Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS

276 views

Published on

The Chief Technology Officer for Metova CyberCents presented on "Training the Next Generation Cyber Warrior: An Emulated, Realistic and Risk-Free Cyber Battlespace" at the TALK Cybersecurity Summit 2017.

Published in: Technology
  • Be the first to comment

TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS

  1. 1. Metova CyberCENTS – www.cybercents.comJune 15, 2017 1 Copyright © 2009-2017 by Metova Federal, LLC. All rights reserved. SLAM-R Copyright © 2009-2017 by Metova Federal, LLC. All rights reserved. Patent Issued, Metova Federal, LLC; Patent No.: US9,246,768, January 26, 2016 – Systems and Methods for a Simulated Network Attack Generator. Patent Issued, Metova Federal, LLC; Patent No.: US8,751,629, June 10, 2014 – Systems and Methods for Automated Building of a Simulated Network Environment. Patent Issued, Metova Federal, LLC; Patent No.: US8,532,970 B2, September 10, 2013 – Systems and Methods for Network Monitoring and Analysis of a Simulated Network. Additional Patents Pending 2009-2017 through the United States Patent and Trademark Office (USPTO). CYNTRS®, HOTSIM®, RGI®, VCCE®, SLAM-R®, and CyberCENTS® are registered trademarks of Metova Federal, LLC through the USPTO Training the Next Generation Cyber Workforce: An Emulated, Realistic and Risk-Free Cyber Environment Presented by: Kevin Hofstra Chief Technology Officer www.CyberCENTS.com
  2. 2. Metova CyberCENTS – www.cybercents.comJune 15, 2017 2 Agenda • Who We Are – Introduction/Background • What We Do – Cyber Workforce Development – Cyber Learning Environment Architecture – Cyber Range Ecosystem • Innovative Approaches w/ Use-cases – Internet Emulation & High Fidelity Training Systems – ICS/SCADA – Integration with Warfighting Systems • Entry into Academia Environment
  3. 3. Metova CyberCENTS – www.cybercents.comJune 15, 2017 3 Kevin Hofstra • Chief Technology Officer – Metova CyberCENTS • DoD/Federal/Commercial Cyber Services • Technical Advisor - US Air Force CPTs - 835th/837th Cyber Operations Squadrons • Communications Sector Chief - Denver InfraGard
  4. 4. Metova CyberCENTS – www.cybercents.comJune 15, 2017 4 Metova CyberCENTS Cyber Range Background • Established Technology – The First DoD Cyber Range – 3 Patents Awarded (Attack, Autobuild, Monitoring) – 3 Patents Pending (Traffic, Reconstitution, Architecture) • Services Provider – Exercise Support for Bulwark Defender, Cyber Flag, Cyber Storm II, UK Cyber Challenge, Vigilant Guard, Cyber Shield, Pacific Cyber Endeavor, I/ITSEC OBW, NCCDC, etc. • Customer Use Cases – Air National Guard Virtual Interconnected Training Environment (VITE) – Navy Cyberspace Operations Training Simulator (NCOTS) – US Army Cyber Battle Lab Collaborative Simulation Environment (BLCSE) – Joint Counter-Intelligence Training Academy (JCITA) – State/Local Government – Academia
  5. 5. Metova CyberCENTS – www.cybercents.comJune 15, 2017 5 Cyber Competitions (2016) • Florida Center for Cybersecurity • UK Cyber Challenge • ITEN Wired • Washington University • Texas A&M • FBI InfraGard
  6. 6. Metova CyberCENTS – www.cybercents.comJune 15, 2017 6 Metova Geographical Presence CyberCENTS O’Fallon, IL JCITA, Quantico, VA Rhode Island Emergency Management Agency NAVIFOR, Suffolk, VA SE-CODE, SCOTT AFB, IL CVA/H, SCOTT AFB, IL SDDC, SCOTT AFB, IL 140 COS, New Jersey Air Guard 166 COS, Delaware Air Guard 276th COS, Maryland Air Guard 229 COS, Vermont Air Guard 102 COS, Rhode Island Air Guard 189COS, Arkansas Air Guard 119 COS, Tennessee Air Guard 177 IAS, Kansas Air Guard IA EXP KS EXP Vets Oceanside Gulf Cost CC U of West FL QinetiQ – Malvern, England CyberCENTS Pensacola, FL
  7. 7. Metova CyberCENTS – www.cybercents.comJune 15, 2017 7 Cyber Warfigher Force Development Cyber National Mission Force (NMF) Cyber Combat Mission Force (CMF) Cyber Protection Force (CPF) National Combat Service Conduct military cyber operations in support of combatant commands CMT x 8 Combat Mission Team (CMT) 64 Pax each CST x 6 Combat Support Team (CST) 39 Pax each Defend DoD Information Networks (DODIN) and, when authorized, other infrastructure CPT x 20 Cyber Protection Team (CPT) 39 Pax each Defend the Nation by Seeing adversary activity, Blocking attacks and Maneuvering to defeat them NMT x 4 National Mission Team (NMT) 64 Pax each NST x 3 National Support Team (NST) 39 Pax each October 21st 2016 - 133 of U.S. Cyber Command’s Cyber Mission Force teams achieved initial operating capability How is this applicable to me?... This is likely the same problem you are trying to solve
  8. 8. Metova CyberCENTS – www.cybercents.comJune 15, 2017 8 Pathway to Cyber Workforce Development 1. The latest technology/methods 2. Interactivity (Specifically hands on) 3. Foster Innovation (In a risk-free environment) 4. Align to real-world activities and skills 5. Make it fun (Especially in a competitive environment) Read Hear Images Video Exhibits Demonstration Hands on Workshop Simulation/Modeling Real World Edgar Dale’s Cone of Experience Skills Retention: 10% of what they read 20% of what they hear 30% of what they see 50% of multimedia 70% of what they build 90% of what they teach P A S S I V E A C T I V E Verbal Receiving Visual Receiving Participating Experiencing
