Presented at
Black Hat USA 2019,
Aug. 8, 2019, 11 a.m.
(50 minutes).
The veneer of modern civilization is thin and brittle. Given sufficient will, it is disturbingly easy to systematically dismantle the functions of government and the cohesion which binds society together. Armies are maneuvering in cyberspace right now. State cyberspace, electronic warfare, and information operations forces wield massive power that, when combined, can overwhelm fragile infrastructure and disjoint defenses.
We see ongoing targeting and increasingly intense probing of critical infrastructure on a global scale. The trend is toward operations of increasing scope and impact, from passive surveillance to disruption to destruction. We must acknowledge that the groundwork has already been laid for even more aggressive attacks, and that today's operations serve to prove and hone those capabilities.
Enterprises and organizations attempting to stand as individuals against such threats will be defeated as individuals. Governments can help, but often stumble due to political indecisiveness, ponderous bureaucracies, and inability to focus beyond the near-term. We need collective defenses that match the agile, coordinated offensive techniques state forces can bring to bear.
In this talk we examine templates for attacking and defending nations. Militaries have long used doctrinal templates – models based on known or postulated adversary doctrine – to support traditional kinetic warfare training and warfighting. The same approach works well for defending in cyberspace. We'll provide templates of ways threat actors could disrupt or defeat a country, considering various time horizons and degrees of attribution.
You'll leave this talk with a playbook for how nations might be attacked and defended, a methodology for creating templates and scenarios useful for your own defensive planning, and an enhanced understanding of our collective vulnerability and the need for teamwork to overcome the problem.
Presenters:
-
Robert Fanelli
- Computer Scientist, IronNet Cybersecurity
Bob Fanelli is a computer scientist and security practitioner with IronNet Cybersecurity. Prior to joining IronNet, he served as a US Army Colonel at US Cyber Command in multiple roles, including controlling DoD global cyberspace operations, leading the USCYBERCOM/NSA Combined Action Group, and conducting research and development activities. He has published, presented and taught security topics in several venues, including the United States Military Academy at West Point and the National Cryptologic School. He holds a Ph.D. in Computer Science from the University of Hawaii, MS from the University of Louisville, a BS from Penn State University, and a number of industry credentials, including the designation of GIAC Security Expert (GSE).
-
Greg Conti
- Senior Security Strategist, IronNet Cybersecurity
as Gregory Conti
Gregory Conti is Senior Security Strategist at IronNet. Formerly he served on the West Point faculty for more than a decade where he led their cybersecurity research and education efforts. During his career in the Army he served in a variety of Signals Intelligence and Cyber Operations assignments, deploying to Iraq as Officer-in-Charge of U.S. Cyber Command's Expeditionary Cyber Support Team and as a Senior Advisor in the U.S. Cyber Command Commander's Action Group where he co-developed the Joint Advanced Cyber Warfare Course. Gregory is the co-author of the recently published book, On Cyber: Towards an Operational Art for Cyber Operations (Kopidion Press), as well as approximately 75 articles and papers covering online privacy, usable security, cyber conflict, and security visualization. He has spoken at numerous security conferences, including Black Hat, DEFCON, RSA, ShmooCon, HOPE, Google Ideas, and the NATO Conference on Cyber Conflict. Greg holds a B.S. from West Point, an M.S. from Johns Hopkins University, and a Ph.D. from the Georgia Institute of Technology, all in computer science. He may be found at www.gregconti.com, on Twitter as @cyberbgone and teaching two Black Hat Training courses – Information Operations: Influence, Exploit, and Counter and Military Strategy and Tactics for Cyber Security.
Links:
Similar Presentations: