Today, parts of the US critical infrastructure, such as power grids, pipelines, reservoirs, water systems, and other industrial nodes are more connected to the Internet than ever, said Greg Schaffer, assistant secretary for cyber security and communications at the Department of Homeland Security. If nefarious cyber actors can touch these sites, much like information technology systems, there are real-world consequences that could be grave in some cases, he said at AFA’s CyberFutures Conference last week in National Harbor, Md. The discovery of the “Stuxnet” worm last year, which targeted Iran’s nuclear program, showed definitively that designers can engineer software for a specific purpose vis-a-vis going after industrial controls, Schaffer said. Threats are very evolved and nobody is “too obscure” to face challenges, as those with malicious intent could use any system connected to the network as a node or attack vector to go into another network or against another target, he said. That’s why source attribution continues to be one of the most challenging aspects of defending against these sorts of attacks, he noted in his presentation March 31. (For more from Schaffer at CyberFutures, read How Far the Cyber Threat and Conversation Have Come)
The Air Force and Boeing agreed to a nearly $2.4 billion contract for a new lot of KC-46 aerial tankers on Nov. 21. The deal, announced by the Pentagon, is for 15 new aircraft in Lot 11 at a cost of $2.389 billion—some $159 million per tail.