A vision for the future of Huntsville
1
Agenda UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr. Robertson Discussion • • • •
Mission Statement Vision Organization Direction/Charter for Working Group
Action Items • Document IPT preferences • Next working Group Meeting - UAH 8:30 – 10:00 Adjourn Secure the Cyber Mission for Huntsville 2
UAH Welcoming Comments
Mayor Battle Introduction
Agenda UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr. Robertson Discussion • • • •
Mission Statement Vision Organization Direction/Charter for Working Group
Action Items • Document IPT preferences • Next working Group Meeting - UAH 8:30 – 10:00 Adjourn Secure the Cyber Mission for Huntsville 5
Cyber: A National Vulnerability
“I believe that the dawn of cyber attacks and cyber defense is going to have the same impact on relations between nations that the dawn of nuclear weapons had.” “The threat of cyber attack is very real and it is available not only to nations but to groups of individuals who may or may not be sanctioned by nations, and to criminals, and to terrorists.” “Cyber attack and cyber defense are here to stay. We as a nation are ill prepared for it, as is every other nation.” - General Peter Pace, USMC (Ret), former Chairman of the Joint Chiefs of Staff
Huntsville is the U.S.’s #2 target for foreign intelligence efforts 6
Why Cyber Huntsville? Our Value Proposition History of Leadership on the National Stage: Space, Missile Defense, Intelligence, and Modeling and Simulation Agile, Responsive, and Mutually Supportive Community • • • •
Industrial Base Partners With Significant Technology Capabilities Cyber Capabilities (Labs, Workforce, Technology) Available Educational Institutions With IA/Cyber Programs Strong Support From Local and National Elected Officials
Unmatched Technology Base and Cleared Workforce Experts in Solving Complex System Level Problems • Superb System Engineering Talent Readily Available Very Competitive Cost of Living That Reduces Total Costs to Customers Leveraging Huntsville’s collective intellectual capital to solve the most pressing problem of our time… protecting the national cyber infrastructure 7
Cyber Huntsville Approach Secure the Cyber Mission for Huntsville • Leverage What Huntsville Does Best - High-technology Solutions to Complex Problem Sets • Focus on the Critical Cyber “Hard Problems” • Leverage the Community’s Proven Cyber Leaders • Harness the Power of Partnerships • Execution Via an Agile and Flexible Organization Oriented on Achieving Measurable Results • Involve Participants With “Skin in the Game”
Identify – Partner – Innovate – Solve
Why Should We Pursue? Benefits of Cyber Huntsville
Government
Value to the Community
• Integral part of the national cyber infrastructure • Expand RDT&E capabilities in cyber security
Creation of local jobs Influx of cyber talent
Diversify community capabilities Academia • Expand competitive position • Careers for graduates
Industry • Enhanced Capabilities
Workforce enhancement Collaboration
Cyber Huntsville: Builds on Huntsville’s nationally-recognized talent pool and experience with focus on cyber R&D, M&S, engineering, T&E and experimentation 9
Draft Vision Statement
By 2015 Huntsville will have a thriving Cyber Center:
• HSV will be part of the $800 billion Global Cyber market • The city will be recognized Nationally and Internationally as a leader in Cyber R&D, M&S, engineering, T&E, and experimentation • Local academia will be producing cyber graduates from degree and certificate programs • There will be a thriving and close-knit network of Government, Academia, and Industry working all aspects of Cybersecurity
HSV will be an integral part of the national cyber infrastructure and activities
10
Draft Mission Statement • Build A Cyber Center Of Excellence With Global Reputation And Global Reach Through A Collaborative Community Effort • By Creating The Cyber Center, Bring Cyber Work To Huntsville And Execute This Work In Huntsville • By Creating The Cyber Center, Leverage Huntsville’s Collective Intellectual Capital To Solve The Critical Challenges Facing The National Cyber Infrastructure An Internationally Recognized Cyber Leader That Serves DoD, Other Federal Agencies, And Commercial Markets 11
Common Goals & Objectives
Huntsville Chamber Regional Economic Growth – 7 initiatives 1. Grow & Preserve the Huntsville Region’s Existing Economic Base, Business Climate and Business Culture 2. Recruit Targeted Businesses 3. Grow the Community’s Defense and Aerospace Assets 4. Support efforts to ensure there is adequate quality and quantity of workforce to meet employer needs 5. Community Image Enhancement 6. Develop the Capacity for New and Sustained Economic Growth 7. Be Accountable to Our Investors
