CYCON / CSFI Workshop
For the fourth year in a row, the NATO Cooperative Cyber Defence Centre of Excellence invites experts from government, military, academia, and the private sector to Tallinn to discuss recent trends in cyber security. In 2012, the conference will focus on military and paramilitary activities in cyberspace. This topic will be explored from the political, legal, and technical perspectives within two parallel tracks: the Law & Policy Track and the Technical Track. Additionally, a Strategy breakout session and three different workshops, two of which are organized by the Cyber Security Forum Initiative (CSFI), will be offered.
Recruiting Cyber Power
The Cyber Security Forum Initiative (CSFI) and NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) will be presenting a unique workshop on the online recruitment of volunteers for enhancing the instruments of cyber power of nations and organizations. This is a great opportunity to learn more about methodologies, lessons learned, deliverables, coordination, and volunteerism in cyberspace.
CSFI Report: STUXNET
A team of twenty-six Information Security professionals, Intelligence Analysts, and Engineers collaborated in a private portal towards this deliverable. CSFI believes in collaboration and sharing of knowledge as a way to shine light into the darkness of the cyber domain. Our goal is to minimize speculation through research and logical thinking. This is a preliminary foundational report from a Cyber Warfare perspective. Some of our volunteers made the choice to serve in silence due to the sensitivity of their jobs. We thank them for their contribution, service, and hard work.
CSFI Mission: "To provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training to assist the US Government, US Military, Commercial Interests, and International Partners."
CSFI and ENGlobal worked in collaboration to make this video available to our security community. We truly appreciate ENGlobal's support to our cause.
Project Cyber Dawn Libya
Project Cyber Dawn Libya is the result of a collaborative research effort of twenty-one individuals from the USA, Australia, Canada, Egypt, Italy, Tunisia, and the UK.
Project Cyber Dawn Libya collates, analyzes, and reports on raw data and its interconnections that have been harvested from the public domain. Recent events are correlated with known historical data to provide an in-depth view into Libyan Cyber Warfare capabilities and defenses. Through this analysis, CSFI can help the international community to understand not only Liby'as potential to influence the balance in cyberspace, but also the physical repercussions of cyber-attacks originating from, and directed towards, Libya.
CSFI ATC (Air Traffic Control) Cyber Security Project Report
The CSFI ATC (Air Traffic Control) Cyber Security Project report was published by the Cyber Security Forum Initiative, Inc. (“CSFI”), which owns the copyright. Since it is publicly available on the CSFI website (www.csfi.us), it is in the public domain and the “fair use” doctrine applies for quoting from it. Moreover, since CSFI would like the report to be distributed widely, it will grant a royalty-free license to organizations that want to reprint it and distribute it for the public good.
A team of diversified Information Security professionals, intelligence analysts, and engineers collaborated in a private portal towards this deliverable. CSFI believes in collaboration and sharing of knowledge as a way to shine light in the darkness of the cyber domain. Our goal is to minimize speculation through research and logical thinking. This is a preliminary foundational report from a Cyber Warfare perspective. Some of our volunteers have made the choice to serve in silence due to the sensitivity of their jobs. We thank them for their contribution and hard work.
The goal of the project is to identify cyber vulnerabilities within the ATC systems and Airborne systems that is currently being upgraded. Several probable attack vectors have been outlined. The current ATC system is in an upgrade status. Because of the length of time and how funding is done the plan was implemented before the reality of the current cyber landscape had presented itself. The landscape has drastically changed in the last decade as the roll out of the NexGen ATC system has begun. The situation is further complicated by the fact that these are International changes. The changes are taking place on across the entire air space of the globe. Therefore it is not just convincing US air carriers but, convincing air carriers all over the world that there is a threat. That there are also threat actors willing to exploit these cyber vulnerabilities within the current upgrades.
The ATC system is responsible for controlling the National Air Space (NAS) in the United States. The system is responsible for tracking, identifying, landing and aircraft taking off. The ATC system is also part of the National Security architecture. By tracking all of the aircraft in the NAS the ATC system may be the earliest detection of a rogue aircraft within the borders of our country. The data from our NAS is shared throughout the North American continent to ensure a layered approach to identify threats. Many of the threat agents will be attacking these systems with minimal effort and minimal expenditure in capital.
