Quick Hits

Coast Guard set to spend $93M on cybersecurity vulnerabilities & the GAO is still concerned.

The U.S. Coast Guard is set to spend $93 million in fiscal year 2022 to improve its IT systems and infrastructure. But a new report from the GAO says the Coast Guard still doesn’t fully assess its IT network capacity needs. IT systems and operational technology are critical for Coast Guard operations. The DHS component relies extensively on IT systems and services to carry out its 11 statutory missions. It also relies on operational technology, which encompasses a broad range of programmable systems or devices that interact with the physical environment, such as sensors and radar. GAO is concerned that the Coast Guard has a history of problems managing these resources and lacks a documented network capacity planning process.
Read more

Annoying political spam emails might land in your inbox anyway.

The Federal Election Commission is planning to vote later this week on Google’s proposed pilot program to keep eligible political campaign emails out of spam folders, saying that the plan does not violate federal campaign finance laws. Google’s proposal comes after months of bipartisan bickering, with one side claiming that their political emails land in spam more often than the other side. In response to the criticism, Google asked the FEC to allow for a pilot program that would exempt eligible campaign solicitations from the company’s spam filters. Score +1 for politicians, -5 for average citizens.
Read more

Inflation Reduction Act is pouring billions into the IRS to catch tax-dodgers.

The Inflation Reduction Act includes billions to modernize the Internal Revenue Service‘s IT business systems and digital asset monitoring.  The IRS would receive $80 billion of the $430 billion reconciliation package, of which $4.8 billion is allocated to upgrade some of its highly antiquated digital business systems it uses to administer taxpayer services, operations, and cybersecurity.
Read more

But wait! There’s more! 

• GAO partly-granted, and partly-denied a request from Booz Allen Hamilton for the GSA to reimburse it for the cost of filing a protest. Booz Allen was challenging the award of an IT support services task order to GDIT.

Top Defense & Aerospace

Did someone forward you this email? 
Tell them thanks, buy them a beer, & join the GovBrew Crew! 

Top Intel Community

CISA releases top malware strains of 2021.

The top malware in 2021 included remote access trojans, banking trojans, information stealers and ransomware. Specifically, 2021’s top malware strains were: Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader. CISA and ACSC state that most of these top strains have been used for more than five years—and some for more than 10 years—with their respective code bases evolving into several variations. Like a good virus, like COVID-19, these malware strains morph, adapt, and are persistent as hell.
Read more

CISA issues warning on active exploitation of UnRAR software for Linux Systems.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. This means that an adversary could exploit the flaw to drop arbitrary files on a target system that has the utility installed simply by decompressing the file. The vulnerability was revealed by SonarSource researcher Simon Scannell in late June.
Read more

US Army seeks criminal and threat intelligence coverage.

U.S. Army posted a sources sought notice for criminal and threat intelligence coverage for the Joint Task Force – National Capital Region / Military District of Washington (JTF-NCR / MDW). The contractor shall provide real-time 24/7/365 criminal, threat, and intelligence reporting for Joint Task Force-National Capital Region and the Military District of Washington. Daily Global Security Operations Center (GSOC) real time alerts, protest alerts, protest reporting, weekly JTF-NCR (MDW) intelligence reports, Extremist Intelligence Threat (EXIT) reports, global, national, and regional threat assessments, and when requested, Detailed Analysis in Real-Time (DART) report for requested events that The Joint Task Force-National Capital Region / Military District of Washington will participate in within the United States.
Read more

Top Civilian

Bipartisan senators want commodity regulations for crypto.

You know the government wants a cut of the crypto, action, right? A proposed new bill would give federal financial regulatory agencies control over digital commodities. The Digital Commodities Consumer Protection Act of 2022 would give the Commodity Futures Trading Commission authority to regulate cryptocurrency and other digital asset trading and instill rules that hold digital assets to the same standards as other traditional financial tools. Of course, the bill was positioned as a way to “protect” Americans by reducing risks and requiring the marketplace to have adequate cybersecurity protections. One of the more critical regulations would be requiring these digital commodity trading platforms to register with the CFTC and maintain sufficient financial resources, similar to banking stress tests.
Read more

FEMA, FCC warn emergency alert systems vulnerable to hacking.

It’s like V for Vendetta, 20 years later. (Seriously, it’s been 17 years since V came out.) FEMA and the FCC are warning that hackers like V can use the Emergency Alert System to issue TV, radio, and cable network alerts if encoder and decoder device software isn’t properly updated. FEMA issued an advisory to broadcasters after learning the exploit may be demonstrated to a large audience at the DEF CON hacking conference in Las Vegas that runs Aug. 11-14, 2022. Personally, I’m all for hacking the nightly news so long as they provide great entertainment and value in the process.
Read more

GovCon M&A Corner

Parsons and Aurora Insight partner up.

Parsons Corp. has added Aurora Insight as a strategic partner through a multiyear agreement for commercial space research, development, and mission exploration and advancement. The partnership provides an agile vehicle where both companies can align their strengths and solutions. Aurora Insight measures the global radio frequency environment from a constellation of terrestrial and space-based sensor systems to provide government and commercial customers with data on spectrum and wireless network infrastructure.
Read more

Command Holdings buys management consultancy WWC Global.

Command Holdings, the non-gaming investment arm of the Mashantucket Pequot Tribal Nation, has acquired WWC Global, a woman-owned consulting services provider to the federal government sector. WWC Global —  which generates nearly $100 million in annual sales and employs 350 workers – provides support to federal clients such as DOD, DHS, as well as USAID.
Read more

Guidehouse announces consolidation of national security and defense segments.

Guidehouse announced that it will consolidate of the firm’s National Security and Defense segments, along with several key leadership updates.
Read more

Follow the Leaders

• Justin DePalmo accepts CISO position at GDIT.
• Jarrett Booz joins Accenture Federal Services as Sr. Manager and Program & PM Lead.
• Jason Gray joins USAID as CIO.
• Sheena Burrell starts work as National Archives CIO.

Follow the Job Openings

• DHS is looking for a Deputy Director of the Federal Law Enforcement Training Centers.
• NSA is looking for Systems Engineers of all levels, including Senior Systems Engineers.

Contract Awards

Peraton wins $850M DOD Intellgence Systems contract.

Peraton has been awarded a contract by the DOD to provide agile analytic platforms and data management solutions. The contract is worth $850 million over five years. Peraton has a decades-long relationship with DOD, having provided technological solutions across the U.S. intelligence community and military. The company’s cyber portfolio and capabilities include full spectrum cyber operations, information operations, cyber capability development and signals intelligence solutions.
Read more

GDIT wins $267M Army National Guard cyber contract.

GDIT has won the $267 million Guard Enterprise Cyber Operations Support contract to support the Army National Guard. The contract has a 1-year base period and three option years. Under this new work, GDIT will provide the Army National Guard with an integrated network and security operations center. From this site, GDIT will operate, maintain and secure the enterprise network, in classified and unclassified environments.
Read more

Accenture Federal Services snags Army Intelligence and Security Command contract.

Accenture Federal Services has won a 5-year contract from the U.S. Army Intelligence and Security Command to deploy the cloud-based ServiceNow platform and modernize its enterprise service management capabilities. AFS will deploy ServiceNow as part of the INSCOM Digital Transformation Support Services contract issued in partnership with Carahsoft under their Defense Department Enterprise Software Initiative blanket purchase agreement for service solutions and services.
Read more

But wait! There’s more!

• SpaceLink entered into a Cooperative R&D (CRADA) with the Missile Defense Command Technical Center.

See what’s brewing in GovCon throughout the day.  
Follow GovBrew on social media. 

Share GovBrew

Join the program and Unlock Rewards by Sharing.

You’re only a few referrals away from unlocking our
Exclusive Weekly Opportunities Email.