Cyber Defence & Network Security Conference (CDANS), January 24-27, 2012, London
The Cyber Defence & Network Security Conference (CDANS) will be held 24 - 27 January, 2012 at the Radisson Blu Portman Hotel, London, UK. The conference, organised by IQPC, covers the following topics: Cyber Security, Cyber Warfare, Cyber Terrorism, Cyber Defence, Cyber, Network Security, Information Security, Computer Network Attack, Computer Network Exploitation, Computer Network Defence, Communication Networks, C312m Security Technology, C-DAC, CDMA, GSM, Cyber Attack, ISR, Information Operations, Cyber Exploitation, Government Systems and Cyber Capabilities.
CDANS will bring together many of the world’s key experts and leaders in what is considered a priority Tier-1 threat to most countries and organisations’ interests. Welcome to CDANS, with an international speaker faculty including leaders of the most prominent military cyber commands, intelligence services, government and critical national infrastructure.
U.S. - Taiwan $5.3 Bln Arms Deal Will Likely Fuel Cyber Attacks Against U.S. Infrastructure
China is ramping up its protests against multibillion-dollar U.S. arms sale to Taiwan, with the Chinese Foreign Minister Yang Jiechi asserting his position in unambiguous terms to U.S. Secretary of State Hillary Clinton Monday that the deal should be reconsidered. The bottomline is that America should be ready for another wave of cyber attacks. Whenever the Chinese side is displeased whether by visit of Dalai Lama to White House or by disagreements on currency valuation, cyber attacks originating from China have become the standard pattern of expressing displeasement.
Energy and Utility Cyber Security Summit, November 8-9, 2011, Amsterdam, Netherlands
Conference & Exhibition Energy and Utility Cyber Security Summit will be held 8th - 9th November, 2011, at the Mövenpick Hotel, Amsterdam, Netherlands.
Develop best practice guidelines to certify the security and reliability of your infrastructure and information assets and join 200+ senior level industry leaders and key decision makers attending this premier industry event with training courses and workshops from CSIRS, RUSI and Red Dragon Rising. Case studies from Shell, E-ON, NEK, Alliander, Elia and exclusive insights from the CPNI, ENISA, EuroSCSIE.
The Cyber Security for Energy Delivery Conference September 27-28, 2011, San Jose, California
The Cyber Security for Energy Delivery Conference will be held September 27th-28th, 2011, Crowne Plaza Hotel, San Jose - Downtown, USA. Speaker line up included DHS, DoE, FERC, Southern Company, Salt River Project, ERCOT, SDG&E, DTE Energy, California Public Utility Commission, Texas Public Utility Commission, Argonne National Lab and Waterfall Security.
This forum aims to encourage knowledge sharing and collaboration between key government and regulatory bodies with major public and private asset owners to tackle the key challenges in cyber security implementation and regulation for the bulk power grid.
International Industrial Control Systems Cybersecurity Advanced Training, September 12 - 16, 2011, Idaho Falls, Idaho
The United States Department of Homeland Security Control Systems Security Program has announced the 5th annual International Industrial Control Systems (ICS) Cybersecurity Advanced Training to be held September 12 - 16, 2011 at the Control Systems Analysis Center, 765 Lindsay Boulevard, Idaho Falls, Idaho.
This event will provide intensive hands-on training on protecting and securing industrial control systems from cyber attacks, including a Red Team/Blue Team exercise that will be conducted within an actual control systems environment. This exercise provides an opportunity to network and collaborate with other colleagues involved in protecting our nation’s critical infrastructure.
Who Should Attend?
This course is intended for members of the industrial control systems community associated with component and software development, IT and process control network operations and security, and operations/management of critical infrastructure assets and facilities.
Prerequisites
Each attendee should have practical knowledge with ICS networks, software, and components, have basic coding skills, and a fairly deep understanding of IT network details such as the difference between UDP & TCP, and MAC & IP addresses. Every student attending this course should bring a laptop computer (with a DVD drive) to which they have “administrator” privileges, allowing them to configure and load software.
Registration
This training is targeted to asset owners, operators and vendors of critical infrastructure. The class size is limited to approximately 35 participants, with a maximum of 2 individuals per company per event.
Structure and Agenda
This event includes 5 days of intensive cybersecurity for industrial control systems training, and a Red Team / Blue Team exercise:
Day 1 - Welcome, overview of the DHS Control Systems Security Program, a brief review of cybersecurity for Industrial Control Systems, a demonstration showing how a control system can be attacked from the internet, and hands-on classroom training on Network Discovery techniques and practices.
Day 2 - Hands-on classroom training on Network Discovery, using Metasploit, and separating into the Red and Blue Teams.
Day 3 - Hands-on classroom training on Network Exploitation, Network Defense techniques and practices, and Red and Blue Team strategy meetings.
Day 4 - A 12-hour exercise where participants are either attacking (Red Team) or defending (Blue Team). The Blue Team is tasked with providing the cyber defense for a corporate environment, and with maintaining operations to a batch mixing plant, and an electrical distribution SCADA system.
Day 5 - Red Team/Blue Team exercise lessons learned and roundtable discussion.
Cost to Attend
There is no cost to attend the training; however, travel expenses to and from and accommodations at Idaho Falls are the responsibility of each participant.
About the Red Team / Blue Team Simulation
The scenario - a chemical company is producing a new chemical that can revolutionize the industry and will provide the company with huge profits - if processed properly. A competitor has been trying to develop a similar chemical but has failed. The competitor has hired the Red Team to disrupt their operations. The chemical company has hired the Blue Team as expert consultants and operators because they fear a cyber attack from a competitor is imminent.
This exercise, developed as a realistic ‘attacker - defender’ scenario, provides players the venue to apply their technical capabilities and provides first hand experience as it relates to common security vulnerabilities in control systems domains and the affiliated corporate environments.
Attendees are assigned to either the red team or the blue team. This exercise provides friendly competition as the red team tries to attack the industrial control system and the blue team works to defend against the cyber attacks.
A debriefing will highlight lessons learned from the red team, the blue team, and an overall perspective will be provided by cyber security experts in the white cell who monitored and scored the activities of the red and blue teams.
Additional Information
Please contact CSSP, Email: CSSP_Training@hq.dhs.gov.
No Government Agency is Immune From Malicious Cyber Activity
Ben Nelson, chairman of the Senate Armed Services Subcommittee on Strategic Forces and Nebraska’s Senator, commented on a breach of Pentagon computer network:
“While it’s likely no government agency is immune from malicious cyber activity, the latest revelations that spies penetrated a Pentagon computer network and were undetected, perhaps for months, shows that we must improve our nation’s cyber defenses. This should serve as a wake-up call that the 2012 National Defense Authorization Act should be passed because it will improve our cyber defense capabilities. It would enhance the ability to preempt an attack by requiring the Pentagon to acquire and incorporate alternative methods for cyber security attack detection. That includes capabilities developed by the National Security Agency and commercial industry to detect, analyze, and isolate new computer attacks and viruses almost as they are happening.
Another new provision addresses insider threats, such as those we’ve seen from the ‘wikileaks’ event. It requires the Pentagon to develop a program to stop ‘insiders’ from being able to download and export large quantities of sensitive information from DOD networks.”
CACI Acquires Cyber Security Company
CACI International Inc (NYSE: CACI) has acquired Pangia Technologies, LLC, a software engineering company that provides technical solutions in the areas of computer network operations, information assurance, mission systems, software and systems engineering, and IT infrastructure support. This acquisition furthers CACI’s growth in cybersecurity solutions and increases its already strong presence in the Intelligence Community. Founded in 1999, Pangia has 110 employees and is headquartered in Fulton, Maryland. Pangia’s work has high technical content and includes application development, systems vulnerability auditing and threat analysis, intrusion detection engineering, system security architecture design and development, broadly based software development, and design, development, and support for key systems through their lifecycle. Pangia has contract vehicles with key members of the Intelligence Community, the Department of Homeland Security, the United States Air Force, and the United States Navy. In calendar year 2010, the company’s revenue was $18.7 million.
Defense Industrial Base (DIB) Cyber Pilot
Remarks at the 28th Annual International Workshop on Global Security
As Delivered by Deputy Secretary of Defense William J. Lynn, III, Paris, France, Thursday, June 16, 2011
Thank you Roger.
It is a pleasure to be here in Europe, and have so many of our closest allies and defense partners here with us today.
I would like to acknowledge Gerard Longuet and Peter Luff, and all of the other speakers who will join us.
This gathering of leading defense thinkers is itself an important affirmation of the strong ties our nations share. I would like to thank Roger, Admiral Laborde, and the French Ministry of Defense for hosting us.
Our conversation on the global security environment is a timely one. We meet as an unprecedented coalition effort over Libya is underway, and as the mission in Afghanistan is entering a pivotal new phase. We also meet during a period of fiscal austerity that is affecting defense budgets worldwide. These topics and others will make this year’s gathering a particularly relevant meeting place for national security policymakers.
Even as we discuss and debate the security challenges that dominate the present, we must also look ahead, to emerging threats and the dynamics that are likely to shape the future strategic environment. One of the most consequential aspects of our present and future security environment is the threat posed by computer network attacks. Today, I would like to address this development and its implications for international security.
Information technologies have revolutionized how our militaries organize, train, and equip. They are at the core of our most important military capabilities—communications, command and control, navigation, and intelligence, surveillance and reconnaissance.
But for all the military capability that information technology enables, it also introduces vulnerabilities. We learned this lesson in 2008 when a foreign intelligence agency used a thumb drive to penetrate our classified computer systems—something we thought was impossible. It was our worst fear: a rogue program operating silently on our system, poised to deliver operational plans into the hands of an enemy.
The cyber threat continues to grow, posing new dangers to our security that far exceed the 2008 breach of our classified systems.
To date, the most prevalent cyber threat has been exploitation of our networks. By that, I mean the theft of data from both government and commercial networks. On the government side, foreign intelligence services have ex-filtrated military plans and weapons systems designs. Commercially, valuable source code and intellectual property has likewise been stolen from business and universities.
The recent intrusions at the International Monetary Fund, the U.S. defense contractor Lockheed Martin, and at Citibank join those that occurred in the oil and gas sector, at NASDAQ, and at Google as further, troubling instances of a widespread and serious phenomenon. Even some companies employing sophisticated commercial defenses have fallen victim to intrusions that have compromised services and stolen intellectual property.
Many of those in this room have first-hand experience with the cyber threat. The French Finance Ministry and European Commission are two institutions here on the continent to have suffered major intrusions in recent months.
This kind of cyber exploitation does not have the dramatic impact of a conventional military attack. But over the long term it has a corrosive effect that in some ways is more damaging. It blunts our edge in military technology and saps our competitiveness in the global economy.
More recently, a second cyber threat has emerged—and that is disruption of our networks. In this type of attack intruders seek to deny or degrade the use of important government or commercial network. The denial of service attacks against Estonia in 2007 and against Georgia in 2008 are examples of this kind of threat. Along similar lines, the hacker group Anonymous targeted eBay and Paypal.
To this point, the disruptive attacks we have seen are relatively unsophisticated in nature, largely reversible, and short in duration. But in the future, more capable adversaries could potentially immobilize networks on an even wider scale, for longer periods of time.
The third and most dangerous cyber threat is destruction, where cyber tools are used to cause physical damage. This development—which would mark a strategic shift in the cyber threat—is only just emerging. But when you look at what tools are available, it is clear that this capability exists. It is possible to imagine attacks on military networks or on critical infrastructure—like the transportation system and energy sector—that cause severe economic damage, physical destruction, or even loss of life.
Of course, it is possible that destructive cyber attacks will never be launched. Regrettably, however, few weapons in the history of warfare, once created, have gone unused. For this reason, we must have the capability to defend against the full range of cyber threats.
In short, the cyber threat is moving up a ladder of escalation, from exploitation, to disruption, and ultimately, to destruction. As this threat continues to escalate, the groups that possess these capabilities are also likely to expand in dangerous directions.
Today, the highest levels of cyber capabilities resides almost entirely in sophisticated nation-states. Thus far, nation-states have primarily deployed their capabilities to exploit and occasionally disrupt networks, rather than to destroy them. Many foreign intelligence agencies have attempted intrusions on U.S. networks, but these intrusions are largely limited to exploitation. Although we cannot dismiss the threat of a rogue state lashing out, most nations have no more interest in conducting a destructive cyber attack against us than they do a conventional military attack. The risk for them is too great. Our military power provides a strong deterrent.
So even though nation-states are the most capable actors, they are not the most likely to initiate a catastrophic attack, at least in current circumstances. We nevertheless must prepare for the likelihood that cyber attacks will be part of any future conventional conflict. We need cyber capabilities that will allow us to deter and to defend against the most skilled nation-state.
