A vision for the future of Huntsville 1
Mar 08, 2016
Agenda
UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr.
Robertson Discussion
• Mission Statement• Vision• Organization• Direction/Charter for Working Group
Action Items• Document IPT preferences• Next working Group Meeting - UAH 8:30 – 10:00
Adjourn
2
Secure the Cyber Mission for Huntsville
Agenda
UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr.
Robertson Discussion
• Mission Statement• Vision• Organization• Direction/Charter for Working Group
Action Items• Document IPT preferences• Next working Group Meeting - UAH 8:30 – 10:00
Adjourn
5
Secure the Cyber Mission for Huntsville
Cyber: A National Vulnerability
“I believe that the dawn of cyber attacks and cyber defense is going to have the same impact on relations between nations that the dawn of nuclear weapons had.”
“The threat of cyber attack is very real and it is available not only to nations but to groups of individuals who may or may not be sanctioned by nations, and to criminals, and to terrorists.”
“Cyber attack and cyber defense are here to stay. We as a nation are ill prepared for it, as is every other nation.”
- General Peter Pace, USMC (Ret), former Chairman of the Joint Chiefs of Staff
Huntsville is the U.S.’s #2 target for foreign intelligence efforts
6
Why Cyber Huntsville?Our Value Proposition
History of Leadership on the National Stage: Space, Missile Defense, Intelligence, and Modeling and Simulation
Agile, Responsive, and Mutually Supportive Community• Industrial Base Partners With Significant Technology Capabilities• Cyber Capabilities (Labs, Workforce, Technology) Available• Educational Institutions With IA/Cyber Programs• Strong Support From Local and National Elected Officials
Unmatched Technology Base and Cleared Workforce
Experts in Solving Complex System Level Problems• Superb System Engineering Talent Readily Available
Very Competitive Cost of Living That Reduces Total Costs to Customers
Leveraging Huntsville’s collective intellectual capital to solve the most pressing problem of our time… protecting the national cyber infrastructure
7
Cyber Huntsville Approach
Secure the Cyber Mission for Huntsville
• Leverage What Huntsville Does Best - High-technology
Solutions to Complex Problem Sets
• Focus on the Critical Cyber “Hard Problems”
• Leverage the Community’s Proven Cyber Leaders
• Harness the Power of Partnerships
• Execution Via an Agile and Flexible Organization Oriented
on Achieving Measurable Results
• Involve Participants With “Skin in the Game”
Identify – Partner – Innovate – Solve
Why Should We Pursue?Benefits of Cyber Huntsville
Government
• Integral part of the national cyber infrastructure
• Expand RDT&E capabilities in cyber
security
Industry
• Enhanced Capabilities
Academia
• Expand competitive position
• Careers for graduates
Cyber Huntsville: Builds on Huntsville’s nationally-recognized talent pool and experience with focus on cyber R&D, M&S, engineering, T&E and experimentation
Value to the Community
Creation of local jobs
Influx of cyber talent
Diversify community capabilities
Workforce enhancement
Collaboration
9
Draft Vision Statement
By 2015 Huntsville will have a thriving Cyber Center:• HSV will be part of the $800 billion Global Cyber market• The city will be recognized Nationally and
Internationally as a leader in Cyber R&D, M&S, engineering, T&E, and experimentation
• Local academia will be producing cyber graduates from degree and certificate programs
• There will be a thriving and close-knit network of Government, Academia, and Industry working all aspects of Cybersecurity
HSV will be an integral part of the national cyber infrastructure and activities
10
Draft Mission Statement
• Build A Cyber Center Of Excellence With Global Reputation And Global Reach Through A Collaborative Community Effort
