A vision for the future of Huntsville

1

Agenda

UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr.

Robertson Discussion

• Mission Statement• Vision• Organization• Direction/Charter for Working Group

Action Items• Document IPT preferences• Next working Group Meeting - UAH 8:30 – 10:00

Adjourn

2

Secure the Cyber Mission for Huntsville

UAH Welcoming Comments

Mayor Battle Introduction

Agenda

UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr.

Robertson Discussion

• Mission Statement• Vision• Organization• Direction/Charter for Working Group

Action Items• Document IPT preferences• Next working Group Meeting - UAH 8:30 – 10:00

Adjourn

5

Secure the Cyber Mission for Huntsville

Cyber: A National Vulnerability

“I believe that the dawn of cyber attacks and cyber defense is going to have the same impact on relations between nations that the dawn of nuclear weapons had.”

“The threat of cyber attack is very real and it is available not only to nations but to groups of individuals who may or may not be sanctioned by nations, and to criminals, and to terrorists.”

“Cyber attack and cyber defense are here to stay. We as a nation are ill prepared for it, as is every other nation.”

- General Peter Pace, USMC (Ret), former Chairman of the Joint Chiefs of Staff

Huntsville is the U.S.’s #2 target for foreign intelligence efforts

6

Why Cyber Huntsville?Our Value Proposition

History of Leadership on the National Stage: Space, Missile Defense, Intelligence, and Modeling and Simulation

Agile, Responsive, and Mutually Supportive Community• Industrial Base Partners With Significant Technology Capabilities• Cyber Capabilities (Labs, Workforce, Technology) Available• Educational Institutions With IA/Cyber Programs• Strong Support From Local and National Elected Officials

Unmatched Technology Base and Cleared Workforce

Experts in Solving Complex System Level Problems• Superb System Engineering Talent Readily Available

Very Competitive Cost of Living That Reduces Total Costs to Customers

Leveraging Huntsville’s collective intellectual capital to solve the most pressing problem of our time… protecting the national cyber infrastructure

7

Cyber Huntsville Approach

Secure the Cyber Mission for Huntsville

• Leverage What Huntsville Does Best - High-technology

Solutions to Complex Problem Sets

• Focus on the Critical Cyber “Hard Problems”

• Leverage the Community’s Proven Cyber Leaders

• Harness the Power of Partnerships

• Execution Via an Agile and Flexible Organization Oriented

on Achieving Measurable Results

• Involve Participants With “Skin in the Game”

Identify – Partner – Innovate – Solve

Why Should We Pursue?Benefits of Cyber Huntsville

Government

• Integral part of the national cyber infrastructure

• Expand RDT&E capabilities in cyber

security

Industry

• Enhanced Capabilities

Academia

• Expand competitive position

• Careers for graduates

Cyber Huntsville: Builds on Huntsville’s nationally-recognized talent pool and experience with focus on cyber R&D, M&S, engineering, T&E and experimentation

Value to the Community

Creation of local jobs

Influx of cyber talent

Diversify community capabilities

Workforce enhancement

Collaboration

9

Draft Vision Statement

By 2015 Huntsville will have a thriving Cyber Center:• HSV will be part of the $800 billion Global Cyber market• The city will be recognized Nationally and

Internationally as a leader in Cyber R&D, M&S, engineering, T&E, and experimentation

• Local academia will be producing cyber graduates from degree and certificate programs

• There will be a thriving and close-knit network of Government, Academia, and Industry working all aspects of Cybersecurity

HSV will be an integral part of the national cyber infrastructure and activities

10

Draft Mission Statement

• Build A Cyber Center Of Excellence With Global Reputation And Global Reach Through A Collaborative Community Effort

• By Creating The Cyber Center, Bring Cyber Work To Huntsville And Execute This Work In Huntsville

• By Creating The Cyber Center, Leverage Huntsville’s Collective Intellectual Capital To Solve The Critical Challenges Facing The National Cyber Infrastructure

An Internationally Recognized Cyber Leader ThatServes DoD, Other Federal Agencies, And Commercial Markets

11

Common Goals & Objectives

Huntsville Chamber Regional Economic Growth – 7 initiatives

1. Grow & Preserve the Huntsville Region’s Existing Economic Base, Business Climate and Business Culture

2. Recruit Targeted Businesses3. Grow the Community’s Defense and

Aerospace Assets4. Support efforts to ensure there is

adequate quality and quantity of workforce to meet employer needs

5. Community Image Enhancement6. Develop the Capacity for New and

Sustained Economic Growth7. Be Accountable to Our Investors

Draft Cyber Huntsville Objectives

• Support the Creation and Growth of

Innovative Cyber Technology

• Develop a Huntsville Pipeline for

New Cyber Talent and Workforce

Development

• Advance Cyber Policies to Position

Huntsville for Enhanced National

Leadership

• Ensure the Sustained Growth and

Future Competitiveness of

Huntsville’s Cyber Industry

12

EW

FME

Certification and

Accreditation

Incident

Response

Secure Network

Engineering

IT Security

IOC2

ISR

RF Collect

CNE

Foreign

Signals

GIS

CNA

CND

Skill Assess

and Training

Cyber Tools

Cyber Labs

Cyber Training and Testing

CND

Network Infrastructure

Attack Vectors

SNMP Community

String Dictionary Attack

with Spoofing to

Download Router\

Switch Configuration

Build New Router

Configuration File to

enable further privilege

escation

Upload New

Configuration File

Using Comprimised

SNMP RW String

UNIX NetMgt Server

Running NIS v1

Ypcat -d <domain>

<server IP> passwd

Grab shadow file hashes

Crack Passwords

Access Server

Directly

Exploit ACL Trust

Relationship

Attack SNMP\Telnet\SSH

Find NetMgt

passwords and

SNMP config files

Discover Backup

HW Configs

Crack Passwords

HP OpenView Server

Enumerate Oracle

TNS Listener to

Identify Default SID’s

Further Enumerate

Oracle SID’s to

Identify Default

DBA System Level

Accts\Passwords

Login to Oracle DB

with Discovered DBA

Privilege Account

Run Oracle SQL

CMDs

Execute OS CMDs

Add New

Privileged OS

Account

Crack Passwords

Further Enumerate

Oracle SID’s to

Identify User Accts.

Perform Dictionary

Attack

Execute OS CMDs from

Oracle PL/SQL

Attack Network from DB

Run Oracle SQL CMDs

Execute OS CMDs

Find NetMgt Passwords,

SNMP info, OS password

files

Network Mgt Application

Attempt to Login Using

Default Login\Password

Reconfigure

Router or Switch

MITM

ARP Poisoning

Sniffing

Capture SNMP Community

Strings and Unencrypted

Login\Passwords, Protocol

Passwords

Configure

Device for

Further

Privilege

Escalation

Telnet\SSH

Dictionary Attack

Router\Switches\

NetMgt Server

Inject New Routes

Or Bogus Protocol

Packets

Use New Privileged

OS account to

Escalate Privileged

Access to Network

Own Network

Infrastructure

Own Network

Infrastructure

Own Network

Infrastructure

Own Network

Infrastructure

Own Network

Infrastructure

Own Network

Infrastructure

Subsystems Characterized

RF and EO/IR Sensors and Detectors–Antennas–Phased Arrays–Transmitters–Receivers–Signal

Processors–Operator Displays and Controls–Data-links–Computers–Software Algorithms–RF and

EO/IR Missile Seekers–Warheads–Proximity Fuzes–Autopilots–Inertial Instruments–Altimeters–

Guidance Computers–Propulsion Systems–Airframes and Control Surfaces–Power Systems

TheCyber Domain

Testing and Analysis

Cyber M&S

Kill Chain Development

ProcessExploitation

Supply ChainExploitation

AlgorithmExploitation

• IA Architecture and Integration

• Security Assessments

• Technical Vulnerability Assessments

• Information Systems Security Engineering

• Network Voice/Video/Data Systems

Engineering

• Strategic Security Program Development

• Security Product Implementation

• Cyber-security Modeling and Simulation

Cyber Domain

13

NOC’S

Cyber Analysis Capabilities

Ground-based, Ship-borne, and Airborne Radar Systems

-- Guided Missiles and Rockets

Electronic Warfare (EW) Systems -- Command, Control,

Communications, and Computer (C4) Systems

Cyber Huntsville’s Core Mission

14

Huntsville Cyber

Capabilities and Facilities

Weapon Systems

Systems Engineering

Talent

Weapon Systems

HWILSIL

Federal Agencies/ Organization

SMDCAMCOMAMCNASA

SEDMSICTSMOTVA

Cyber Intelligence Exploitation

NSA

IC

Cyber Systems RDT&E

HSV

Government & InfrastructureDefense (CND)

