LAB4-W12: Nation Under Attack: Live Cyber- Exercise

Similar documents
American Public Attitudes toward North Korea s Nuclear and Missile Programs

National Defense University. Institute for National Strategic Studies

SS.7.C.4.3 Describe examples of how the United States has dealt with international conflicts.

Why Japan Should Support No First Use

2 Articles on Just Published State Department Country Reports on

May 8, 2018 NATIONAL SECURITY PRESIDENTIAL MEMORANDUM/NSPM-11

CYBER SECURITY PROTECTION. Section III of the DOD Cyber Strategy

1

A Global History of the Nuclear Arms Race

Steven Pifer on the China-U.S.-Russia Triangle and Strategy on Nuclear Arms Control

SACT s remarks to UN ambassadors and military advisors from NATO countries. New York City, 18 Apr 2018

1 Nuclear Weapons. Chapter 1 Issues in the International Community. Part I Security Environment Surrounding Japan

The Iran Nuclear Deal: Where we are and our options going forward

Ⅰ Introduction Ⅱ Positioning of cyber domain in cross-domain operation. Ⅲ Cyber domain seen in China's strategy. Ⅳ Approach to Cyber Domain in Japan

Montessori Model United Nations. Distr.: Middle School Twelfth Session XX March First Committee Disarmament and International Security

SUMMARY OF NATIONAL DEFENSE PROGRAM GUIDELINES. for FY 2011 and beyond

North Korea's Nuclear Programme and Ballistic Missile Capabilities: An Assessment

Iran Nuclear Deal: The Limits of Diplomatic Niceties

Chapter 17: Foreign Policy and National Defense Section 3

Chapter 4 The Iranian Threat

Montessori Model United Nations. Distr.: Upper Elementary Twelfth Session XX March First Committee Disarmament and International Security

GREAT DECISIONS WEEK 8 NUCLEAR SECURITY

U.S. Nuclear Policy and World Nuclear Situation

NUCLEAR ARMS CONTROL: THE END OF HISTORY?

Intelligence Preparation of the Information and Communications Environment

CHINA TURKEY MISSILE DEFENCE COOPERATION

NATO s Ballistic Missile Defense Plans a game changer? February 22, 2011

Towards a European Non-Proliferation Strategy. May 23, 2003, Paris

POLICY, NATIONAL SECURITY, AND THE ROAD AHEAD

A New World. The Cold War - Part 2

Prepared Statement of GEN (Ret) Keith B. Alexander*

Montessori Model United Nations. First Committee Disarmament and International Security

Course Assistants and staff

US Nuclear Policy: A Mixed Message

Overview. Section 1 Trends in the International Community. Overview

Foreign Policy and Homeland Security

NATIONAL DEFENSE PROGRAM GUIDELINES, FY 2005-

The Cold War Conflicts

Jane's Defence Weekly. Rearming Russia. [Content preview Subscribe to IHS Jane s Defence Weekly for full article]

ASSESSMENT REPORT. The Iranian Nuclear Program: a Final Agreement

An Interview with Gen John E. Hyten

1 Introduction to ITC-26. Introduction to the ITC and DEPO. October 24 November 11, 2016 Albuquerque, New Mexico, USA Greg Baum

Foreign Policy and National Defense. Chapter 22

Statement and Recommendations of the Co-Chairs of the 3 rd Panel on Peace and Security of Northeast Asia (PSNA) Workshop

Strategic Deterrence for the Future

What if the Obama Administration Changes US Nuclear Policy? Potential Effects on the Strategic Nuclear War Plan

North Korean Nuclear and Missile Programs and Capabilities

SSUSH23 Assess the political, economic, and technological changes during the Reagan, George H.W. Bush, Clinton, George W.