But perhaps the greater and more immediate concern is the threat of a terrorist group gaining disruptive or destructive cyber capabilities. Al Qaeda, which has vowed to unleash cyber attacks, has not yet done so. But it is possible for a terrorist group to develop cyber attack tools on their own or to buy them on the black market. The nature of cyber is that a couple dozen talented programmers, using off the shelf equipment, can inflict a lot of damage. Moreover, with few tangible assets to lose in a confrontation, terrorists groups are very difficult to deter. We have to assume that in cyber as in other areas, if terrorists have the means to strike, they will do so.
So we stand at an important crossroads in the development of cyber threats. More destructive tools are being developed, but have not yet been used. And the most malicious actors have not yet acquired the most harmful capabilities. This situation will not hold forever. Terrorist organizations or rogue states could obtain and use destructive cyber capabilities. We need to develop stronger defenses before this occurs. We have a window of opportunity—of uncertain length—in which to protect our networks against more perilous threats.
To ensure we can prevail against the spectrum of threats that cyber poses, we should pursue three avenues of action.
First, we must raise the level of protection in government and military networks. We must ready our defense institution to confront cyber threats, because it is clear that any future conflict will have a cyber dimension. Future adversaries will seek to use our reliance on information technology against us. We must be prepared to defend our networks effectively.
Accordingly, the U.S. Defense Department is moving aggressively to counter the cyber threat. As a doctrinal matter, we must be able to defend and operate freely in cyberspace. Over the past two years, we have deployed specialized active defenses to protect military networks and we have established the U.S. Cyber Command to operate and defend them. And we are developing a comprehensive cyber strategy that will guide how each military service trains, equips, and commands its forces for the cyber mission.
As we prepare our own forces to face the cyber challenge, we must pursue a second avenue of action—working with our allies and partners on collective cyber defenses. We must strengthen our collective ability to monitor and respond to intrusions.
In cyberspace, the more attack signatures you can see, and the more intrusions you can trace, the better your defense will be. In this way the Cold War construct of shared warning has applications to cyberspace today. Just as our air and space defenses are linked with those of our allies to provide warning of airborne and missile attacks, so too can we cooperatively monitor our computer networks for cyber intrusions.
In the past year the Department of Defense has worked with NATO nations and other partners to strengthen our cyber engagements. Last month, the Obama Administration released the U.S. International Strategy for Cyberspace. White House Cyber Security Coordinator Howard Schmidt will speak tomorrow about what this new strategy means for our friends and allies, and how it will help foster a more free, reliable, and secure global internet.
For the Department of Defense, the international strategy provides a framework for our contribution to an effort that has many facets, from internet freedom and e-commerce to cybercrime law enforcement and international norms of behavior. Ultimately, this strategy will help us build a coalition of nations whose mutual interest in securing cyberspace will ensure the benefits we derive from it flow uninterrupted.
A consensus for action on cyber security is emerging in Europe. NATO is unanimous in acknowledging the need to elevate its treatment of network security. The new strategic concept names cyber security as a leading priority for NATO in the 21st Century. The alliance made a high level commitment to cyber security at the Lisbon summit last. As a result, upgrades are underway to enable NATO to better defend its networks. The commitment to take NATO’s Cyber Incident Response Center to full operating capability by 2012 is a significant step in the right direction. And at last week’s ministerial, NATO ministers approved final cyber policy guidance.
The European Union is also moving rapidly to address cyber security. Through the U.S.-E.U. cyber dialogue, Secretary of Homeland Security Janet Napolitano has met with the E.U. Home Affairs Commissioner. I have conferred with the E.U. High Representative. And a joint cyber exercise slated for later this year will help established how our computer incident response centers can work in partnership with the EU’s new cyber security unit.
The third avenue of action is to form public-private partnerships with the operators of critical infrastructure. We need to work with industry to raise the level of network defenses in industrial sectors that are crucial to our economy and to the functioning of our militaries. This is in many ways the most consequential to the security of our societies.
The threats we face in cyberspace target much more than military systems. Cyber intruders have already probed many U.S. government networks, our electrical grid, and our financial system. The failure of any one of these could cause massive physical damage and economic disruption.
This is noteworthy because protecting our nation’s critical infrastructure is not only essential to the functioning of daily life. It is also crucial to national security.
In the U.S., as in Europe, our military bases and installations are part of—and not separate from—the civilian infrastructure that supports our towns and cities. Ninety-nine percent of the electricity the U.S. military uses comes from civilian sources. Ninety percent of U.S. military voice and internet communications travel over the same private networks that service homes and offices. We also rely on the nation’s transportation system to move military freight, we rely on commercial refineries to provide fuel, and we rely on the financial industry to pay our bills.
