Cyber_Huntsville

Huntsville Advanced

Defense Technology

Cluster



A vision for the future of Huntsville









1

Agenda





 Cyber Huntsville Background and

Overview

• Mission

• Vision

• Organization

• Potential Low Hanging Fruit

• Timeline







Secure the Cyber Mission for Huntsville



2

Cyber: A National Vulnerability





 “I believe that the dawn of cyber attacks and

cyber defense is going to have the same impact

on relations between nations that the dawn of

nuclear weapons had.”

 “The threat of cyber attack is very real and it is

available not only to nations but to groups of

individuals who may or may not be sanctioned

by nations, and to criminals, and to terrorists.”

 “Cyber attack and cyber defense are here to

stay. We as a nation are ill prepared for it, as is

every other nation.”



- General Peter Pace, USMC (Ret), former Chairman of the Joint

Chiefs of Staff





Huntsville is the U.S.’s #2 target for foreign intelligence efforts



3

Why Cyber Huntsville?

Our Value Proposition





 History of Leadership on the National Stage: Space, Missile Defense,

Intelligence, and Modeling and Simulation

 Agile, Responsive, and Mutually Supportive Community

• Industrial Base Partners With Significant Technology Capabilities

• Cyber Capabilities (Labs, Workforce, Technology) Available

• Educational Institutions With IA/Cyber Programs

• Strong Support From Local and National Elected Officials



 Unmatched Technology Base and Cleared Workforce

 Experts in Solving Complex System Level Problems

• Superb System Engineering Talent Readily Available

 Very Competitive Cost of Living That Reduces Total Costs to Customers



Leveraging Huntsville’s collective intellectual capital to solve the most pressing

problem of our time… protecting the national cyber infrastructure



4

Cyber Huntsville Approach





Secure the Cyber Mission for Huntsville

• Leverage What Huntsville Does Best - High-technology

Solutions to Complex Problem Sets

• Focus on the Critical Cyber “Hard Problems”

• Leverage the Community’s Proven Cyber Leaders

• Harness the Power of Partnerships



• Execution Via an Agile and Flexible Organization Oriented

on Achieving Measurable Results

• Involve Participants With “Skin in the Game”





Identify – Partner – Innovate – Solve

Why Should We Pursue?

Benefits of Cyber Huntsville







Government

Value to the

• Integral part of the

national cyber Community

infrastructure

• Expand RDT&E Creation of local jobs

capabilities in cyber

Influx of cyber talent

Diversify community

capabilities

Academia Workforce enhancement

• Expand competitive Industry

position • Enhanced RDT&E

Collaboration

• Careers for capabilities in cyber

graduates









Cyber Huntsville: Builds on Huntsville’s nationally-recognized talent pool and

experience with focus on cyber R&D, M&S, engineering, T&E and experimentation



6

Draft Vision Statement







 By 2015 Huntsville will have a thriving Cyber

Center:

• HSV will be part of the $800 billion Global Cyber market

• The city will be recognized Nationally and

Internationally as a leader in Cyber R&D, M&S,

engineering, T&E, and experimentation

• Local academia will be producing cyber graduates from

degree and certificate programs

• There will be a thriving and close-knit network of

Government, Academia, and Industry working all

aspects of Cybersecurity





HSV will be an integral part of the national cyber infrastructure and activities







7

Draft Mission Statement





• Build A Cyber Center Of Excellence With Global

Reputation And Global Reach Through A Collaborative

Community Effort



• By Creating The Cyber Center, Bring Cyber Work To

Huntsville And Execute This Work In Huntsville



• By Creating The Cyber Center, Leverage Huntsville’s

Collective Intellectual Capital To Solve The Critical

Challenges Facing The National Cyber Infrastructure



An Internationally Recognized Cyber Leader That

Serves DoD, Other Federal Agencies, And Commercial Markets



8

Cyber Domain



Cyber Analysis Capabilities

Ground-based, Ship-borne, and Airborne Radar

Cyber Tools Systems -- Guided Missiles and Rockets

Electronic Warfare (EW) Systems -- Command, Testing and Analysis

Control, Communications, and Computer (C4) Systems Network Infrastructure

Attack Vectors









SNMP Community Telnet\SSH MITM

String Dictionary Attack Dictionary Attack UNIX NetMgt Server ARP Poisoning HP OpenView Server