Cyber Strategy & Policy: International Law Dimensions. Written Testimony Before the Senate Armed Services Committee

We Produce the Future

NUCLEAR ARMS CONTROL: CHALLENGES AND OPPORTUNITIES IN Steven Pifer Senior Fellow Director, Arms Control Initiative October 10, 2012

CAPT Jody Grady, USN USCYBERCOM LNO to USPACOM

Importance of Export Control & Japan s Export Control

Unit Six: Canada Matures: Growth in the Post-War Period ( )

Statement of Vice Admiral Albert H. Konetzni, Jr. USN (Retired) Before the Projection Forces Subcommittee of the House Armed Services Committee

Activity: Persian Gulf War. Warm Up: What do you already know about the Persian Gulf War? Who was involved? When did it occur?

SIMULEX November 13-14, The Fletcher School, Tufts University. Crisis in the Western Pacific/East Asia Region

Nuclear Forces: Restore the Primacy of Deterrence

THAAD and the Military Balance in Asia

Issue 16-04B (No. 707) March 22, THAAD 2. CHINA S CORE KOREA POLICY 3. UN SANCTIONS WHICH ONE NEXT? 5.

Policy Responses to Nuclear Threats: Nuclear Posturing After the Cold War

Great Decisions Paying for U.S. global engagement and the military. Aaron Karp, 13 January 2018

CHAPTER 18 SECTION 2: THE COLD WAR HEATS UP

World History

United States Russia United Kingdom France China 450 Minuteman III: SS-18: 54 SS-19: 30 SS-25: 90 SS-27: 78 RS-24: 72

Reaffirming the Utility of Nuclear Weapons

Chapter 20 Section 1 Mobilizing for War. Click on a hyperlink to view the corresponding slides.

Role and Modernization Trends of China s Second Artillery

Executive Summary The United States maintains a military

This report is a product of the Defense Science Board (DSB). The DSB is a Federal Advisory Committee established to provide independent advice to the

The Necessity of Human Intelligence in Modern Warfare Bruce Scott Bollinger United States Army Sergeants Major Academy Class # 35 SGM Foreman 31 July

Simulation - The conflict between North Korea and the U.S.

provocation of North Korea

The Logic of American Nuclear Strategy: Why Strategic Superiority Matters

U.S. Nuclear Strategy After the 2010 Nuclear Posture Review

Issue Briefs. The UN Sanctions' Impact on Iran's Military

INSS Insight No. 459, August 29, 2013 US Military Intervention in Syria: The Broad Strategic Purpose, Beyond Punitive Action

Moving Beyond Missile Defense and Space Weapons (MBMDS)

Electronic Warfare and Satellites Challenges in Assuring Space Capabilities

Guided Notes. Chapter 21; the Cold War Begins. Section 1:

Iran's Military Forces and Warfighting Capabilities

Chapter 2: The Nuclear Age

Origins of the Cold War

1. The number of known arms producers has doubled after the end of the cold war.

Chapter 17: Foreign Policy and National Defense Section 1

Indefensible Missile Defense

Assessing Technologies using Campaign Analysis and War Gaming: The Warfare Innovation Continuum at NPS

OHIO Replacement. Meeting America s Enduring Requirement for Sea-Based Strategic Deterrence

1. INSPECTIONS AND VERIFICATION Inspectors must be permitted unimpeded access to suspect sites.

Rethinking the Foundations of the National Security Strategy and the QDR Seminar Series 20 May 2009 Dr. Lewis A. Dunn

The best days in this job are when I have the privilege of visiting our Soldiers, Sailors, Airmen,

The Korean Peninsula situation after the UN resolution 2270 Wang Junsheng

Origins of the Cold War

Section 4 Outer Space and Security

Perspectives on the 2013 Budget Request and President Obama s Guidance on the Future of the U.S. Nuclear Weapons Program

Nuclear Disarmament Weapons Stockpiles

Terms. Administration Outlook. The Setting Massive Retaliation ( ) Eisenhower State of the Union Address (2/53)

Army Experimentation

Ch 25-4 The Korean War

It is now commonplace to hear or read about the urgent need for fresh thinking

Transcription:

LAB4-W12: Nation Under Attack: Live Cyber- Exercise A sophisticated cyberattack is in progress against the United States. Multiple industries are impacted and things are about to get much worse. How will government and industry work together with international partners to face the challenge and respond to an adaptive and innovative adversary? Facilitators: Dmitri Alperovitch Co-Founder and Chief Technology Officer, Crowdstrike Non-Resident Senior Fellow, Atlantic Council Jason Healey Senior Research Scholar, Columbia University SIPA Non-Resident Senior Fellow, Atlantic Council With Beau Woods Deputy Director, Cyber Statecraft Initiative, Atlantic Council

Overview For the third installment of the RSA Conference s Live Cyber Exercise: Responding to A National Crisis wargame, four tables of participants representing different segments responded to a scenario exploring a disruption of the 2020 US elections by North Korea. The group included senior US government officials from the Department of State, Department of Defense, White House, and Department of Justice, as well as industry cybersecurity executives and experts. The event was organized by Dmitri Alperovitch, Co-Founder and Chief Technology Officer (CTO) at CrowdStrike as well as a Nonresident Senior Fellow at the Atlantic Council think tank, and Jason Healey, also a Nonresident Senior Fellow at the Atlantic Council and a Senior Research Scholar at Columbia University. Beau Woods, the Deputy Director of the Atlantic Council s Cyber Statecraft Initiative, helped to moderate the event. Scenario Summary The live cyber-exercise explored the consequences of a repeat of the 2016 elections to give participants the chance to respond against a hypothetical attempt in 2020 by the North Koreans to impact US elections. Four groups were involved in simulating responses during the wargame: US government team of current and former officials Private-sector team with executives from cybersecurity and critical infrastructure companies, vendors, and platform companies Media team of prominent journalists Adversary team made up of cybersecurity executives and former officials playing the role of the North Koreans to bring another level of interactivity to the wargame During the simulation: 1. By 2020, there have been numerous election hacks around the world, not just in the United States, but also Germany, France, and South Korea. In response to North Korean nuclear weapons, the United States and South Korea re-introduce nuclear weapons to the peninsula. 2. The US political parties are again hacked with massive amounts of data and emails deleted. The Intelligence Community has a high degree of confidence that North Korea is responsible for the incidents. 3. A never-before-heard-from hacktivist group declares that they were the hackers behind the hacks and starts contacting media pitching them the hacked materials, though many look doctored. 4. The private sector identifies intrusions into voting-machine companies, both in the United States and other OECD nations. It is not known if the intruders have been able to affect production code. 5. Finally, the North Koreans confirm they were responsible. 2

Lessons Learned The teams representing the US government and the media drove the response to the scenario. Both demonstrated a keenness to demonstrate lessons learned from the 2016 elections. The US government team was willing to rapidly escalate as the scenario progressed, as it was only a few months until the election, and the North Korean attempts at sabotage were growing increasingly brazen and the Intelligence Community had quite high confidence in their attribution. The media team was exceedingly cautious in using any of the leaked document, since some were clearly doctored. This also helped prevent them being manipulated away from focusing on the main story of adversaries attempting to sabotage an election. Through the exercise, it was clear there are robust, existing processes and organizations to respond to major attacks. 3

SESSION ID: LAB4-W12 Nation Under Attack: Live Cyber-Exercise 1 Dmitri Alperovitch Co-Founder and CTO, CrowdStrike Senior Fellow, Atlantic Council @DAlperovitch Jason Healey Senior Fellow, Atlantic Council Senior Research Scholar, Columbia University @Jason_Helaey

Exercise-Based Learning Cyber 9/12 Part conference, part exercise Some play, some observe: all learn Third lab at RSAC USA Two labs at RSA Abu Dhabi 2