Disruptions to any one of these sectors would significantly impact defense operations. A cyber attack against more than one could be devastating.
In short, secure military networks will matter little if the power grid goes down or the rest of government stops functioning. Protecting the networks that undergird critical infrastructure must be part of our national security and homeland defense missions.
Making this part of our mission will require a strong partnership with agencies who have jurisdiction over systems critical to military effectiveness. In the United States, the Department of Homeland Security has responsibility for protecting the .gov domain and for leading government efforts to protect critical infrastructure in the .com domain.
In the past year, we have signed a memorandum of agreement with the Department of Homeland Security that codifies our commitment to seamlessly coordinating cyber security efforts. Wehave established a joint planning capability and exchange of personnel in our cyber watch centers. And we are helping Homeland Security deploy advanced defensive technologies on our government networks.
The critical infrastructure upon which our defense establishment depends also extends to the private companies that produce military equipment and weapons. Our defense industrial base is critical to our military effectiveness. Their networks hold valuable information about our weapons systems and their capabilities. The theft of design data and engineering information from within these networks greatly undermines the technological edge we hold over potential adversaries.
Current countermeasures have slowed but not stopped the continued exploitation of U.S. defense industry networks. We need to do more to guard these vital storehouses of design innovation.
Toward that end, last month, the Department of Defense, in partnership with the Department of Homeland Security, established a pilot program with a handful of defense companies to provide more robust protection for their networks. In this Defense Industrial Base—or DIB—Cyber Pilot, the Defense Department is sharing classified threat intelligence with defense contractors or their commercial internet service providers along with the know-how to employ it in network defense. By furnishing network administrators with this threat intelligence, we will be able to strengthen the existing cyber defenses at defense companies.
In the DIB Cyber Pilot, the U.S. government will not be monitoring, intercepting, or storing any private sector communications. Rather, threat intelligence provided by the government is helping the companies themselves, or the internet service providers working on their behalf, to identify and stop malicious activity within their networks. The pilot is voluntary for all participants.
Although this pilot breaks new ground on several fronts, we have a long way to go, and a lot of work to do, before our critical infrastructure will be fully secure. But by establishing a lawful and effective framework for the government to help operators of one critical infrastructure sector defend their networks, we hope the DIB Cyber Pilot can be the beginning of something bigger. It could serve as a model that can be transported to other critical infrastructure sectors, under the leadership of the Department of Homeland Security.
Without question, developments in cyberspace have redefined the front lines of national security. Within a few short years, information technology has transitioned from a support function to a strategic element of power in its own right. As a result, future conflicts will unquestionably have a cyber dimension.
The doctrine, organizational structure, and resource allocation of our defense ministries must change to reflect this new reality. But our efforts cannot end there. The challenges we face in cyberspace are not amenable to narrow solutions. No single agency can tackle the required issues. No one nation can devise or enforce a sustainable solution. And no combination of nations can succeed without partnering with private sector companies. The range of actions necessary to enhance cyber security will require engagement in our defense institutions, across our governments, between our nations, and between the public and private sectors.
In short, we must work together, as everyone—from ordinary citizens, to the owners and operators of critical infrastructure, to our warfighters on the front lines—has a stake in cyber security.
Like other security challenges that galvanize like-minded nations, cyber threats can be more ably defeated through collective action. And just as we have for the last sixty years, I am confident that we can act collectively against this threat, and make the investments in capability and interoperability necessary for us to prevail
Thank you.
Cyber Warfare Online 2011, June 13th - July 8th 2011
Cyber Warfare Online 2011 is an online event organized by Defence IQ. Cyber Warfare Online 2011 will focus on the following key areas:
- The development of the ‘art of war’ for cyber space, looking at battle management and command and control.
- Understand the latest strategies, such as defensive counter-cyber, in defending your network against cyber attacks.
- Learn how other militaries are developing their exploit and attack capabilities in conjunction with the government and intelligence agencies.
8th International Symposium on Visualization for Cyber Security, July 20 2011, Pittsburgh, PA
The 8th International Symposium on Visualization for Cyber Security will be held at Carnegie Mellon University from July 20, 2011, Pittsburgh, PA. VizSec brings researchers and practitioners from academia, government, and industry to share insights and present solutions to modern cyber security challenges using visualization techniques. Technical papers, speakers, and presentations are featured in this year’s program.