• By Creating The Cyber Center, Bring Cyber Work To Huntsville And Execute This Work In Huntsville
• By Creating The Cyber Center, Leverage Huntsville’s Collective Intellectual Capital To Solve The Critical Challenges Facing The National Cyber Infrastructure
An Internationally Recognized Cyber Leader ThatServes DoD, Other Federal Agencies, And Commercial Markets
11
Common Goals & Objectives
Huntsville Chamber Regional Economic Growth – 7 initiatives
1. Grow & Preserve the Huntsville Region’s Existing Economic Base, Business Climate and Business Culture
2. Recruit Targeted Businesses3. Grow the Community’s Defense and
Aerospace Assets4. Support efforts to ensure there is
adequate quality and quantity of workforce to meet employer needs
5. Community Image Enhancement6. Develop the Capacity for New and
Sustained Economic Growth7. Be Accountable to Our Investors
Draft Cyber Huntsville Objectives
• Support the Creation and Growth of
Innovative Cyber Technology
• Develop a Huntsville Pipeline for
New Cyber Talent and Workforce
Development
• Advance Cyber Policies to Position
Huntsville for Enhanced National
Leadership
• Ensure the Sustained Growth and
Future Competitiveness of
Huntsville’s Cyber Industry
12
EW
FME
Certification and
Accreditation
Incident
Response
Secure Network
Engineering
IT Security
IOC2
ISR
RF Collect
CNE
Foreign
Signals
GIS
CNA
CND
Skill Assess
and Training
Cyber Tools
Cyber Labs
Cyber Training and Testing
CND
Network Infrastructure
Attack Vectors
SNMP Community
String Dictionary Attack
with Spoofing to
Download Router\
Switch Configuration
Build New Router
Configuration File to
enable further privilege
escation
Upload New
Configuration File
Using Comprimised
SNMP RW String
UNIX NetMgt Server
Running NIS v1
Ypcat -d <domain>
<server IP> passwd
Grab shadow file hashes
Crack Passwords
Access Server
Directly
Exploit ACL Trust
Relationship
Attack SNMP\Telnet\SSH
Find NetMgt
passwords and
SNMP config files
Discover Backup
HW Configs
Crack Passwords
HP OpenView Server
Enumerate Oracle
TNS Listener to
Identify Default SID’s
Further Enumerate
Oracle SID’s to
Identify Default
DBA System Level
Accts\Passwords
Login to Oracle DB
with Discovered DBA
Privilege Account
Run Oracle SQL
CMDs
Execute OS CMDs
Add New
Privileged OS
Account
Crack Passwords
Further Enumerate
Oracle SID’s to
Identify User Accts.
Perform Dictionary
Attack
Execute OS CMDs from
Oracle PL/SQL
Attack Network from DB
Run Oracle SQL CMDs
Execute OS CMDs
Find NetMgt Passwords,
SNMP info, OS password
files
Network Mgt Application
Attempt to Login Using
Default Login\Password
Reconfigure
Router or Switch
MITM
ARP Poisoning
Sniffing
Capture SNMP Community
Strings and Unencrypted
Login\Passwords, Protocol
Passwords
Configure
Device for
Further
Privilege
Escalation
Telnet\SSH
Dictionary Attack
Router\Switches\
NetMgt Server
Inject New Routes
Or Bogus Protocol
Packets
Use New Privileged
OS account to
Escalate Privileged
Access to Network
Own Network
Infrastructure
Own Network
Infrastructure
Own Network
Infrastructure
Own Network
Infrastructure
Own Network
Infrastructure
Own Network
Infrastructure
Subsystems Characterized
RF and EO/IR Sensors and Detectors–Antennas–Phased Arrays–Transmitters–Receivers–Signal
Processors–Operator Displays and Controls–Data-links–Computers–Software Algorithms–RF and
EO/IR Missile Seekers–Warheads–Proximity Fuzes–Autopilots–Inertial Instruments–Altimeters–
Guidance Computers–Propulsion Systems–Airframes and Control Surfaces–Power Systems
TheCyber Domain
Testing and Analysis
Cyber M&S
Kill Chain Development
ProcessExploitation
Supply ChainExploitation
AlgorithmExploitation
• IA Architecture and Integration
• Security Assessments
• Technical Vulnerability Assessments
• Information Systems Security Engineering
• Network Voice/Video/Data Systems
Engineering
• Strategic Security Program Development
• Security Product Implementation
• Cyber-security Modeling and Simulation
Cyber Domain
13
NOC’S
Cyber Analysis Capabilities
Ground-based, Ship-borne, and Airborne Radar Systems
-- Guided Missiles and Rockets
Electronic Warfare (EW) Systems -- Command, Control,
Communications, and Computer (C4) Systems
Cyber Huntsville’s Core Mission
14
Huntsville Cyber
Capabilities and Facilities
Weapon Systems
Systems Engineering
Talent
Weapon Systems
HWILSIL
Federal Agencies/ Organization
SMDCAMCOMAMCNASA
SEDMSICTSMOTVA
Cyber Intelligence Exploitation
NSA
IC
Cyber Systems RDT&E
HSV
Government & InfrastructureDefense (CND)
DHS
Cyber Operations
USCYBERCOM
DoD
Role of Cyber Huntsville in the National Cyber Network
Huntsville CanProvide Cyber:
• R&D• M&S• Engineering• T&E• Experimentation
…To fight in a degraded cyber environment… To protect infrastructure
Common Goal: To establish dominance in cyberspace to
assure our critical infrastructure and national security
15
Constructing Cyber Huntsville
Build upon the teamwork and cooperation found in the Huntsville area to establish a Cyber alliance
Leverage Huntsville’s cyber technology capabilities and significant, on-going cyber projects of national scope
Draw upon the existing DoD, Federal, State, academic, and industry capabilities in technology, science, and services to build Huntsville as a Cyber Center of Excellence
Serve as a regional center of cyber expertise, products,and services
• Build locally and serve regionally and Nationally
Huntsville has been a Missile and Space Town for decades ---- It’s time to leverage the engineering, science, and R&D capabilities to become a Cyber Town
16
Elements of Cyber Huntsville
We are all Cyber warriors – our objective is to fight through the attack
17
Cyber System Engineering Elements
Cyber Engineering
Process
Cyber Threat Definition
Cyber Attack Scenarios
Cyber Tech Dev/Design
System Design & P3I
Cyber System Analysis
Cyber M&S
Cyber Susceptibility
Analysis
Cyber Testing & Forensics
Cyber Defensive
Concepts & Designs
Cyber Validation (re-
test)
System Performance
Validation
Operational Implementation & Training
Integrated Cyber Domain
Cyber requires highly integrated capabilities
• No stovepipes
• No hierarchies
Individual Organizations must leverage capabilities from others to be effective
This requires a high level of coordination across the functional areas of Cyber
Huntsville Has All The Capabilities Necessary To Address The Cyber Challenge
19
CyberspaceEcosystem
Defense
HumanCapital
Governance
Execution
OffenseIntelligence
R&D
M&S
Organizational Concept
20
Cyber Huntsville
Advisory Panel
Cyber Huntsville
Working Group
Tennessee Valley Cyber Community
Advisory Panel
Requested to serve and provide advice• “Small” Group to Advise the Cyber Huntsville initiative• Senior Level Participation by Key Organizational Stakeholders.
Provides Emphasis Within Their Organizations and within the community
• Zealots for the Initiative• Influence In and Out of Huntsville• Interface and be responsive to elected officials• “Policy-level” guidance / strategy for implementing Cyber Huntsville
Actions• Approve Cyber Huntsville initiative charter (Drafted by WG)• Provide Strategic guidance and direction for Cyber Huntsville
Working Group activities• Promote / advocate the Cyber Huntsville mission
21
Advisory Panel Met on 19 November
Action Items
• Approved the Organizational Approach
• Appointment Advisory Group Chairperson (In Process)
• Designate Working Group representatives
• Identify any Specific Guidance for Working Group
• Schedule Next Meeting – Early Feburary
22
Working Group
WG Charter approved by Advisory Panel
Takes strategic guidance from the Advisory Panel
Executes the day-to-day activities of Cyber Huntsville Initiative
• Larger Group of Executers
– Enthusiastically support Cyber Huntsville initiative
– Focused on cooperation and collaboration – one team!