DHS

Cyber Operations

USCYBERCOM

DoD

Role of Cyber Huntsville in the National Cyber Network

Huntsville CanProvide Cyber:

• R&D• M&S• Engineering• T&E• Experimentation

…To fight in a degraded cyber environment… To protect infrastructure

Common Goal: To establish dominance in cyberspace to

assure our critical infrastructure and national security

15

Constructing Cyber Huntsville

Build upon the teamwork and cooperation found in the Huntsville area to establish a Cyber alliance

Leverage Huntsville’s cyber technology capabilities and significant, on-going cyber projects of national scope

Draw upon the existing DoD, Federal, State, academic, and industry capabilities in technology, science, and services to build Huntsville as a Cyber Center of Excellence

Serve as a regional center of cyber expertise, products,and services

• Build locally and serve regionally and Nationally

Huntsville has been a Missile and Space Town for decades ---- It’s time to leverage the engineering, science, and R&D capabilities to become a Cyber Town

16

Elements of Cyber Huntsville

We are all Cyber warriors – our objective is to fight through the attack

17

Cyber System Engineering Elements

Cyber Engineering

Process

Cyber Threat Definition

Cyber Attack Scenarios

Cyber Tech Dev/Design

System Design & P3I

Cyber System Analysis

Cyber M&S

Cyber Susceptibility

Analysis

Cyber Testing & Forensics

Cyber Defensive

Concepts & Designs

Cyber Validation (re-

test)

System Performance

Validation

Operational Implementation & Training

Integrated Cyber Domain

Cyber requires highly integrated capabilities

• No stovepipes

• No hierarchies

Individual Organizations must leverage capabilities from others to be effective

This requires a high level of coordination across the functional areas of Cyber

Huntsville Has All The Capabilities Necessary To Address The Cyber Challenge

19

CyberspaceEcosystem

Defense

HumanCapital

Governance

Execution

OffenseIntelligence

R&D

M&S

Organizational Concept

20

Cyber Huntsville

Advisory Panel

Cyber Huntsville

Working Group

Tennessee Valley Cyber Community

Advisory Panel

Requested to serve and provide advice• “Small” Group to Advise the Cyber Huntsville initiative• Senior Level Participation by Key Organizational Stakeholders.

Provides Emphasis Within Their Organizations and within the community

• Zealots for the Initiative• Influence In and Out of Huntsville• Interface and be responsive to elected officials• “Policy-level” guidance / strategy for implementing Cyber Huntsville

Actions• Approve Cyber Huntsville initiative charter (Drafted by WG)• Provide Strategic guidance and direction for Cyber Huntsville

Working Group activities• Promote / advocate the Cyber Huntsville mission

21

Advisory Panel Met on 19 November

Action Items

• Approved the Organizational Approach

• Appointment Advisory Group Chairperson (In Process)

• Designate Working Group representatives

• Identify any Specific Guidance for Working Group

• Schedule Next Meeting – Early Feburary

22

Working Group

WG Charter approved by Advisory Panel

Takes strategic guidance from the Advisory Panel

Executes the day-to-day activities of Cyber Huntsville Initiative

• Larger Group of Executers

– Enthusiastically support Cyber Huntsville initiative

– Focused on cooperation and collaboration – one team!

– Organizes and executes Community outreach and conferences

– Study other “Cyber City” initiatives (best practices & lessons learned)

• Composed of known Community Cyber leaders

Provides Reports/updates to Advisory Group Meetings

Near Term Actions• Develop group charter for Advisory Group’s approval• Develop the Cyber Huntsville Action Plan• Develop the Cyber Huntsville Strategic Roadmap for Advisory Group

Approval• Document Current Huntsville Cyber Requirements (government and

commercial) and Huntsville’s Current Cyber capabilities

23

Working Group

24

Federal/DoD Organizations That Are Executing Cyber Tasks Companies With Significant Cyber Capabilities and Cyber Investments in Huntsville Educational Organizations Teaching Cyber Courses or Conducting Cyber Research Security and Law enforcement organizations involved in Cyber Security in Huntsville

Chair: Dr. Rodney Robertson Co-Chair: TBD

Working Group 1. Day-to-Day Operations of the Cyber Huntsville Activities2. Frames Issues for Advisory Council/Mayor’s Decisions 3. Coordinates Cyber Initiatives Across the Community

