Log4j Remains an ‘Endemic’ Security Risk

Morning Coffee is a robust blend of links to news around the internet concerning the Naval Air Station Patuxent River economic community. The opinions expressed here do not reflect opinions of the Leader’s owners or staff.

A computer vulnerability discovered last year in a ubiquitous piece of software is an “endemic” problem that will pose security risks for potentially a decade or more, AP reports on the new Cyber Safety Review Board findings of no major cyberattack due to the Log4j flaw, which lets internet-based attackers easily seize control of everything from industrial control systems to web servers and consumer electronics. However, the malware is embedded and will still “be exploited for years to come.”

The Senate Armed Services Committee released the text of its FY23 defense policy bill this week, reports Breaking Defense, boosting the department’s procurement and research funds by billions over its budget request. The SASC version would authorize a $45 billion increase in defense spending over the budget request, to a total of $847 billion.

The US House’s $840 billion version of the annual defense policy bill includes a provision to identify and better secure critical infrastructure at most risk of cyberattack. As many as 200 entities could initially be named, according to the language of the measure, with room for 150% more in four years. Entities could appeal placement on the list.

Funding shortfalls could cause major readiness problems, reports Defense News. Service leaders warned of insufficient training for troops, unfinished equipment maintenance, and a host of other problems the result of readiness funding shortfalls, but lawmakers said Pentagon planners are partially to blame, and that military leadership needs to do a better job prioritizing operation and maintenance accounts.

Pentagon officials are pressing lawmakers to back legislation to fund the domestic production of semiconductor chips, arguing it is essential for national security, reports The Hill. Ahead of a crucial vote in the Senate, the DoD lobbied members in both parties to back the bill by arguing it will help the US keep up with China and other nations heavily investing in their own semiconductor industries.

The US Senate votes to move ahead on chip bill to compete with China, reports Reuters.  The bill provides billions of dollars in subsidies and tax credits for the semiconductor industry, hoping to ease a shortage that has disrupted production in industries from automobiles to electronics and high-tech weapons. The Senate backed by 64 to 34 a procedural measure setting the stage for potential votes to pass the legislation in the Senate and House of Representatives by the end of next week.

At a NATO summit in June, President Joe Biden highlighted the two F-35 squadrons the US is placing in the United Kingdom as part of his administration’s response to Russia’s invasion of Ukraine. Air Force Magazine reports that once those two squadrons, both stationed at RAF Lakenheath, are built out, the US has no immediate plans to further expand its permanent fleet of F-35 fighters in Europe.

At the Farnborough Airshow, Lockheed announced it has reached a deal with the US Pentagon’s F-35 Joint Program Office to deliver approximately 375 F-35 Joint Strike Fighters over the next three lots, reports Defense News.

Greek Defense Minister Nikolaos Panagiotopoulos is visiting the United States this week as Athens continues its bid to join Lockheed Martin’s F-35 co-production program and lobby against a potential F-16 sale to Turkey, reports Defense News.

 

 

China’s Ministry of Defense has accused the US of taking “security risks” and disrupting the stability of the Taiwan Strait when it sailed a guided-missile destroyer through the waterway earlier this week, reports Al Jazeera. Colonel Shi Yi, a spokesperson for the People’s Liberation Army Eastern Theatre Command, said that China had tracked the USS Benfold from the US 7th Fleet from the sea and the sky during its trip on Tuesday.

CNN reports Chair of the Joint Chiefs of Staff Mark Milley has ordered a comprehensive review of US military interactions with Chinese forces over the past five years as concern about Beijing’s assertive behavior in the Indo-Pacific region increases. The review, with attention to Chinese aircraft or ships operating too close to US military assets, seeks to reveal any changes in patterns of Chinese military activity.

The new Navy fleet study calls for a 373-ship battle force, although the details are classified, reports USNI News. The Navy quietly slipped a new, classified assessment on the number of ships the service needs to meet its missions around the world to Congress earlier this month. The report calls for a battle force of 373 ships – 75 more than in the current fleet. Dubbed the Battle Force Ship Assessment and Requirement, which the FY21 defense authorization bill called for the Navy to create.

Citing recruiting woes, the Army will shed up to 28,000 troops in next year, reports Army Times. In a stunning admission to a House Armed Services Committee panel Tuesday, the Army’s number two officer, Vice Chief of Staff GEN Joseph Martin, acknowledged that the service will likely be short at least 7,000 soldiers when the fiscal year ends September 30.

The US seizes $500,000 from North Korean ransomware attacks on hospitals, reports UPI, recovering ransomware payments made to North Korean hackers by victims including a medical center in Kansas and a health care provider in Colorado, the Department of Justice announced.

Veterans Affairs officials are overhauling their website detailing medical wait times at facilities across the country, but that won’t mean significant changes to private-sector care eligibility for patients worried about access issues, reports Military Times. The new site, which went live Tuesday afternoon, is the culmination of months of behind-the-scenes work in response to veterans’ complaints about deficiencies in the old offering.

Self-driving cars could soon see much better with advances in laser range-finding, reports Defense One. A limitation of the Light Detection and Ranging systems vision is a failure to pick up sufficient details while in motion. University of Glasgow researchers are finding that splitting a single laser beam into two may allow self-driving vehicles to better understand their surroundings — and even to recognize people and objects.

The US House passes a bill codifying federal same-sex, interracial marriage protections, reports UPI. The House voted 267-157 to approve the Respect for Marriage Act which seeks to codify federal recognition for same-sex marriage and strengthen other marriage-equality protections.

Drug overdose deaths rise, hitting minorities hardest, reports UPI. The nation’s opioid epidemic is hitting minorities the hardest, with the latest government study reporting the steepest increases in overdose deaths among Black Americans and American Indians/Alaska Natives. While overdose deaths climbed 24% among White Americans in 2020, still an historic high, they jumped 44% among Black people and 39% among American Indian and Alaska natives. Illicit fentanyl, a synthetic opioid that is 50 times more potent than heroin and 100 times more powerful than morphine, appeared to be the primary driver of the sharp increases, according to the report from the US Centers for Disease Control and Prevention.

After 246 years, the Marines are set for their first Black four-star general, reports The Washington Post. In the late 1980s, Michael E. Langley was a powerlifter who dominated flag football games, an intellectual who set records for how many training courses he wrote, and a problem-solver whose bosses frequently tapped him to mediate workplace disputes. More than three decades later, Langley has been nominated to lead all US military forces in Africa as chief of US Africa Command. If confirmed, Langley would become the first Black person to receive four stars since the founding of the Marine Corps 246 years ago. Over that time, more than 70 White men have risen to the Marines’ highest ranks.

Video of the fatal 2017 Marine Osprey crash shows final moments before landing went horribly wrong, reports Defense News. The two-minute-28-second video of the crash that killed three Marines and injured another 23 during an exercise off the coast of Queensland, Australia, posted July 2 and by Tuesday had been viewed nearly five million times.

Contracts:

Science Applications International Corp., Reston, Virginia, was awarded a $15,019,832 modification (P00018) to contract W31P4Q-21-F-0057 for engineering and professional services supporting systems-of-systems, battlespace effectiveness models, simulations and analysis. Work locations and funding will be determined with each order, with an estimated completion date of Jan. 19, 2024. US Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity.