1 / 18

Cybersecurity Critical Infrastructure: A View from the Port of Seattle

2. AGENDA. Overview of the Port of SeattleBrief History of Cyber Exercises in the U.S. Pacific NorthwestOpinions on the Cyberterrorist Threat. . 3. Obligatory Disclaimer. The views and opinions that I express here today are my own and may not be, in whole or in part, those of my employer, the Port of Seattle.".

daryl
Download Presentation

Cybersecurity Critical Infrastructure: A View from the Port of Seattle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Cybersecurity & Critical Infrastructure: A View from the Port of Seattle Ernie Hayden CISSP CEH Chief Information Security Officer Port of Seattle

    2. 2 AGENDA Overview of the Port of Seattle Brief History of Cyber Exercises in the U.S. Pacific Northwest Opinions on the Cyberterrorist Threat

    3. 3 Obligatory Disclaimer “The views and opinions that I express here today are my own and may not be, in whole or in part, those of my employer, the Port of Seattle.”

    4. 4 The CITY of the Port of Seattle Multifaceted Public Agency Generates 165,000 Jobs in Region $5.5B Payroll Revenue > $12B State & Local Tax Generation >$660M Airport, Seaport, Fishing Terminal, Parks & Recreation Police, Fire and EMS Services The CITY of the Port of Seattle Multifaceted Public Agency Generates 165,000 Jobs in Region $5.5B Payroll Revenue > $12B State & Local Tax Generation >$660M Airport, Seaport, Fishing Terminal, Parks & Recreation Police, Fire and EMS Services

    5. 5 Infrastructure Interdependencies Utilities Power: Seattle City Light and Puget Sound Energy Steam Heat: Seattle Steam (Pier 66) Gas: Puget Sound Energy Telephone/Internet: Qwest, AT&T (Cell), NexTel (Cell), Verizon (Cell) Water: Seattle Public Utilities & Local Water Districts Airport Fuel Transport: Olympic Pipeline Information Systems (servers, networks, 2000+ desktops) Major Fibre and Network Structure Railroads (BNSF, Union Pacific) Highways (I-5, I-90) Viaduct Banking / Finance Like any city, we require a variety of services to support our operation: Utilities Computer Systems and Network Infrastructure supporting the Seaport, Airport and Corporate organizations Transportation Systems – Like any city, we require a variety of services to support our operation: Utilities Computer Systems and Network Infrastructure supporting the Seaport, Airport and Corporate organizations Transportation Systems –

    6. 6 Vulnerability Exercise City of Seattle’s “ALKI” International Exercises – US / Canada TopOff2 Livewire BlueCascades II TABLETOP EXERCISES UNDERSCORE CRITICALITY OF CYBER-ISSUES

    7. 7 Alki – Vulnerability Assessment Exercise TABLETOP STYLE OF EXERCISE FOCUS: “CYBER-TERRORISM” AND OTHER ELECTRONIC THREATS PARTICIPANTS Hosted by… City of Seattle & SPD Emergency Preparedness Bureau In collaboration with… the AGORA From City of Seattle… DoIT, SPU, City Light, SDoT, Library, SPD, SFD, EOC From Other Agencies… DoD, White House, DoE, etc. OBJECTIVE: ANSWERS TO THESE QUESTIONS… What are the City’s technical vulnerabilities? How might they be exploited? Are there any early warning signals? Are there any “low-hanging fruit” for mitigation? What about long-term mitigation? 4 TEAMS: Long Dwell Short Dwell Trust Team Kill Team Alki – Vulnerability Assessment Exercise TABLETOP STYLE OF EXERCISE FOCUS: “CYBER-TERRORISM” AND OTHER ELECTRONIC THREATS PARTICIPANTS Hosted by… City of Seattle & SPD Emergency Preparedness Bureau In collaboration with… the AGORA From City of Seattle… DoIT, SPU, City Light, SDoT, Library, SPD, SFD, EOC From Other Agencies… DoD, White House, DoE, etc. OBJECTIVE: ANSWERS TO THESE QUESTIONS… What are the City’s technical vulnerabilities? How might they be exploited? Are there any early warning signals? Are there any “low-hanging fruit” for mitigation? What about long-term mitigation? 4 TEAMS: Long Dwell Short Dwell Trust Team Kill Team