Network Mgt Application Enumerate Oracle

with Spoofing to Router\Switches\ Running NIS v1 Sniffing

Download Router\ NetMgt Server TNS Listener to









The

Switch Configuration Identify Default SID’s

Ypcat -d Capture SNMP Community

passwd Strings and Unencrypted Attempt to Login Using

Build New Router

Configuration File to

Own Network Grab shadow file hashes

Login\Passwords, Protocol Default Login\Password

Passwords Further Enumerate

enable further privilege Infrastructure Further Enumerate

Oracle SID’s to

escation Oracle SID’s to

Identify User Accts.

Identify Default

Reconfigure DBA System Level









Cyber Domain

Crack Passwords Configure Perform Dictionary

Inject New Routes Router or Switch Accts\Passwords

Device for Attack

Upload New Or Bogus Protocol Further

Configuration File Packets Privilege

Using Comprimised Escalation

SNMP RW String Access Server Own Network Login to Oracle DB

Directly

Infrastructure with Discovered DBA

Own Network Privilege Account

Own Network Infrastructure

Infrastructure

Discover Backup

Execute OS CMDs from Run Oracle SQL CMDs Run Oracle SQL

HW Configs

Oracle PL/SQL Execute OS CMDs CMDs

Exploit ACL Trust Find NetMgt Execute OS CMDs

Relationship passwords and Attack Network from DB Find NetMgt Passwords, Add New

Attack SNMP\Telnet\SSH SNMP info, OS password Privileged OS









IA Architecture and Integration IT Security

SNMP config files









•

files Account









RF Collect Crack Passwords





Use New Privileged









Security Assessments

Crack Passwords









•

OS account to

Escalate Privileged

Access to Network

Own Network







C2

Infrastructure





Certification and IO

Technical Vulnerability Assessments

Own Network







•

Infrastructure







Accreditation Cyber M&S

• Information Systems Security Engineering EW

• Network Voice/Video/Data Systems Secure Network

Engineering Engineering CNA ISR

• Strategic Security Program Development

• Security Product Implementation CND

Incident CND

• Cyber-security Modeling and Simulation Response CNE

Foreign

Cyber Labs Skill Assess Signals

and Training



GIS FME Kill Chain Development

NOC’S





Process Supply Chain Algorithm

Exploitation Exploitation Exploitation



Cyber Training and Testing

Subsystems Characterized

RF and EO/IR Sensors and Detectors–Antennas–Phased Arrays–Transmitters–Receivers–Signal

Processors–Operator Displays and Controls–Data-links–Computers–Software Algorithms–RF and

EO/IR Missile Seekers–Warheads–Proximity Fuzes–Autopilots–Inertial Instruments–Altimeters–

Guidance Computers–Propulsion Systems–Airframes and Control Surfaces–Power Systems



9

Cyber Huntsville’s Core Mission





Weapon

Systems

HWIL

SIL





Weapon

Systems Huntsville

Cyber

Systems Capabilities

Engineering and Facilities

Talent Federal Agencies/

Organization

SMDC SED

AMCOM MSIC

AMC TSMO

MDA TVA

NASA



10

Role of Cyber Huntsville in the National Cyber Network





Huntsville Can

Provide Cyber:

