The Cybersecurity and Infrastructure Security Agency (CISA), FBI and the National Security Agency (NSA) have issued a joint advisory after authorities determined that Russian Foreign Intelligence Service actors are using five network vulnerabilities to potentially infiltrate U.S. and allied government systems. 

Cybersecurity professionals should conduct network checks to identify indicators of compromise and implement measures to defend against Russian exploitations, the three agencies said Thursday.

NSA, CISA and FBI listed the publicly known vulnerabilities Russia's SVR actors are exploiting and urged companies to help the federal government respond to foreign cyber threats.

The agencies released the cybersecurity warning the same day President Biden imposed a string of sanctions on Russia over malicious cyber activities and election interference attempts.

The U.S. determined that SVR was responsible for the SolarWinds hack that affected many federal and private-sector entities, according to the White House.

If you're interested in cybersecurity, check out GovCon Wire's Defense Cybersecurity Forum coming up on May 12. Click here to learn more.

The Federal Communications Commission (FCC) will reestablish a federal advisory committee by the end of June 2021 that will focus on improving the security of 5G networks. 

The Communications Security, Reliability and Interoperability Council will also review vulnerabilities related to software and cloud services and come up with mitigation strategies, FCC said Thursday.

Jessica Rosenworcel, acting chairwoman of FCC, said the revitalization of the council marks the commission’s efforts to improve the security and resiliency of the country’s communications networks against current and future challenges.

“The damage from recent supply chain attacks, like the SolarWinds software breach, demonstrates our need for a coordinated, multifaceted, and strategic approach to protecting our networks from all threats,” Rosenworcel added.

FCC will accept nominations for membership by June 1, according to a public notice published Thursday. The council is expected to hold its first meeting in September.

To register for this virtual forum, visit the GovConWire Events page.

Sikorsky, a Lockheed Martin subsidiary, has worked with the U.S. Air Force to demonstrate the performance of HH-60W Jolly Green II, a new combat search and rescue helicopter that was transported to Eglin Air Force Base in Nov. 2019 to undergo various tests.

USAF said Thursday that Jolly Green II's developmental test program, which the team completed on Tuesday, was also intended to optimize the configurations of the test aircraft's weapon system.

In addition to aircraft performance, Sikorsky and the Air Force evaluated the helicopter's cabin and communications systems, data links and defensive technologies. Jolly Green II also underwent environmental tests, aerial refueling and rescue hoist and live-fire activities as part of its developmental tests.

The maiden flight of the HH-60W in May 2019 kicked off the testing efforts. It logged over 1,100 flight test hours across six evaluations.

The follow-on testing will be held at Nellis AFB in Nevada in 2022. It will be overseen by the Combat Search and Rescue Combined Test Force. Jolly Green II is planned for delivery to Air Force rescue units following its modification to prepare for operational use.

Naval Surface Warfare Center (NSWC) Panama City Division arranged a team to participate in a cybersecurity challenge hosted by the U.S. Navy. The team exhibited their cyber skills at the Navy's 2021 HACKtheMACHINE challenge, which ran from March 23th to 26th, Naval Sea Systems Command said Wednesday.

“HACKtheMACHINE is a truly unique exercise because the challenge environment is a mock-up of a fully functional ship bridge with all the common control systems and sensors (radars, global positioning system, etc.),” said Joshua Davis, a scientist at NSWC PCD.

This year's iteration of the annual HACKtheMACHINE challenge took place virtually, with the same goal to address the Navy's cyber challenges.

PCD's scientist-engineer team took part in the challenge's Maritime Cyber track, where participants attempt to hack commercially made maritime electronic systems.

NSWC PCD wants to participate in similar, publicly open events with academic partners in the post-pandemic future.

The Department of Labor has released new guidelines on ensuring the cybersecurity of systems that are key to protecting $9.3 trillion in retirement benefits for over 34 million participants in contribution plans.

DOL said Wednesday that the Employee Benefits Security Administration‘s (EBSA) guidance includes cybersecurity best practices and is geared toward plan sponsors and fiduciaries, participants and record keepers.

The guidance also covers service provider selection tips and online security practices to prevent loss and fraud. EBSA previously issued regulations on disclosures and electronic records including provisions on records management and system controls.

“This much-needed guidance emphasizes the importance that plan sponsors and fiduciaries must place on combatting cybercrime and gives important tips to participants and beneficiaries on remaining vigilant against emerging cyber threats,” said Ali Khawar, acting assistant secretary for employee benefits security at DOL.

If you're interested in cybersecurity then check out GovCon Wire's Defense Cybersecurity Forum coming up on May 12. Click here to learn more.

The VMware Special Committee of independent directors and Dell Technologies announced that they have agreed to terms for VMware to be spun-off from Dell Technologies on Wednesday. The terms will simplify the corporate structure and include an $11.5-12.5 billion special cash dividend declared by the VMware Board to all VMware stockholders just before the spin-off and subject to all closing conditions’ satisfaction.

Additionally, VMware stockholders will receive a pro-rata distribution of VMware shares held by Dell Technologies. Michael Dell and Silver Lake Partners will own direct interests in VMware. Dell and VMware also finalized a commercial agreement that sustains and strengthens their strategic partnership to deliver joint customer value.

“By spinning off VMware, we expect to drive additional growth opportunities for Dell Technologies as well as VMware and unlock significant value for stakeholders. Both companies will remain important partners, with a differentiated advantage in how we bring solutions to customers,” commented Michael Dell, VMWare’s chairman of the board.

VMware aims to create a universal software and SaaS platform across all clouds and hardware infrastructure to accelerate clients’ digital transformation. As a spin-off from Dell, the company will have increased freedom to execute strategy, simplified capital structure and financial flexibility.

The $11.5 billion to $12.0 billion special cash dividend that VMware will give to all stockholders is based on outstanding shares as of March 16th, 2021. The price per share ranges from $27.43 to $28.62.

“We will have an enhanced ability to extend our ecosystem across all cloud vendors and on-premises infrastructure vendors and a capital structure that will support growth opportunities. Our strategic partnership with Dell Technologies remains a differentiator for us, and, as we execute on our multi-cloud strategy, we continue to provide customers our solutions and services on any public cloud and any infrastructure,” added Zane Rowe, VMware’s chief financial officer and interim chief executive officer.

The transaction is expected to close during the fourth quarter of calendar 2021, subject to certain conditions.

Three bipartisan senators have reintroduced a bill to retain and develop the skills of federal cybersecurity professionals. Sens. Gary Peters, D-Mich., John Hoeven, R-N.D. and Jacky Rosen, D-Nev., reintroduced the Federal Rotational Cyber Workforce Program Act to improve the recruitment and retention of cyber employees across the federal government, the Senate Homeland Security and Governmental Affairs Committee (HSGAC) said Tuesday.

Under the legislation, civilian professionals can benefit from a “personnel rotation” program that will allow them to work with various agencies and gain experience while expanding their networks. The bill comes as part of efforts to help agencies compete with industry benefits and salaries, according to HSGAC.

“The recent and unprecedented cyber-attacks targeting U.S. government agencies and the private sector underscore the urgent need to hire and retain highly-skilled cyber professionals to defend our nation,” said Rosen.

If you're interested in government cybersecurity then check out the GovCon Wire's Defense Cybersecurity Forum coming up on May 12. Click here to learn more.