Eutelsat Communications (Paris:ETL) has entered into an agreement with OneWeb for the subscription of a c.24% equity stake, becoming a leading shareholder of the company alongside the UK Government and Bharti Global. Eutelsat will invest $550 million in OneWeb, with closing expected in H2 2021 subject to regulatory authorisations.

With much of its global network already deployed, the OneWeb constellation, which enjoys valuable ITU-backed priority spectrum rights, will operate 648 satellites in low orbit (LEO) offering low latency. This first generation of satellites will offer significant regional coverage by the end of 2021, reaching global coverage the following year. OneWeb will be the first complete non-geostationary constellation with truly global coverage, significantly ahead of competing projects.

It will deliver 1.1 Tbps of capacity addressing the government, fixed data and mobility markets. Plans include a second-generation constellation that will provide significant enhancements in terms of capacity, flexibility and economics. It anticipates annual revenues of circa $1 billion within three to five years following the full deployment of the constellation, with a partnership approach and profitable wholesale business model. Eutelsat’s investment leaves OneWeb almost fully funded and the company is well advanced in terms of securing its remaining funding needs this year.

Octo Consulting announced on Tuesday that it has completed its branding integration with Sevatec. The two companies combined in Dec. 2020, to the benefit of both. The merger reinforced crucial customer relationships and increased each company’s capabilities.

Octo developed a revised brand identity, including a logo, color scheme and other branding-related elements that illustrate and respect both company’s legacies. The companies will immediately begin to operate under the Octo banner. 

“We are all extremely pleased with and excited to launch this new brand. Octo’s evolved brand identity was crafted, so employees and customers understand how the best of both organizations was thoughtfully woven into a cohesive message to the market,” commented Mehul Sanghani, Octo’s CEO. 

“We believe there is a strong differentiation of our brand within a market that includes both multibillion-dollar aerospace and defense contractors that sell ships and weapons but who also claim commodity-based IT capability and a sea of niche providers that lack the depth of capabilities or modernization qualifications at a scale that modern government missions demand,” Shanghani added.

Octo’s transaction with Sevatec illustrates Octo’s remarkable growth. Since its foundation, Octo has grown every year and boasts approximately 1,100 skilled employees who solve complex technical challenges for government customers.

“The smooth transition to this fresh, new brand demonstrates our combined company’s ability to flex and grow as we have embraced our position as a pure-play modernization and technology solutions provider to the government’s most challenging technical problems,” said Octo’s vice president of Marketing Ethan Meurlin. 

Together, Octo and Sevatec are extremely agile partners for government customers and can provide innovative, high-touch service that incorporates considerable operational resources. The merger essentially created a mid-sized federal information technology modernization provider with the scale to compete with much larger system integrators without losing the responsiveness of a small business. 

“In our new branding, we worked collaboratively with legacy Sevatec employees to retain many elements of Sevatec’s unique visual identifiers. For example, we crafted a new, more contemporary logo that prominently incorporates the arrow from Sevatec’s prior logo,” stated Meurlin. 

“We also embraced the idea of 'seva,' or selfless service, that was at the core of Sevatec’s culture into our official values statement. It was important for us to show our customers, partners, and our employees who we are and what we stand for as a unified company, and we believe these new brand elements do just that,” concluded Meurlin. 

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) have released Defending Against Software Supply Chain Attacks, a document containing information on software supply chain risks and providing guidance on the application of frameworks from NIST for cyber supply chain risk management and secure software development.

CISA said Monday that its Defending Against Software Supply Chain Attacks publication warns against the consequences of attacks to an organization's software supply chain, including privileged and persistent access to a victim network, and lists measures that can help prevent and mitigate attacks and enhance supply chain resilience.

According to the document, software customers are advised to create and execute a program for managing identified vulnerabilities and to employ resilience measures for limiting the impact of a successful attack against a vulnerable software.

It cited NIST's key practices for applying a cyber supply chain risk management approach, including establishing a C-SCRM program and integrating it across the organization, knowing and managing critical components, collaborating with key suppliers and including them in resilience and improvement efforts, and planning for the full life cycle.

For software vendors, the document recommends preparing for secure software development by defining security requirements, automating developer and security toolchains, creating criteria and processes for data collection for security evaluations. Suppliers are also encouraged to establish SSDF roles and responsibilities within the software development life cycle.

CISA said vendors are encouraged to take a systems security engineering approach to safeguard their development infrastructure and implement NIST's SSDF to protect the cyber supply chain from malicious software content or vulnerabilities.

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory to provide information on cyber tools and techniques used by Russian Foreign Intelligence Service actors to compromise government networks, information technology companies and think tanks.

Russia’s SVR actors use password spraying, zero-day vulnerability and WELLNESS malware, among other techniques, to infiltrate networks, the agencies said Monday.

FBI also observed that SVR actors have transitioned from using malware to homing in on cloud-based platforms to gain access to data starting in 2018.

The agencies also suggest best practices that network operators can implement to protect IT systems from the identified techniques, such as mandating the use of an approved multifactor authentication for all users, performing regular audits of mailbox settings and account permissions, monitoring the network for evidence of encoded PowerShell commands and auditing log files to detect attempts to access privileged certificates.

“The FBI and DHS recommend service providers strengthen their user validation and verification systems to prohibit misuse of their services,” the advisory states.

In mid-April, CISA, FBI and the National Security Agency issued an advisory listing five network vulnerabilities used by SVR actors to compromise U.S. and allied government systems. The White House also issued a statement attributing the SolarWinds hack to SVR.

If you're interested in cybersecurity, check out GovCon Wire's Defense Cybersecurity Forum coming up on May 12. Click here to learn more.

The U.S. Army has funded scientists from Duke University and the University of Pennsylvania to study how micro-lasers can accelerate military communications and data transmission.

The photonics research team developed two-dimensional arrays of micro-lasers designed to collectively surpass the power density of a single micro-laser while maintaining the same stability, the Army said Thursday.

“The research results out of UPenn mark a significant step towards creating more efficient and fieldable laser sources.,” said James Joseph, program manager at the Army Research Office.

A two-laser array can produce two super-modes and quadratically increase its power output while maintaining the coherency and stability required to preserve the data in transit.

Light detection and ranging or LiDAR technology allows autonomous systems to optically sense objects. The researchers believe the array holds potential for LiDAR applications. The research team published its findings in the Science peer-reviewed journal.

The Defense Advanced Research Projects Agency (DAPRA) is working on a computer science effort to address the security risks associated with reporting software vulnerabilities. 

DARPA said Thursday that its Securing Information for Encrypted Verification and Evaluation (SIEVE) program will use zero-knowledge proofs (ZKP) to better protect exchanges of vulnerability information.

ZKPs refer to problem statements that analysts may use to mathematically explain software matters. The SIEVE effort aims to produce computer science theory and corresponding software that would simplify cryptography and boost the effectiveness of ZKPs.

A Galois-led team demonstrated ZKP's use in communicating a memory-safety vulnerability found in the Game Boy Advance device. The team combined different protocols and program analyses to evaluate ZKP statements.

Trail of Bits leads a second team to model architecture-level vulnerabilities as ZKP-compatible Boolean circuits.