Cyber (Supply) Chain Smoking: Identifying (Hidden) Dependencies and Failures

Event Time

Originally Aired - Monday, May 6 7:30 AM - 8:30 AM

Info Alert

Create or Log in to My Show Planner to see Videos and Resources.

Info Alert

Your account does not have access to this session.

Videos

Resources


{{video.title}}

Log in to your planner to join the zoom meeting!

{{chatHeaderContent}}

{{chatBodyContent}}

Session Recording

Info Alert

This Session Has Not Started Yet

Be sure to come back after the session starts to have access to session resources.

Event Location

Location: Sun Ballroom 3-4


Event Information

Title: Cyber (Supply) Chain Smoking: Identifying (Hidden) Dependencies and Failures

Description:

Training summary: “Worlds are colliding!” is not just another random Seinfeld reference. It is a wake-up call for all practitioners to better understand how the convergence of domains like Cyber and Physical create places for failures at scale. The objective of this training is to demonstrate and guide the attendee through these vulnerabilities and dependencies regardless of the attendees’ cyber, networking, geospatial and/or GEOINT practitioner level. Single domain threat catalogs are not enough. Multi-domain threat catalogs are required to design and operate systems that are safe, secure and resilient. By creating stakeholder relevant models, previously undocumented attack vectors, hidden dependencies, and inter-domain control gaps can be identified. Further methodologies and test scripts (called “attack packs”) will be shared which were developed to simulate multi-domain attacks, which lead to cascading failures achieving a very specific objective. This is how we Smoke Supply Chains!

Learning outcomes:  

  • Frame challenges with protecting converged multi-domain ecosystems that have (hidden) dependencies 
  • Select and model multi-domain attack vector candidates to populate a threat catalog 
  • Demonstrate three types of (novel) multi-domain attacks that lead to cascading failure and achieve a specific objective with demonstrations such as:   
  • Port disruption caused by kinetic and cyber “events” to cause market manipulation for spot traders 
  • Execution of one smart contract, some targeted DDoS and forced routing through compromised infrastructure which triggers Armageddon 
  • Key satellite falls from its orbit at the same time an undersea cable is damaged causing disaster recovery and business/operational continuity planning processes to activate compromised assets that automatically become “trusted” 
  • Attendees will map those attacks against well-known attack Matrix and provide prescriptive guidance to address each demonstrated attack. 
  • Use Creative Commons and Open-Source capabilities.

Prerequisites: None 

Type: Training


Notes

Create or Log in to My Show Planner to add notes.


Speakers


Tracks