Local Government Mayors Office Chamber of

Commerce County

Commission Legislative

Delegations

Federal SMDC SED AMCOM NASA MSIC AMC TSMO TVA

Industry Small Medium Large

Academia UAH Auburn A&M Calhoun

Other FBI Infraguard Local NCIS 902d DSS

Working Group Expectations

Time Commitment• Priority

• Monthly Working Group meetings for integration and coordination

• IPT meetings for products

Focus on Delivering Products• IPT Timeline

IPT Membership• Primary and alternate

– Survey

▪ Short bullet about unique qualifications

▪ Complete survey prior to leaving today’s meeting or make arrangements to provide information ASAP

25

Working Group IPTs

Executive IPT – IPT Chairs

Marketing IPT – Outreach, website, branding

Event IPT – event planning and management

Facilities IPT – Canvas existing labs, lab connectivity, define requirements for Redstone Gateway

Organization IPT – model, management, funding

Economic Development IPT – strategic relationships, program capture strategy, tour/visits with like community initiatives

Capability Development IPT – identify skills requirements (needed and existing) to accomplish mission.

Draft Objectives

Short-Term Objective (90 to 120 Days)• Establish Charter and Get Organized• Clearly Define the Huntsville Value Proposition• Establish and Approve Goals, Objectives, and Timelines • Define Our Cyber Focus (CNA, CND, CNE)• Gain Community Consensus on Path Forward• Draft the Outreach Plan and associated Marketing Plan• Organizes and executes Community outreach and conferences

Mid-Term Objective (6 to 12 Months)• Finalize Value Proposition and Cyber Huntsville Focus• Launch Outreach and Publicity Campaign• Identify and Execute Low-Hanging Fruit Opportunities • Secure Financial Commitments/Decisions for the Gateway Building

Long-Term Objective (1 to 3 Years)• Build a State-of-the-Art Cyber Security Collaboration Center• Capture a Major DoD Cyber Program• Capture a Significant Non-DoD Program

27

Potential Low Hanging Fruit

Host a Cyber Conference in Huntsville• Showcase Huntsville Cyber Capabilities• Let the Cyber Community Know What We are Doing

Conduct a Cyber Table Top Exercise for the City• Use Crawl, Walk, Run Approach• Include Redstone, Regional And State Agencies

FBI Regional Computer Forensics Laboratory• Cyber Counterintelligence and Criminal• One Stop Full-service Forensic Lab and Training Center Internet Crimes Trade Secrets Theft Cyber Terrorism Foreign Intelligence Collection Interaction With State and Local Authorities

• Why Pursue Currently No Center in Southeast U.S. Huntsville Is #2 Priority for Foreign Cyber Collection/Targeting Some Past Congressional Interest (Shelby’s Office) Effort Needs Some New Momentum That Cyber Huntsville Can Provide

28

Cyber Huntsville Takeaways

Secure the Cyber Mission for Huntsville

Leverage What Huntsville Does Best - High-technology Solutions to Complex Problem Sets

Focus on the Critical Cyber “Hard Problems”

Leverage the Community’s Proven Cyber Leaders

Harness the Power of Partnerships

Execution Via an Agile and Flexible Organization Oriented on Achieving Measurable Results

Involve Participants With “Skin in the Game”

29

Identify – Partner – Innovate – Solve

Timeline

19 November - Advisory Panel Kickoff

13 January - Working Group Kickoff• 18 January – Map IPT membership and chairs

• 25 January - Meet with IPT chairs

• 1 February - Next working Group Meeting, UAH 8:00 – 10:00

Early February – Advisory Panel Meeting • Draft Charter

• IPT Membership

Community Outreach Briefings• 10 Dec HAMA

WG Roadmap Draft• TBD (2011) – Cyber Event

Brief Roadmap to Advisory Panel

Agenda

UAH Welcome Mayor Battle Introduction Cyber Huntsville Briefing to Working Group – Dr. Robertson Discussion

• Mission Statement• Vision• Organization• Direction/Charter for Working Group

Action Items• Document IPT preferences– Short bullet about unique qualifications

• Next working Group Meeting - UAH 8:00 – 10:00

• Adjourn

31

Secure the Cyber Mission for Huntsville

Discussion32