Draft Cyber Huntsville Objectives • •
•
•
Support the Creation and Growth of Innovative Cyber Technology Develop a Huntsville Pipeline for New Cyber Talent and Workforce Development Advance Cyber Policies to Position Huntsville for Enhanced National Leadership Ensure the Sustained Growth and Future Competitiveness of Huntsville’s Cyber Industry
12
Cyber Domain Cyber Tools
Cyber Analysis Capabilities Ground-based, Ship-borne, and Airborne Radar Systems -- Guided Missiles and Rockets Electronic Warfare (EW) Systems -- Command, Control, Communications, and Computer (C4) Systems
Testing and Analysis Network Infrastructure Attack Vectors
The Cyber Domain
SNMP Community String Dictionary Attack with Spoofing to Download Router\ Switch Configuration
Telnet\SSH Dictionary Attack Router\Switches\ NetMgt Server
UNIX NetMgt Server Running NIS v1
Build New Router Configuration File to enable further privilege escation
Own Network Infrastructure
Grab shadow file hashes
Ypcat -d <domain> <server IP> passwd
MITM ARP Poisoning Sniffing
Capture SNMP Community Strings and Unencrypted Login\Passwords, Protocol Passwords
Crack Passwords Upload New Configuration File Using Comprimised SNMP RW String
Inject New Routes Or Bogus Protocol Packets
Configure Device for Further Privilege Escalation
Access Server Directly
Attempt to Login Using Default Login\Password
Reconfigure Router or Switch
Own Network Infrastructure
Discover Backup HW Configs
IA Architecture and Integration Security Assessments Technical Vulnerability Assessments Information Systems Security Engineering Network Voice/Video/Data Systems Engineering • Strategic Security Program Development • Security Product Implementation • Cyber-security Modeling and Simulation • • • • •
Cyber Labs
Exploit ACL Trust Relationship Attack SNMP\Telnet\SSH
Certification and Accreditation
RF Collect
Perform Dictionary Attack
Login to Oracle DB with Discovered DBA Privilege Account
Execute OS CMDs from Oracle PL/SQL Find NetMgt passwords and SNMP config files
Further Enumerate Oracle SID’s to Identify User Accts.
Attack Network from DB
Run Oracle SQL CMDs Execute OS CMDs Find NetMgt Passwords, SNMP info, OS password files
Crack Passwords
Own Network Infrastructure
C2
Run Oracle SQL CMDs Execute OS CMDs Add New Privileged OS Account
Crack Passwords
IO
Use New Privileged OS account to Escalate Privileged Access to Network
Own Network Infrastructure
Cyber M&S
EW Secure Network Engineering Incident Response
CNA
CND
ISR
CND
CNE Foreign Signals
Skill Assess and Training NOC’S
GIS
FME
Kill Chain Development Process Exploitation
Cyber Training and Testing
Further Enumerate Oracle SID’s to Identify Default DBA System Level Accts\Passwords
Own Network Infrastructure
Own Network Infrastructure
IT Security
HP OpenView Server Enumerate Oracle TNS Listener to Identify Default SID’s
Network Mgt Application
Supply Chain Exploitation
Algorithm Exploitation
Subsystems Characterized RF and EO/IR Sensors and Detectors–Antennas–Phased Arrays–Transmitters–Receivers–Signal Processors–Operator Displays and Controls–Data-links–Computers–Software Algorithms–RF and EO/IR Missile Seekers–Warheads–Proximity Fuzes–Autopilots–Inertial Instruments–Altimeters– Guidance Computers–Propulsion Systems–Airframes and Control Surfaces–Power Systems
13
Cyber Huntsvilleâ&#x20AC;&#x2122;s Core Mission Weapon Systems HWIL SIL
Weapon Systems
Huntsville Cyber Capabilities and Facilities
Systems Engineering Talent Federal Agencies/ Organization SMDC SED AMCOM MSIC AMC TSMO NASA TVA
14
Role of Cyber Huntsville in the National Cyber Network
Cyber Intelligence Exploitation
NSA IC Cyber Operations USCYBERCOM
Cyber Systems RDT&E
DoD
HSV
Government & Infrastructure Defense (CND) DHS
Huntsville Can Provide Cyber: • R&D • M&S • Engineering • T&E • Experimentation …To fight in a degraded cyber environment … To protect infrastructure
Common Goal: To establish dominance in cyberspace to assure our critical infrastructure and national security
15
Constructing Cyber Huntsville
Build upon the teamwork and cooperation found in the Huntsville area to establish a Cyber alliance Leverage Huntsville’s cyber technology capabilities and significant, on-going cyber projects of national scope Draw upon the existing DoD, Federal, State, academic, and industry capabilities in technology, science, and services to build Huntsville as a Cyber Center of Excellence Serve as a regional center of cyber expertise, products, and services • Build locally and serve regionally and Nationally Huntsville has been a Missile and Space Town for decades ---- It’s time to leverage the engineering, science, and R&D capabilities to become a Cyber Town
16
Elements of Cyber Huntsville
We are all Cyber warriors â&#x20AC;&#x201C; our objective is to fight through the attack 17
Cyber System Engineering Elements
Operational Implementatio n & Training
Cyber Threat Definition Cyber Attack Scenarios
System Performance Validation
Cyber Tech Dev/Design
Cyber Validation (retest)
Cyber Engineering Process
System Design & P3I
Cyber Defensive Concepts & Designs
Cyber System Analysis
Cyber Testing & Forensics
Cyber M&S Cyber Susceptibility Analysis
Integrated Cyber Domain
Cyber requires highly integrated capabilities • No stovepipes • No hierarchies
Individual Organizations must leverage capabilities from others to be effective
Defense
Intelligence R&D
Offense Cyberspace Ecosystem
M&S Governance
Execution Human Capital
This requires a high level of coordination across the functional areas of Cyber Huntsville Has All The Capabilities Necessary To Address The Cyber Challenge 19
Organizational Concept
Cyber Huntsville Advisory Panel
Cyber Huntsville Working Group
Tennessee Valley Cyber Community
20
Advisory Panel
Requested to serve and provide advice • “Small” Group to Advise the Cyber Huntsville initiative • Senior Level Participation by Key Organizational Stakeholders. Provides Emphasis Within Their Organizations and within the community • Zealots for the Initiative • Influence In and Out of Huntsville • Interface and be responsive to elected officials • “Policy-level” guidance / strategy for implementing Cyber Huntsville
Actions • Approve Cyber Huntsville initiative charter (Drafted by WG) • Provide Strategic guidance and direction for Cyber Huntsville Working Group activities • Promote / advocate the Cyber Huntsville mission
21
Advisory Panel Met on 19 November
Action Items • • • • •
Approved the Organizational Approach Appointment Advisory Group Chairperson (In Process) Designate Working Group representatives Identify any Specific Guidance for Working Group Schedule Next Meeting – Early Feburary
22
Working Group WG Charter approved by Advisory Panel Takes strategic guidance from the Advisory Panel Executes the day-to-day activities of Cyber Huntsville Initiative • Larger Group of Executers – – – –
Enthusiastically support Cyber Huntsville initiative Focused on cooperation and collaboration – one team! Organizes and executes Community outreach and conferences Study other “Cyber City” initiatives (best practices & lessons learned)
• Composed of known Community Cyber leaders
Provides Reports/updates to Advisory Group Meetings Near Term Actions • Develop group charter for Advisory Group’s approval • Develop the Cyber Huntsville Action Plan • Develop the Cyber Huntsville Strategic Roadmap for Advisory Group Approval • Document Current Huntsville Cyber Requirements (government and commercial) and Huntsville’s Current Cyber capabilities
23
Working Group Chair: Dr. Rodney Robertson Co-Chair: TBD Local Government Mayors Office Chamber of Commerce County Commission Legislative Delegations
Federal
SMDC SED AMCOM NASA MSIC AMC TSMO TVA
Industry Small Medium Large
Academia
Other
UAH Auburn A&M Calhoun
FBI Infraguard Local NCIS 902d DSS
Federal/DoD Organizations That Are Executing Cyber Tasks Companies With Significant Cyber Capabilities and Cyber Investments in Huntsville Educational Organizations Teaching Cyber Courses or Conducting Cyber Research Security and Law enforcement organizations involved in Cyber Security in Huntsville Working Group 1. Day-to-Day Operations of the Cyber Huntsville Activities 2. Frames Issues for Advisory Council/Mayor’s Decisions 3. Coordinates Cyber Initiatives Across the Community 24
Working Group Expectations
Time Commitment • Priority • Monthly Working Group meetings for integration and coordination • IPT meetings for products
Focus on Delivering Products • IPT Timeline
IPT Membership • Primary and alternate – Survey ▪ Short bullet about unique qualifications ▪ Complete survey prior to leaving today’s meeting or make arrangements to provide information ASAP 25
Working Group IPTs
Executive IPT – IPT Chairs Marketing IPT – Outreach, website, branding Event IPT – event planning and management Facilities IPT – Canvas existing labs, lab connectivity, define requirements for Redstone Gateway Organization IPT – model, management, funding Economic Development IPT – strategic relationships, program capture strategy, tour/visits with like community initiatives Capability Development IPT – identify skills requirements (needed and existing) to accomplish mission.
Draft Objectives Short-Term Objective (90 to 120 Days) • • • • • • •
Establish Charter and Get Organized Clearly Define the Huntsville Value Proposition Establish and Approve Goals, Objectives, and Timelines Define Our Cyber Focus (CNA, CND, CNE) Gain Community Consensus on Path Forward Draft the Outreach Plan and associated Marketing Plan Organizes and executes Community outreach and conferences
Mid-Term Objective (6 to 12 Months) • • • •
Finalize Value Proposition and Cyber Huntsville Focus Launch Outreach and Publicity Campaign Identify and Execute Low-Hanging Fruit Opportunities Secure Financial Commitments/Decisions for the Gateway Building
Long-Term Objective (1 to 3 Years) • Build a State-of-the-Art Cyber Security Collaboration Center • Capture a Major DoD Cyber Program • Capture a Significant Non-DoD Program 27
Potential Low Hanging Fruit Host a Cyber Conference in Huntsville • Showcase Huntsville Cyber Capabilities • Let the Cyber Community Know What We are Doing Conduct a Cyber Table Top Exercise for the City • Use Crawl, Walk, Run Approach • Include Redstone, Regional And State Agencies
FBI Regional Computer Forensics Laboratory • Cyber Counterintelligence and Criminal • One Stop Full-service Forensic Lab and Training Center Internet Crimes Trade Secrets Theft Cyber Terrorism Foreign Intelligence Collection Interaction With State and Local Authorities • Why Pursue Currently No Center in Southeast U.S. Huntsville Is #2 Priority for Foreign Cyber Collection/Targeting Some Past Congressional Interest (Shelby’s Office) Effort Needs Some New Momentum That Cyber Huntsville Can Provide
28
Cyber Huntsville Takeaways Secure the Cyber Mission for Huntsville Leverage What Huntsville Does Best - High-technology Solutions to Complex Problem Sets Focus on the Critical Cyber “Hard Problems” Leverage the Community’s Proven Cyber Leaders
Harness the Power of Partnerships Execution Via an Agile and Flexible Organization Oriented on Achieving Measurable Results Involve Participants With “Skin in the Game”
Identify – Partner – Innovate – Solve 29
Timeline 19 November - Advisory Panel Kickoff 13 January - Working Group Kickoff • 18 January – Map IPT membership and chairs • 25 January - Meet with IPT chairs • 1 February - Next working Group Meeting, UAH 8:00 – 10:00
Early February – Advisory Panel Meeting • Draft Charter • IPT Membership
Community Outreach Briefings • 10 Dec HAMA
WG Roadmap Draft • TBD (2011) – Cyber Event
Brief Roadmap to Advisory Panel
Agenda
UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr. Robertson Discussion • • • •
Mission Statement Vision Organization Direction/Charter for Working Group
Action Items
• Document IPT preferences
– Short bullet about unique qualifications
• Next working Group Meeting - UAH 8:00 – 10:00 • Adjourn Secure the Cyber Mission for Huntsville 31
Discussion 32