The Library of Sparta

Presented at Black Hat USA 2014, Aug. 6, 2014, 10:15 a.m. (60 minutes)

On today's increasingly militarized Internet, companies, non-profits, activists, and individual hackers are forced to melee with nation-state class adversaries. Just as one should never bring a knife to a gun fight, a network defender should not rely on tired maxims such as "perimeter defense" and "defense in depth." Today's adversaries are well past that. This talk teaches you how to tap what we call the Library of Sparta - the collective written expertise codified into military doctrine. Hidden in plain sight, vast free libraries contain the time-tested wisdom of combat at the tactical, operational, and strategic levels. This is the playbook nation-state adversaries are using to target and attack you. This talk will help you better understand how adversaries will target your organization, and it will help you to employ military processes and strategies in your defensive operations. These techniques scale from the individual and small team level all the way up to online armies. This talk isn't a dry index into the library of doctrine, we provide entirely new approaches and examples about how to translate and employ doctrinal concepts in your current operations. Many people in the computer security community use words like "OPSEC," "Kill Chain," and "intelligence-driven" without fully understanding the underlying concepts. Even worse, many show their ignorance by using military jargon incorrectly, thereby alienating clients, customers, and colleagues. These concepts are powerful and should not be ignored, but they must be well understood before they can be leveraged in your network. This talk will include topics such as deception, electronic warfare, operations security, intelligence preparation of the battlefield, human intelligence collection, targeting, psychological operations, information operations, maneuver, and military cryptanalysis, among numerous others. Conventional wisdom at Black Hat is that that attacker will always win. Attackers have a clear intelligence advantage over defenders when it comes to vulnerabilities, malware, and open source information. A key point of the talk will be helping defenders generate the intelligence, information, and disinformation advantage necessary to turn the tables. You will leave this talk with an entirely new arsenal of military-grade strategies that will help you advance your work beyond the individual and small-team level and will prepare you to take on the most advanced adversaries.


  • Tom Cross / Decius - Lancope   as Tom Cross
    Tom Cross is Director of Security Research at Lancope, where he works on advancing the state-of-the-art in network behavioral anomaly detection with netflow. He has over a decade of experience as a computer security researcher and thought leader. He is credited with discovering a number of critical security vulnerabilities in enterprise-class software and has published papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. He was previously manager of X-Force Research at IBM Internet Security Systems. He has spoken at numerous security conferences, including Black Hat, DEF CON, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides.
  • Greg Conti - West Point
    Greg Conti is an Associate Professor and Director of West Point's Cyber Research Center. He is the author of "Security Data Visualization" (No Starch Press) and "Googling Security" (Addison-Wesley) as well as over 60 articles and papers covering cyber warfare, online privacy, usable security, and security data visualization. He has spoken at numerous security conferences, including Black Hat, DEF CON, CyCon, HOPE, Interz0ne, ShmooCon, and RSA. His work can be found at
  • David Raymond - USMA
    David Raymond is an Associate Professor at West Point where he teaches courses in computer networking and cybersecurity and coaches the West Point CTF Team. He is an Army officer of 25 years with a unique mix of experience in armored maneuver warfare and Army systems automation. He has published over 20 papers and articles on topics including computer architecture, wireless security, online privacy, and cyber warfare and has spoken at several academic and industry conferences.