This paper points out that there are exploits within the system as it is currently being deployed that will take little effort and little capital to exploit. Communications systems are vulnerable to attack with software defined radios that only cost a few thousand dollars to deploy. The identification systems that are being deployed are communicating through unauthenticated means that can be attacked from a laptop. Hackers at two different conferences have demonstrated how to introduce ghost aircraft into the system. Then there is the threat that Unmanned Arial Vehicles (UAV) can pose to the NAS. Rogue actors deploying UAV’s into the NAS without proper authentication. Much of the communications systems are being deployed in a TCP/IP environment that is not properly secured and easily exploited. There is also the deployment of unencrypted wireless maintenance systems used to report back to aircraft manufacturers, the wiring of some Wi-‐Fi systems into the avionics cabling of older aircraft, and the introduction of fly-‐by-‐wireless systems that could allow an attacker direct access to the avionics systems.
Senior Cyber Leadership - Why a Technically Competent Cyber Workforce is Not Enough
This report suggests that while significant and necessary emphasis has been placed on technical skills needed within the cyber workforce, little attention has been given to the people that will lead the future workforce. It is leadership that must develop sound strategy and manage adequately skilled resources to mitigate the cyber threat. This report focuses on the level of Senior Cyber Leadership and defines this as someone who is responsible for enhancing the competitive advantage of an organization's mission and business processes and functions by innovatively leveraging resources, information and information technology to deliver solutions that are effective, efficient, and secure.
Prof. Sean Kern Lt Col Cyberspace Operations Officer
CSFI Project Manager for "Senior Cyber Leadership - Why a Technically Competent Cyber Workforce is Not Enough"
Prof. Sean Kern Lt Col Cyberspace Operations Officer, Air Force Prof. Sean Kern Lt Col is an Air Force Cyberspace Operations Officer assigned as a military professor at the NDU iCollege. He has commanded at the detachment and squadron level and has served in group, agency, and major command assignments, and has served in Iraq and Afghanistan. Prof. Sean Kern Lt Col has extensive operational experience in space operations, software analysis, operational test and evaluation, airborne and air base defense operations, tactical communications, and command and control systems. He currently manages the National Intelligence and Cyber Policy iCollege course that is part of the Cyber Leadership Graduate degree and certificate programs. He is a graduate of the Air Force Institute of Technology (MSc Software Engineering) and the National Intelligence University (MSc Strategic Intelligence).
- Sean C. G. Kern, Lt Col, USAF, Assistant Professor, National Defense University
- Ken Peifer, Director, CISM, Cyber Strategy and Integration, CYFOR Technologies
Senior Advisor and Contributor:
- Brig. General Gregory Touhill (ret.), USAF, CSFI Advisory Director, CISSP)
CSFI Senior Cyber Leader Writing Team (in alphabetical order):
- Doug Capellman, CISSP
- Ed Covert, CISSP, PMP, CISM, CRISC, Lead Associate, Booz Allen Hamilton
- Geoff Hancock, CISSP, CISA, PMP
- Royce Holden, MBA-TM, CISSP, Director of IT, Greater Asheville Regional Airport Authority
- Ajay Porous
- Vishwas Rudramurthy, Assistant Professor, GITAM University
- Arjun Singh, MBA, CISSP, CCNA, MCSE
- Ragna M. Sveinsdottir, MSc - IT Security, Digital Security Risk Management Team Lead
- Jeff Teo, Ph.D, A+, Network+, Security+ and Certified Ethical Hacker, Professor of Computer Information Systems & Director of Online Programs at Montreat College
- George Valencia, Jr., CISSP, Infrastructure Systems Architect
- Sameer Valiyani, CSDA, M. Eng., Software Consultant
Special thanks to the following reviewers:
- Christine de Souza, Information Assurance Engineer at Lunarline, Inc, USAF Cyber Surety