• R&D

• M&S

• Engineering

• T&E

• Experimentation

…To fight in a degraded cyber

environment

… To protect infrastructure









Common Goal: To establish

dominance in cyberspace to

assure our critical infrastructure

and national security





11

Constructing Cyber Huntsville









 Build upon the teamwork and cooperation found in the

Huntsville area to establish a Cyber alliance

 Leverage Huntsville’s cyber technology capabilities and

significant, on-going cyber projects of national scope

 Draw upon the existing DoD, Federal, State, academic, and

industry capabilities in technology, science, and services to

build Huntsville as a Cyber Center of Excellence

 Serve as a regional center of cyber expertise, products,

and services

• Build locally and serve regionally and Nationally



Huntsville has been a Missile and Space Town for decades ---- It’s time to leverage the

engineering, science, and R&D capabilities to become a Cyber Town





12

Integrated Cyber Domain







Defense

 Cyber requires highly integrated

capabilities

Intelligence Offense

• No stovepipes

Cyberspace

• No hierarchies

R&D Ecosystem

Execution

M&S

 Individual Organizations must leverage

capabilities from others to be effective Governance

Human

Capital



 This requires a high level of coordination

across the functional areas of Cyber





Huntsville Has All The Capabilities Necessary To Address The Cyber Challenge



13

Organizational Concept







Cyber Huntsville

Advisory Panel







Cyber Huntsville

Working Group







Tennessee Valley Cyber Community









14

Advisory Panel





 Requested to serve and provide advice

• “Small” Group to Advise the Cyber Huntsville initiative

• Senior Level Participation by Key Organizational Stakeholders.

Provides Emphasis Within Their Organizations and within the

community

• Zealots for the Initiative

• Influence In and Out of Huntsville

• Interface and be responsive to elected officials

• “Policy-level” guidance / strategy for implementing Cyber Huntsville



 Actions

• Approve Cyber Huntsville initiative charter (Drafted by WG)

• Provide Strategic guidance and direction for Cyber Huntsville

Working Group activities

• Promote / advocate the Cyber Huntsville mission







15

Working Group



 WG Charter approved by Advisory Panel

 Takes strategic guidance from the Advisory Panel

 Executes the day-to-day activities of Cyber Huntsville Initiative

• Larger Group of Executers

– Enthusiastically support Cyber Huntsville initiative

– Focused on cooperation and collaboration – one team!

– Organizes and executes Community outreach and conferences

– Study other “Cyber City” initiatives (best practices & lessons learned)

• Composed of known Community Cyber leaders

 Provides Reports/updates to Advisory Group Meetings

 Near Term Actions

• Develop group charter for Advisory Group’s approval

• Develop the Cyber Huntsville Action Plan

• Develop the Cyber Huntsville Strategic Roadmap for Advisory Group

Approval

• Document Current Huntsville Cyber Requirements (government and

commercial) and Huntsville’s Current Cyber capabilities





16

Working Group



Chair: Dr. Rodney Robertson

Co-Chair: TBD



Local Government Federal Industry Academia Other

Mayors Office SMDC Small UAH FBI

Chamber of SED Medium Auburn Infraguard

Commerce AMCOM Large A&M Local NCIS

County NASA Calhoun 902d

Commission MSIC DSS

Legislative AMC

Delegations MDA

TSMO

TVA

 Federal/DoD Organizations That Are Executing Cyber Tasks

 Companies With Significant Cyber Capabilities and Cyber Investments in Huntsville

 Educational Organizations Teaching Cyber Courses or Conducting Cyber Research

 Security and Law enforcement organizations involved in Cyber Security in Huntsville



Working Group 1. Day-to-Day Operations of the Cyber Huntsville Activities

2. Frames Issues for Advisory Council/Mayor’s Decisions

3. Coordinates Cyber Initiatives Across the Community



17

Timeline



 19 November - Advisory Panel Kickoff

 13 January - Working Group Kickoff

• 18 January – Map IPT membership and chairs

• 25 January - Meet with IPT chairs

• 1 February - Next working Group Meeting, UAH 8:00 – 10:00

 Early February – Advisory Panel Meeting

• Draft Charter

• IPT Membership

 Community Outreach Briefings

• 10 Dec - HAMA

• 19 Jan - Huntsville Advanced Defense Technology Cluster

• 24 Jan - Space and Cyber Engineering / S&T Mega-Community Pilot

Meeting

 WG Roadmap Draft

• TBD (2011) – Cyber Event

Discussion

19