At the 2011 LandWarNet Conference, August 22 – 25 in Tampa, Fla., cyber experts, Giorgio Bertoli and Stephen Lucas, from the Research, Development and Engineering Command’s communications-electronics center will be presenting, “Future Cyber Initiative,” Aug. 24 at 2:30 p.m. as part of Track 6, which focuses on the C4ISR Materiel Enterprise’s work in cyber capabilities.
Credit: DOD
The presentation provides a high level view of the current and emerging cyberspace technology landscape and the technology research & development being pursued by (CERDEC) in this new operational domain.
Bertoli is an electrical engineer and computer scientist and is currently serving as Senior Engineer for the Information and Networks Operation division as part of CERDEC’s Intelligence and Information Warfare Directorate. Bertoli has over 18 years of combined Active military duty and civilian government engineer experience in electronic warfare, computer network operations and cyber-related technologies.
Lucas is an electrical engineer and is currently serving as the Chief Engineer for the Cyber Security and Information Assurance division of CERDEC’s Space and Terrestrial Communications Directorate. Lucas has over 25 years of civilian government experience in information assurance, communications security/transmission security, computer/ network security and cyber defensive capabilities/technologies.
Much of Bertoli’s work focuses on the offensive tactics taken during a cyber attack while Lucas’ efforts aim to defend the network. To further illustrate both sides of the cyber landscape, Bertoli and Lucas explain their efforts in a head-to-head, football game: The “Cyberbowl.”
Welcome to the 2011 CYBERBOWL championship where the Lucas DEFENDERs are about to take on the Bertoli HACKERs. It is a hot August day, and the teams have practiced extensively and researched each other’s vulnerabilities in the months leading up to this match. The DEFENDERs have focused on message board postings on underground forums, newsletters, mailing lists, and Internet relay chat rooms in order to learn what attacks and techniques the HACKERs could have in their playbook.
Likewise, the HACKERs have been engaged in researching available open-source information on the DEFENDERs and their security posture, organizational structure and personnel.
Something as seemingly innocuous as an organizational chart and an email list can provide valuable venues of attack for the HACKERs.
It’s kick off, and the game is on the way. It’s first-and-10 on the 20-yard line and the HACKERs take the field on offense. Looks like the HACKERs are taking a conservative start to the game by running basic IP and Port Scans plays trying to better determine the DEFENDERs security posture. Such activity isn’t going to gain much yardage for the HACKERs, but testing their opponent could reveal valuable information and help identify significant weaknesses in the DEFENDERs network architecture and security configurations.
It’s second-and-7 after the DEFENDERs only gave up 3 yards against the IP and Port Scanning play. They’ve lined up in a Firewall formation, this style of defense will allow the DEFENDERs to monitor and close-off all the ports the HACKERs could take through the line of scrimmage, by closely investigating the communications in and out of their side of the field.
Third-and-short, the HACKERs are now looking deep for an initial foothold within the DEFENDERs’ territory. By leveraging what they know about the DEFENDERs personnel structure and discovered email addresses, they are executing highly targeted “Spear Phishing” plays. Such attacks are very effective, (especially in highly hierarchical organizations) at fooling the defense into unwittingly assisting the offense.
The HACKERs convert on third down and are now looking at a first-and-10 on the DEFENDERs’ 45. The DEFENDERs’ coaches can be seen on the sidelines instructing their players about proper email security, how not to fall for trick emails and trick plays, to trust email only from individuals they know and to always use an anti-virus to scan attachments before opening them.
The presentation provides a high level view of the current and emerging cyberspace technology landscape and the technology research & development being pursued by (CERDEC) in this new operational domain.
Bertoli is an electrical engineer and computer scientist and is currently serving as Senior Engineer for the Information and Networks Operation division as part of CERDEC’s Intelligence and Information Warfare Directorate. Bertoli has over 18 years of combined Active military duty and civilian government engineer experience in electronic warfare, computer network operations and cyber-related technologies.
Lucas is an electrical engineer and is currently serving as the Chief Engineer for the Cyber Security and Information Assurance division of CERDEC’s Space and Terrestrial Communications Directorate. Lucas has over 25 years of civilian government experience in information assurance, communications security/transmission security, computer/ network security and cyber defensive capabilities/technologies.
Much of Bertoli’s work focuses on the offensive tactics taken during a cyber attack while Lucas’ efforts aim to defend the network. To further illustrate both sides of the cyber landscape, Bertoli and Lucas explain their efforts in a head-to-head, football game: The “Cyberbowl.”
Welcome to the 2011 CYBERBOWL championship where the Lucas DEFENDERs are about to take on the Bertoli HACKERs. It is a hot August day, and the teams have practiced extensively and researched each other’s vulnerabilities in the months leading up to this match. The DEFENDERs have focused on message board postings on underground forums, newsletters, mailing lists, and Internet relay chat rooms in order to learn what attacks and techniques the HACKERs could have in their playbook.
Likewise, the HACKERs have been engaged in researching available open-source information on the DEFENDERs and their security posture, organizational structure and personnel.
Something as seemingly innocuous as an organizational chart and an email list can provide valuable venues of attack for the HACKERs.
It’s kick off, and the game is on the way. It’s first-and-10 on the 20-yard line and the HACKERs take the field on offense. Looks like the HACKERs are taking a conservative start to the game by running basic IP and Port Scans plays trying to better determine the DEFENDERs security posture. Such activity isn’t going to gain much yardage for the HACKERs, but testing their opponent could reveal valuable information and help identify significant weaknesses in the DEFENDERs network architecture and security configurations.
It’s second-and-7 after the DEFENDERs only gave up 3 yards against the IP and Port Scanning play. They’ve lined up in a Firewall formation, this style of defense will allow the DEFENDERs to monitor and close-off all the ports the HACKERs could take through the line of scrimmage, by closely investigating the communications in and out of their side of the field.
Third-and-short, the HACKERs are now looking deep for an initial foothold within the DEFENDERs’ territory. By leveraging what they know about the DEFENDERs personnel structure and discovered email addresses, they are executing highly targeted “Spear Phishing” plays. Such attacks are very effective, (especially in highly hierarchical organizations) at fooling the defense into unwittingly assisting the offense.
The HACKERs convert on third down and are now looking at a first-and-10 on the DEFENDERs’ 45. The DEFENDERs’ coaches can be seen on the sidelines instructing their players about proper email security, how not to fall for trick emails and trick plays, to trust email only from individuals they know and to always use an anti-virus to scan attachments before opening them.
Back on the field the DEFENDERs are trying an Intrusion Detection System approach that will allow them to closely inspect all packets and plays coming from the HACKERs and look for anything that matches a signature in the HACKERs playbook. The Intrusion Detection System defense will effectively shut down any play the HACKERs have that the DEFENDERs already know about.
It’s been an evenly matched game so far, but the HACKERs have gained some momentum in the last few plays and several DEFENDERs are sidelined now due to email and web-based exploitation. Looks like the HACKERs are now trying to cause even more damage and confusion by executing a broad range Denial of Service play. Such attacks are not very “high tech,” nor are they stealthy, but they are very hard to defend against and can bring even a good defensive team to complete halt.
The DEFENDERs seem to know a Denial of Service play is coming from the HACKERs so they are planning to blitz by bringing up other servers in the “cloud” and configuring their downstream routers to drop all packets that are not coming from authenticated sources in an attempt to circumvent the Denial of Service.
The CYBERBOWL’s outcome is still to be decided, but the HACKERs are determined to find new ways of overcoming their archrival DEFENDERs. This matchup will be an exciting one for years to come as both sides continue their struggle to dominate the cyber landscape by leveraging new technologies and research. One thing is for sure, as a spectator, this is the game to watch!
Contacts and sources:
Armed with Science
Department of Defense
Story by Julie Weckerlein
It’s been an evenly matched game so far, but the HACKERs have gained some momentum in the last few plays and several DEFENDERs are sidelined now due to email and web-based exploitation. Looks like the HACKERs are now trying to cause even more damage and confusion by executing a broad range Denial of Service play. Such attacks are not very “high tech,” nor are they stealthy, but they are very hard to defend against and can bring even a good defensive team to complete halt.
The DEFENDERs seem to know a Denial of Service play is coming from the HACKERs so they are planning to blitz by bringing up other servers in the “cloud” and configuring their downstream routers to drop all packets that are not coming from authenticated sources in an attempt to circumvent the Denial of Service.
The CYBERBOWL’s outcome is still to be decided, but the HACKERs are determined to find new ways of overcoming their archrival DEFENDERs. This matchup will be an exciting one for years to come as both sides continue their struggle to dominate the cyber landscape by leveraging new technologies and research. One thing is for sure, as a spectator, this is the game to watch!
Contacts and sources:
Armed with Science
Department of Defense
Story by Julie Weckerlein
No comments:
Post a Comment