  9. 9. Metova CyberCENTS – www.cybercents.comJune 15, 2017 9 Emulating the Cyberspace Domain A realistic, immersive and risk-free environment for you to train, test and innovate “Highly complex and realistic cyber environments with an embedded suite of tools that enable effective control of the cyberspace”
  10. 10. Metova CyberCENTS – www.cybercents.comJune 15, 2017 10 Cyber Learning Environment Architecture 1. Remote Access Solution Provides the technologies and resources needed to enable secure and authenticated remoted access. 2. Learning Management System Provides a single sign-on collaborative learning ecosystem for tracking a CMF individual’s progress towards achieving and maintaining Cyber Mission Readiness (CMR). 3. Cyber Training Environment Provides an emulated, immersive and risk-free cyber environment available 24/7 for instruction, collaboration, TTP development, experimentation, mission rehearsal and exercising.
  11. 11. Metova CyberCENTS – www.cybercents.comJune 15, 2017 11 The Cyber Range Ecosystem • Infrastructure – Hardware (Transport, Systems & Storage) – Virtualization (Hypervisor) – Software (Licenses, Applications, Tools) • Core Services and Internet Space – NTP, DNS, Web, Email • Traffic Generation – Network User Communications, Social Media • Threat Emulation – Custom Attacks, Insider Threats, Metasploit Framework • Range Management – VMs, Monitoring, Traffic, Attack, Scenario Builder, Scoring Engine
  12. 12. Metova CyberCENTS – www.cybercents.comJune 15, 2017 12 Ecosystem as a Turn-key Solution Virtualized Resource Control • Baseline, snapshot, re-roll Scenario Builder and Timeline • Sequenced and auto playback Attack Framework • Automation for events Traffic Generation • Multiple types and configurable Unified GUI providing a single pane of glass for controlling the range ecosystem
  13. 13. Metova CyberCENTS – www.cybercents.comJune 15, 2017 13 Remote Access (IO-Range, DoD Cyber) Attack Framework Data Collectors (aka Black Cell) Simulator Engineering Support Other Simulators and Range Entities Blue Force Operators Test or Exercise Controllers (aka White Cell) Live Aggressors (aka Red Team) Traffic Generator 1000s of Domain Users Example Cyber Range
  14. 14. Metova CyberCENTS – www.cybercents.comJune 15, 2017 14 High Fidelity Cyber Domain Emulation • Emulated Internet • Dynamic Routing (75+ Routers) • True Geolocation & Attribution • Root DNS Infrastructure • NTP Infrastructure (Stratums 0-3) • Replica Websites (400+) • Vulnerable, hostile and benign: • Government, News/Media, Commerce, etc. • Dynamic and user customizable • Social Media • Social Networking (Facebook-like) • Micro-blogging (Twitter-like) • Chat/IIRC • Dynamic Injection of Vulnerabilities • Malware (Botnets/Viruses) • Attackers (Programmed or Red Team) Real-time visualization of global traffic flow and attacks
  15. 15. Metova CyberCENTS – www.cybercents.comJune 15, 2017 15 Allen-Bradley Nuclear Power HMI and PLC Emulation of Critical National Infrastructure
  16. 16. Metova CyberCENTS – www.cybercents.comJune 15, 2017 16 Cyber for Mission Planning and Execution • Operation Blended Warrior • CENTS used as a “Cyber-for-cyber” component • Cyber effects generated for: 1. Denial of service 2. Degrade streaming video 3. Jitter/Delay for voice 4. Modification of tracks
  17. 17. Metova CyberCENTS – www.cybercents.comJune 15, 2017 17 Cyber Effects within Warfighting Models
  18. 18. Metova CyberCENTS – www.cybercents.comJune 15, 2017 18 Integration with Kinetic Warfighter • CyberQuest Exercise with Army 25th Infantry BCT • Provided Grey Space and Cyber Injects – Botnet C&C/Beaconing – Phishing – Social Media – Data Exfiltration – Insider Threat – Negligent User
  19. 19. Metova CyberCENTS – www.cybercents.comJune 15, 2017 19 Coming August 2017
  20. 20. Metova CyberCENTS – www.cybercents.comJune 15, 2017 20 Capabilities Single pane of glass range management interface. Simplified GUI for scenario development, automated playback and virtualized resource control. Range Management Emulated Internet space provides interactive websites, mail servers, social media, and core Internet services (DNS, NTP, IP Routing). Simulated users provide both customized and randomized traffic profiles. Traffic Generation Automated attack framework containing over 2,000 exploits and is compatible with the Metasploit framework. Threats can be launched from any global IP source, including insider threats. Threat Emulation
  21. 21. Metova CyberCENTS – www.cybercents.comJune 15, 2017 21 mace.sales@cybercents.com
  22. 22. Metova CyberCENTS – www.cybercents.comJune 15, 2017 22 Questions? kevin.hofstra@metova.com Note: We are hiring developers and cybersecurity engineers Contact us at: careers@cybercents.com

×