    8. 8

    9. 9

    10. 10 Lessons Learned Top Official Awareness of Cyber-Related Issues The Value of Delegated Command and Control Identifying Training and Education Needs Value of Strategic and Tactical Network Architecture Clearer Understanding of Cyber-Threat Spectrum The Value of a Trusted Network Neighborhood Lessons Learned Top Official Awareness of Cyber-Related Issues The Value of Delegated Command and Control Identifying Training and Education Needs Value of Strategic and Tactical Network Architecture Clearer Understanding of Cyber-Threat Spectrum The Value of a Trusted Network Neighborhood

    11. 11

    12. 12 Blue Cascades II Focus on a CyberTerrorism Event followed by a Physical Event Blue Cascades II was Follow-on to Blue Cascades I held in 2002 Dan Verton’s Book Black Ice covers much of Blue Cascades I results Blue Cascades I Centered on Physical Attacks & Disruptions Infrastructure Interdependencies Tabletop Exercise Other Players Over 200 Participants DHS, CERT DoD Medical/Hospitals Public Safety Logistics Companies Canadian Government PlayersOther Players Over 200 Participants DHS, CERT DoD Medical/Hospitals Public Safety Logistics Companies Canadian Government Players

    13. 13 General Exercise Conclusions Scenarios Demonstrated… Cyber attacks “Can” be Initiated by a Determined Enemy Cyber attacks “Can” / “May” Seriously Impact Some/Many Infrastructures But… Cyber attacks May Not Be As “Consequential” as Explosions, Death and Destruction Cyber attacks Can Be Defended Against with Layered Cyber Defenses, Trusted Networks, etc.

    14. 14 Current Analysis & Opinions The Terrorists Need the Internet and Cyberspace Command and Control Coordination and Communications Recruiting Training Fundraising – via Cybercrime, ID Theft, and Even “Legitimate” Donations Evangelizing Conclude: No Advantage to Strategically Impacting Cyberspace – but Maybe Tactical/Localized Focus & Benefit

    15. 15 Example: www(.)arabteam2000-forum(.) com Technical Mujahid, A Training Manual for Jihadi’s Steganography – Hiding Secrets Inside Images Designing Jihadi Websites from A-Z Secrets of Mujahideen – First Islamic Encryption Software Video Technology Next Issue… Jihadi Forums and Secure Surfing on the Internet How to Bug Cellular Phones

    16. 16 Opinions on Terrorists and Cyber Cyberterrorism Has Appeal Anonymous “Global” Target Psychological Impact Media Appeal Cyberterrorism Has Drawbacks Defenses by Infrastructure Owners and Managers May Not Result in Optimal Psychological Effect Anonymity Can Be Troublesome The Internet and Cyber are Key Tools for the Terrorists

    17. 17 What Do We Do? Plan for Cyberterrorism – Maintain Your Defenses Plan for Violent Terrorism with Cyber “Softening” Attacks Study the Enemy – Learn Their Tactics for Physical and Cyber Attack Vectors Think Outside the Box -- How Can a Terrorist Take Advantage of My Network and the Internet?

    18. 18

    19. 19 References “Terrorism Monitor,” The Jamestown Foundation, March 29, 2007 “Cyberterrorism,” Gabriel Weimann, United States Institute of Peace, December 2004 “Examining the Cyber Capabilities of Islamic Terrorist Groups,” Institute for Security Technology Studies, Dartmouth University, November 2003 “Wikipedia Becomes Intelligence Tool and Target for Jihadists,” Thomas Claburn, Information Week, March 22, 2007 Mr. Kirk Bailey, CISO University of Washington and Past CISO for the City of Seattle (Brainchild of Alki Exercise)

More Related