– Organizes and executes Community outreach and conferences
– Study other “Cyber City” initiatives (best practices & lessons learned)
• Composed of known Community Cyber leaders
Provides Reports/updates to Advisory Group Meetings
Near Term Actions• Develop group charter for Advisory Group’s approval• Develop the Cyber Huntsville Action Plan• Develop the Cyber Huntsville Strategic Roadmap for Advisory Group
Approval• Document Current Huntsville Cyber Requirements (government and
commercial) and Huntsville’s Current Cyber capabilities
23
Working Group
24
Federal/DoD Organizations That Are Executing Cyber Tasks Companies With Significant Cyber Capabilities and Cyber Investments in Huntsville Educational Organizations Teaching Cyber Courses or Conducting Cyber Research Security and Law enforcement organizations involved in Cyber Security in Huntsville
Chair: Dr. Rodney Robertson Co-Chair: TBD
Working Group 1. Day-to-Day Operations of the Cyber Huntsville Activities2. Frames Issues for Advisory Council/Mayor’s Decisions 3. Coordinates Cyber Initiatives Across the Community
Local Government Mayors Office Chamber of
Commerce County
Commission Legislative
Delegations
Federal SMDC SED AMCOM NASA MSIC AMC TSMO TVA
Industry Small Medium Large
Academia UAH Auburn A&M Calhoun
Other FBI Infraguard Local NCIS 902d DSS
Working Group Expectations
Time Commitment• Priority
• Monthly Working Group meetings for integration and coordination
• IPT meetings for products
Focus on Delivering Products• IPT Timeline
IPT Membership• Primary and alternate
– Survey
▪ Short bullet about unique qualifications
▪ Complete survey prior to leaving today’s meeting or make arrangements to provide information ASAP
25
Working Group IPTs
Executive IPT – IPT Chairs
Marketing IPT – Outreach, website, branding
Event IPT – event planning and management
Facilities IPT – Canvas existing labs, lab connectivity, define requirements for Redstone Gateway
Organization IPT – model, management, funding
Economic Development IPT – strategic relationships, program capture strategy, tour/visits with like community initiatives
Capability Development IPT – identify skills requirements (needed and existing) to accomplish mission.
Draft Objectives
Short-Term Objective (90 to 120 Days)• Establish Charter and Get Organized• Clearly Define the Huntsville Value Proposition• Establish and Approve Goals, Objectives, and Timelines • Define Our Cyber Focus (CNA, CND, CNE)• Gain Community Consensus on Path Forward• Draft the Outreach Plan and associated Marketing Plan• Organizes and executes Community outreach and conferences
Mid-Term Objective (6 to 12 Months)• Finalize Value Proposition and Cyber Huntsville Focus• Launch Outreach and Publicity Campaign• Identify and Execute Low-Hanging Fruit Opportunities • Secure Financial Commitments/Decisions for the Gateway Building
Long-Term Objective (1 to 3 Years)• Build a State-of-the-Art Cyber Security Collaboration Center• Capture a Major DoD Cyber Program• Capture a Significant Non-DoD Program
27
Potential Low Hanging Fruit
Host a Cyber Conference in Huntsville• Showcase Huntsville Cyber Capabilities• Let the Cyber Community Know What We are Doing
Conduct a Cyber Table Top Exercise for the City• Use Crawl, Walk, Run Approach• Include Redstone, Regional And State Agencies
FBI Regional Computer Forensics Laboratory• Cyber Counterintelligence and Criminal• One Stop Full-service Forensic Lab and Training Center Internet Crimes Trade Secrets Theft Cyber Terrorism Foreign Intelligence Collection Interaction With State and Local Authorities
• Why Pursue Currently No Center in Southeast U.S. Huntsville Is #2 Priority for Foreign Cyber Collection/Targeting Some Past Congressional Interest (Shelby’s Office) Effort Needs Some New Momentum That Cyber Huntsville Can Provide
28
Cyber Huntsville Takeaways
Secure the Cyber Mission for Huntsville
Leverage What Huntsville Does Best - High-technology Solutions to Complex Problem Sets
Focus on the Critical Cyber “Hard Problems”
Leverage the Community’s Proven Cyber Leaders
Harness the Power of Partnerships
Execution Via an Agile and Flexible Organization Oriented on Achieving Measurable Results
Involve Participants With “Skin in the Game”
29
Identify – Partner – Innovate – Solve
Timeline
19 November - Advisory Panel Kickoff
13 January - Working Group Kickoff• 18 January – Map IPT membership and chairs
• 25 January - Meet with IPT chairs
• 1 February - Next working Group Meeting, UAH 8:00 – 10:00
Early February – Advisory Panel Meeting • Draft Charter
• IPT Membership
Community Outreach Briefings• 10 Dec HAMA
WG Roadmap Draft• TBD (2011) – Cyber Event
Brief Roadmap to Advisory Panel
Agenda
UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr. Robertson Discussion
• Mission Statement• Vision• Organization• Direction/Charter for Working Group
Action Items• Document IPT preferences– Short bullet about unique qualifications
• Next working Group Meeting - UAH 8:00 – 10:00
• Adjourn
31
Secure the Cyber Mission for Huntsville