybersecurity, DoD, GSA, GSAR

Deadlines approach for government contractors on cybersecurity compliance

October 27, 2017 By Andrew Smith

Government contractors are subject to cybersecurity requirements, found in the Federal Acquisition Regulation (FAR) and each agency’s supplement to the FAR, and some important deadlines are fast approaching. Set forth below is a high-level overview of cybersecurity requirements found in the FAR and the Department of Defense (DoD) FAR Supplement (DFARS).

The FAR requires government contractors that handle “federal contract information” to comply with 15 requirements for safeguarding that information. These requirements are similar to certain requirements found in NIST SP 800-171.

Under the FAR, “federal contract information” is defined as:

information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public Web sites) or simple transactional information, such as necessary to process payments.

This is a broad category of information, and some commentators have suggested that it would apply to “virtually all” federal contracts.

Keep reading this article at: https://www.jdsupra.com/legalnews/deadlines-approach-for-government-74231/

Filed Under: Contracting Tips Tagged With: contract clauses, controlled unclassified information, CUI, cyber, cyber incidents, cybersecurity, DFARS, DoD, False Claims Act, FAR, FCI, flow down clause, NIST

Reminder: DoD contractors required to meet cybersecurity requirements by year-end

October 12, 2017 By Andrew Smith

The window for Department of Defense (DoD) contractors to bring themselves into compliance with cybersecurity requirements is closing.

Specifically, changes to the Defense Federal Acquisition Regulation Supplement (DFARS) published in late 2016 require that DoD contractors and subcontractors provide “adequate security” on “covered information systems.”  The new rule also imposes reporting requirements for cyber incidents.  Failure to comply with these requirements could result in loss of government contracting opportunities and civil and criminal liability for responsible companies and individuals.

Background

On October 21, 2016, DoD published a final rule significantly expanding the obligations of private industry with respect to cybersecurity on contractor information systems that host certain government and other sensitive data. 81 Fed. Reg. 72986 (Oct. 16, 2016).  Specifically, the new rule amends the contract clause at DFARS 252.204-7012, which addresses “Safeguarding Covered Defense Information and Cyber Incident Reporting.” According to DoD, “[t]he objectives of the rule are to improve information security for DoD information stored on or transiting contractor information systems as well as in a cloud environment.”  

The amended DFARS clause imposes a critical and fast-approaching compliance deadline for DoD contractors and subcontractors to implement specific security measures on their “covered systems” by December 31, 2017.

The new contract clause at DFARS 252.204-7012 mandates that DoD contractors and their subcontractors “provide adequate security” on all “covered contractor information systems.”

Keep reading this article at: http://www.jdsupra.com/legalnews/alert-dod-contractors-required-to-meet-65186/

Filed Under: Contracting News Tagged With: controlled unclassified information, CUI, cyber, cyber incidents, cybersecurity, DFARS, DoD, NIST

Recent Posts

  • DLA hosting event March 10th with special emphasis on Women-Owned Small Businesses
  • Navy Office of Small Business Programs holding three events in March
  • SBA hosting conversations with contracting officers forum Feb. 25th
  • Final rule, formal training on CMMC could hit this summer
  • Non-compete clauses in government contracting: a case study in enforceability

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

Final rule, formal training on CMMC could hit this summer

COFC: “Rule of two” must be analyzed before “any” acquisition

DOD’s cybersecurity certification requirements to appear in DHS contracts

Congressional Research Service publishes updated report on SBA’s 8(a) program

Congressional Research Service publishes new report on SBA’s HUBZone program

Read More

Contracting Tips

Non-compete clauses in government contracting: a case study in enforceability

NDAA for fiscal year 2021 includes numerous provisions impacting government contractors

Beware of the automated email response

Complying with the government’s restrictions on foreign telecommunications equipment

Construction claims in the COVID era: lessons learned and best practices

Read More

GTPAC News

DLA hosting event March 10th with special emphasis on Women-Owned Small Businesses

Navy Office of Small Business Programs holding three events in March

SBA hosting conversations with contracting officers forum Feb. 25th

USACE seeks vaccination center construction support

GTPAC updates cybersecurity resource page to include CMMC guidance

Read More

Georgia Tech News

Collective worm and robot “blobs” protect individuals, swarm together

The Partnership for Inclusive Innovation is now accepting applications for pilot programs

Georgia Tech will help manage DOE’s Savannah River National Laboratory

Dr. Abdallah testifies on U.S. competitiveness, research, STEM pipeline at Congressional hearing

Georgia Tech’s Technology Square Phase III to include George Tower

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2021 · Georgia Tech - Enterprise Innovation Institute