CSFI Defensive Cyberspace Operations and Intelligence (DCOI)
See below for pictures of previous DCOI events
See below for pictures of previous DCOI events
CSFI has recently completed development of their proprietary Cyber Tabletop Exercise format. This is the result of months of hard work by project members around the globe. The purpose of this tabletop exercise is to highlight the need for leveraging relationships and fostering collaboration to strengthen the cyber security posture of the international community. The lessons learned from this tabletop exercise will be applied by the cyber security community in an effort to create and change policies.
The first iteration of this tabletop exercise program was delivered at the Internetdagarna conference in Stockholm, Sweden on 24 October 2012, thanks to the help of CSFI Gold Sponsors CyTech Services, George Washington University, Stellar Solutions, and L3. At this conference, the distinguished panel participated in a spirited discussion on cyber warfare scenarios involving critical infrastructure, financial infrastructure and various issues arising from the employment of cyber weapons in today's world.
The panel, consisting of both Swedish and American experts, was able to create a wonderful dialogue discussing issues including matters of strategic communication, application of international laws and treaties to cyber issues, safety and security of a population and national security. Not only did the tabletop exercise provide the opportunity for conference attendees to learn from experts, but it also provided the opportunity for conference participants to interact with the panel through an audience question and answer session. Through the audience interaction, greater attention was able to be placed on local issues and issues that were of concern to conference attendees.
Despite the difference viewpoints, all participants could agree that the exercise highlighted the need for further integration and collaboration, not only across borders, but also amongst the stovepipes of information that are sometimes created between government, military, industry and academia. A post-conference "lessons learned" document will be prepared and distributed to the international community.
The Cyber Security Forum Initiative (CSFI) is a non-profit organization headquartered in Omaha, NE and in Washington, DC with a mission "to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training to assist the US Government, US Military, Commercial Interests, and International Partners." CSFI was born out of the collaboration of dozens of experts, and today CSFI is comprised of a large community of nearly 18,000 Cyber Security and Cyber Warfare professionals from the government, military, private sector, and academia.
CSFI is founded on 3 main pillars supporting our mission: Collaboration, Knowledge-Sharing, and Training/Education. Our collaboration efforts have helped to break down stovepipes and "closed networks" that exists inside government and industry to enable greater information sharing and increased capabilities. We practice what we preach and have developed a capability to collaborate on special projects to breakdown, decompose, and develop threats and topics to create white papers, analytical products on unique and sophisticated cyber attacks, and not only show problems, but solutions. Such collaboration has created countermeasures that promote a stronger cyber national security posture.
Complimentary to our collaboration efforts, CSFI is engaged in creating Cyber Warfare training materials to promote a stronger background for our men and women in uniform and also throughout the cyber security community. CSFI is in a unique position to attract some of the foremost Cyber Warfare Strategists, Hackers, and Intelligence Professionals to develop high caliber training on a topic that has yet to be fully defined, let alone explored and explained.
For additional information please contact Nicholas Andersen, CSFI Chief Security Officer. nicholas.andersen@csfi.us
Download Lessons Learned Document
Nicholas Andersen, CSFI Chief Security Officer
This past week (Dec 10-14) CSFI participated in a Limited Object Experiment (LOE) on Cyber Defense which was organized by the Subdivision of Research and Lessons Learned Department under the Spanish Army's Training and Doctrine Command. The University of Granada and companies such as ISDEFE, S21Sec, Voice, Cidites, INTECO, Innotec, Repsol, Syntagma, Indra, etc. also took part in the tactical part of the exercise as part of the attack platform or as Subject Matter Experts (SMEs).
The cyber scenario included a UN peacekeeping operation in which NATO was in charge of stopping violence and civilian deaths due to the instability. One of the multinational Brigades deployed in the fictitious failed state, has been led by the Spanish military. One of the purposes of the exercise was to explore the cyber vulnerabilities, and provide recommendations to enhance cybersecurity through lessons learned and group discussion with the participating SMEs. In this scenario one of the nations contributing to the operation failed to follow the agreed upon directive on cyber strategy.
CSFI provided the geopolitical scenario for their tactical exercise.
In the tactical part of the exercise the federated mission network was victim to several cyberattacks namely website Defacements, DDoS attacks, SQL injection, Man in the middle, VoIP traffic capturing, GPS deception, etc.
One of the featured tools used in the experiment was a Security Incident & Event Management (SIEM) tools based on Open Source Software Architecture.
Download Event Document Descargar Documento Evento
Dr. Lydia Kostopoulos, CSFI Communications and Outreach Coordinator (Europe)
On May 6th, 2013 CSFI will be running a Table Top Cyber Exercise in Spain in association with ISDEFE which will explore cyber vulnerabilities to critical infrastructures.
Get in touch with CSFI's Communications and Outreach Coordinator for more information: Lydia Kostopoulos, PhD Lydia.k@csfi.us
El 6 de mayo, 2013 CSFI va a presentar un ciberejercicio en formato Table Top en España en asociación con ISDEFE que va a explorar los cibervulnerabilidades que enfrentan infrastructuras criticas.
Para más información ponganse en contacto con la Coordinadora de Comunicaciones de CSFI: Lydia Kostopoulos, PhD Lydia.k@csfi.us
CSFI Lecciones Aprendidas Mayo 2013 G1 CSFI Lecciones Aprendidas Mayo 2013 G2
Continuing with the fruitful collaboration already in place since 2012 between the Spanish Armed Forces and its cyber-partners, CSFI prepared cybersecurity training material for the EUFOR Mission in Bosnia and Herzegovina related to the cyber-awareness in the Balkan area. The material was presented during a comprehensive-approach operations seminar by the Spanish Advisory Team on August 29th, 2013, to the representatives of the BiH´s Joint Staff, TRADOC and numerous tactical units, alongside a series of lessons learned and practical recommendations targeted to follow on the right track to BiH's full integration in NATO/UE.
Dr. Lydia Kostopoulos, CSFI Communications and Outreach Coordinator (Europe)
Presenter: IDF Col (Ret.) Gabi Siboni
Special Guest: IDF Major General Yaacob Ayish, Defense and Armed Forces Attaché US and Canada
Moderator: US Navy Admiral (Ret.) Hayes
While vulnerabilities in SS7 for tracking, interception and denial of service have been reported as far back as 2001, the overall impact of these vulnerabilities on various sectors has not been detailed publicly.
The abuse of SS7 for the purpose of attacking government officials should be considered extremely serious. Current vulnerabilities mean tracking can be performed using a cell phone number or device ID.
Post OPM hack, cell numbers are available in large numbers.
Devices for the military sector could be tracked simply because they use sequential ID's - SS7 can be used to validate the existence, location and attack these devices.
The interception of voice can be done easily using SS7, and is undetectable to, and unpreventable by the user with current technology.
Using techniques to deny data services could force users away from secure to less secure methods of communication such as GSM voice/data allowing interception.
Targeted or bulk Denial of Service of voice and data could be used to impair decision making during critical events or national disasters. For nation states in particular, attacks on a massive scale with any of the above methods can be realized and implemented with no practical defense.
The panel will discuss these issues post OPM hack and how unchecked; these vulnerabilities could directly impact the safety of officials through nation state SIGINT activity.
Moderator: Norman R. Hayes
Panelists: Mark Kelton, Les Goldsmith, Connie Peterson Uthoff, Paul de Souza, Janne Haldesten, Mr. Roger W. Kuhn, Jr., Joe Billingsley