180 likes | 475 Views
2. AGENDA. Overview of the Port of SeattleBrief History of Cyber Exercises in the U.S. Pacific NorthwestOpinions on the Cyberterrorist Threat. . 3. Obligatory Disclaimer. The views and opinions that I express here today are my own and may not be, in whole or in part, those of my employer, the Port of Seattle.".
E N D
1. Cybersecurity & Critical Infrastructure:A View from the Port of Seattle Ernie Hayden CISSP CEH
Chief Information Security Officer
Port of Seattle
2. 2 AGENDA Overview of the Port of Seattle
Brief History of Cyber Exercises in the U.S. Pacific Northwest
Opinions on the Cyberterrorist Threat
3. 3 Obligatory Disclaimer “The views and opinions that I express here today are my own and may not be, in whole or in part, those of my employer, the Port of Seattle.”
4. 4 The CITY of the Port of Seattle
Multifaceted Public Agency
Generates 165,000 Jobs in Region
$5.5B Payroll
Revenue > $12B
State & Local Tax Generation >$660M
Airport, Seaport, Fishing Terminal, Parks & Recreation
Police, Fire and EMS Services
The CITY of the Port of Seattle
Multifaceted Public Agency
Generates 165,000 Jobs in Region
$5.5B Payroll
Revenue > $12B
State & Local Tax Generation >$660M
Airport, Seaport, Fishing Terminal, Parks & Recreation
Police, Fire and EMS Services
5. 5 Infrastructure Interdependencies Utilities
Power: Seattle City Light and Puget Sound Energy
Steam Heat: Seattle Steam (Pier 66)
Gas: Puget Sound Energy
Telephone/Internet: Qwest, AT&T (Cell), NexTel (Cell), Verizon (Cell)
Water: Seattle Public Utilities & Local Water Districts
Airport Fuel Transport: Olympic Pipeline
Information Systems (servers, networks, 2000+ desktops)
Major Fibre and Network Structure
Railroads (BNSF, Union Pacific)
Highways (I-5, I-90)
Viaduct
Banking / Finance
Like any city, we require a variety of services to support our operation:
Utilities
Computer Systems and Network Infrastructure supporting the Seaport, Airport and Corporate organizations
Transportation Systems –
Like any city, we require a variety of services to support our operation:
Utilities
Computer Systems and Network Infrastructure supporting the Seaport, Airport and Corporate organizations
Transportation Systems –
6. 6 Vulnerability Exercise
City of Seattle’s “ALKI”
International Exercises – US / Canada
TopOff2
Livewire
BlueCascades II
TABLETOP EXERCISES UNDERSCORE CRITICALITY OF CYBER-ISSUES
7. 7 Alki –
Vulnerability Assessment Exercise
TABLETOP STYLE OF EXERCISE
FOCUS: “CYBER-TERRORISM”
AND OTHER ELECTRONIC THREATS
PARTICIPANTS
Hosted by…
City of Seattle &
SPD Emergency Preparedness Bureau
In collaboration with…
the AGORA
From City of Seattle…
DoIT, SPU, City Light, SDoT, Library,
SPD, SFD, EOC
From Other Agencies…
DoD, White House, DoE, etc.
OBJECTIVE:
ANSWERS TO THESE QUESTIONS…
What are the City’s technical vulnerabilities?
How might they be exploited?
Are there any early warning signals?
Are there any “low-hanging fruit” for mitigation?
What about long-term mitigation?
4 TEAMS:
Long Dwell
Short Dwell
Trust Team
Kill Team
Alki –
Vulnerability Assessment Exercise
TABLETOP STYLE OF EXERCISE
FOCUS: “CYBER-TERRORISM”
AND OTHER ELECTRONIC THREATS
PARTICIPANTS
Hosted by…
City of Seattle &
SPD Emergency Preparedness Bureau
In collaboration with…
the AGORA
From City of Seattle…
DoIT, SPU, City Light, SDoT, Library,
SPD, SFD, EOC
From Other Agencies…
DoD, White House, DoE, etc.
OBJECTIVE:
ANSWERS TO THESE QUESTIONS…
What are the City’s technical vulnerabilities?
How might they be exploited?
Are there any early warning signals?
Are there any “low-hanging fruit” for mitigation?
What about long-term mitigation?
4 TEAMS:
Long Dwell
Short Dwell
Trust Team
Kill Team
8. 8
9. 9
10. 10 Lessons Learned
Top Official Awareness of Cyber-Related Issues
The Value of Delegated Command and Control
Identifying Training and Education Needs
Value of Strategic and Tactical Network Architecture
Clearer Understanding of Cyber-Threat Spectrum
The Value of a Trusted Network Neighborhood
Lessons Learned
Top Official Awareness of Cyber-Related Issues
The Value of Delegated Command and Control
Identifying Training and Education Needs
Value of Strategic and Tactical Network Architecture
Clearer Understanding of Cyber-Threat Spectrum
The Value of a Trusted Network Neighborhood
11. 11
12. 12 Blue Cascades II Focus on a CyberTerrorism Event followed by a Physical Event
Blue Cascades II was Follow-onto Blue Cascades I held in 2002
Dan Verton’s Book Black Icecovers much of Blue Cascades Iresults
Blue Cascades I Centered on PhysicalAttacks & Disruptions
Infrastructure Interdependencies Tabletop Exercise
Other Players
Over 200 Participants
DHS, CERT
DoD
Medical/Hospitals
Public Safety
Logistics Companies
Canadian Government PlayersOther Players
Over 200 Participants
DHS, CERT
DoD
Medical/Hospitals
Public Safety
Logistics Companies
Canadian Government Players
13. 13 General Exercise Conclusions Scenarios Demonstrated…
Cyber attacks “Can” be Initiated by a Determined Enemy
Cyber attacks “Can” / “May” Seriously Impact Some/Many Infrastructures
But…
Cyber attacks May Not Be As “Consequential” as Explosions, Death and Destruction
Cyber attacks Can Be Defended Against with Layered Cyber Defenses, Trusted Networks, etc.
14. 14 Current Analysis & Opinions The Terrorists Need the Internet and Cyberspace
Command and Control
Coordination and Communications
Recruiting
Training
Fundraising – via Cybercrime, ID Theft, and Even “Legitimate” Donations
Evangelizing
Conclude: No Advantage to Strategically Impacting Cyberspace – but Maybe Tactical/Localized Focus & Benefit
15. 15 Example: www(.)arabteam2000-forum(.) com Technical Mujahid, A Training Manual for Jihadi’s
Steganography – Hiding Secrets Inside Images
Designing Jihadi Websites from A-Z
Secrets of Mujahideen – First Islamic Encryption Software
Video Technology
Next Issue…
Jihadi Forums and Secure Surfing on the Internet
How to Bug Cellular Phones
16. 16 Opinions on Terrorists and Cyber Cyberterrorism Has Appeal
Anonymous
“Global” Target
Psychological Impact
Media Appeal
Cyberterrorism Has Drawbacks
Defenses by Infrastructure Owners and Managers
May Not Result in Optimal Psychological Effect
Anonymity Can Be Troublesome
The Internet and Cyber are Key Tools for the Terrorists
17. 17 What Do We Do? Plan for Cyberterrorism – Maintain Your Defenses
Plan for Violent Terrorism with Cyber “Softening” Attacks
Study the Enemy – Learn Their Tactics for Physical and Cyber Attack Vectors
Think Outside the Box -- How Can a Terrorist Take Advantage of My Network and the Internet?
18. 18
19. 19 References “Terrorism Monitor,” The Jamestown Foundation, March 29, 2007
“Cyberterrorism,” Gabriel Weimann, United States Institute of Peace, December 2004
“Examining the Cyber Capabilities of Islamic Terrorist Groups,” Institute for Security Technology Studies, Dartmouth University, November 2003
“Wikipedia Becomes Intelligence Tool and Target for Jihadists,” Thomas Claburn, Information Week, March 22, 2007
Mr. Kirk Bailey, CISO University of Washington and Past CISO for the City of Seattle (Brainchild of Alki Exercise)