Part of Cyber 9/12 Series

Four Teams FIX TOMORROW Government: You are playing the role of a policy committee reporting to the NSC. Key questions: What is the impact of the attacks? How should the nation use its levers of power to succeed in the cyber crisis forced upon it? Cybersecurity: You are playing the role of volunteers and cybersecurity companies called in to help the affected organizations. Key questions: What is the impact of the attacks and what steps can non-states take? What are the next steps to mitigate this attack and prepare for what might be next? Media: You are playing the role of the media Key questions What is the impact on people s opinions from the incident? How do the facts and analysis get reported accurately and convincingly? What is the media s role? Adversary: You are playing the role of the adversary nation or non-state group which is using cyber power against the United States Key questions: What next step might an intelligent adversary pursue to advance its interests, in line with its traditional means and culture?

Role of Observers Different than a normal RSAC session: listen, learn, think of questions Moderators will collect questions to ask Chatham House rule: Participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed

Today s Learning Lab 4pm: Group assembles 4:10pm: Welcome and introduction 4:15pm: First inject and discussion within groups 4:30pm: Brief recommendations 4:45pm: Second inject and discussion within groups 5pm: Brief recommendations 5:15pm: Third inject and discussion within groups 5:30pm: Brief recommendations 5:40pm: General discussion on the results of the simulation and concluding remarks 6pm: Conclude, commence socializing in earnest

SCENARIO - Inject Zero It is now March 2019

SCENARIO Scenesetter (1) North Korea successfully tested an ICBM clearly capable of reaching the west coast of the United States with a nuclear warhead. Kim Jong Un boasts that California could be a sea of fire at his command. He also appears at tests of submarine-launched nuclear-tipped missiles. US and South Korean governments respond by re-introducing tactical nuclear weapons to the US airbases in the peninsula, ramping up advanced missile defenses in the south, and instituting a naval blockade against the North. North Korean mouthpieces are clear this will lead to war. A Japanese minister mentioned in passing that the country should consider its own nuclear force and there was little public outcry. China has been growing in strength and constantly testing the United States, Japan, Australia and the smaller ASEAN nations through provocations in the South China Sea and elsewhere. The One Belt - One Road initiative has continued to gain strength. Chinese cyber espionage is again at a very high tempo, though mostly focused on political and military (not significantly commercial) intelligence. There has not been any major Sino-US falling out, though the US re-introduction of nuclear weapons to South Korea (and possible Japanese inventory) go against a specific red line of Xi Jinping. Iran has returned to disruptive cyber attacks with a vengeance after the collapse of the JCPOA nuclear deal and US military campaigns to raid Iranian flagged vessels possibly carrying contraband and the apparently targeted killings of Revolutionary Guard leadership in Yemen. In the aftermath, the Revolutionary Guard came away with significant new funding and standing as the new Supreme Leader has long been associated with their goals. Both Israel and the US administration have threatened to use nuclear weapons against the Islamic Republic if Iran were to use (or, depending on the wording of the threat, even to field) their own nuclear weapons. Russia has continued to force its belligerence on Western Europe, with focused attempts to de-stabilize the Baltic states, Georgia and Poland, all of which have some degree of Russian-funded groups causing a range of mischief (and often violence). The US administration re-imposed sanctions on Russia after a falling out with Putin in late 2017 after declaring Putin had not lived up to his end of a new grand bargains. Relations between the Russian and American presidents are bleak. Islamic State is no more, though a dozen smaller groups are vying for influence in the hinterlands of Syria and Iraq. Al Qaeda remains a threat, but mostly focused on a major catastrophic attack.

FIRST ROUND - BRIEF ASSESSMENT AND RECOMMENDATIONS

SECOND ROUND - BRIEF ASSESSMENT AND RECOMMENDATIONS

THIRD ROUND - BRIEF ASSESSMENT AND RECOMMENDATIONS

Please Remember! Chatham House rule: Participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed

DISCUSSION AND CONCLUSION

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback