Federal Friday - 5.2.14 - Alphaville: Cybersecurity's Westeros

Blog Post created by jschim Employee on May 1, 2014

Happy Friday, federal friends! I blinked on Monday and the next thing I know I'm typing up this blog. Where has the week gone? For those of you that have been impacted by the wild and dangerous weather around the country this week, I wish you all the best and a speedy recovery.


So did my title about Westeros get you? I love Game of Thrones as much as the next fan, although I do have to admit I'm holding off on the books until HBO wraps their version, but the reality is that it takes place in the land of make-believe. While we can imagine what life is like in the ever dark landscape, the fact is we'll never know what it's really like to live through the events that transpire in Martin's tomes. The same can be said when talking about cyberattacks. We read and hear about them all time, but what is it really like when a power plant is attacked? What is the impact on the citizens that fall within it's grid? Enter the Michigan Cyber Range (MCR) and the town of Alphaville.


In a great article on GCN this week Dr. William J. "Joe" Adams speaks to creating the first non-classified cyber range, spurred by Gov. Snyder's call to action around cybersecurity while utilizing the IT backbone Merit has within the state already. The focus of the article is the fictional town of Alphaville, which has been created to give folks participating in cyber-exercises at the range, a sense of the real world implications of a cyberattack on the town. The creation of Alphaville mirrors, to a certain degree, what we see soldiers go through when they go on training missions using physical structures at facilities around the country. Look at the successful raid the Navy SEALS made on Bin Laden's compound. Just like how they practiced on a similar compound layout prior to their mission to ensure it's success, the MCR takes those principals and applies them virtually. This gives a whole new context to Red Team/Blue Team exercises and can help both business sectors (public/private) as well as students give real-world context to the task at hand. So when the power plant is attacked, the lights in Alphaville go out. How'd the attacker infiltrate City Hall? You can trace their steps via the backdoor left open in the city's library.


That being said the MCR doesn't expect folks to come in 100% ready to run exercises. In addition to Red/Blue exercises the MCR also offer training and test spaces within the range. While the training is an obvious component, the prospect for organizations is to use the range as a test space for specific threats as well as products and other aspects of their networks in a safe environment. While there are other avenues that offer training within the industry, the MCR is a 501C-3 organization (non-profit) with one of their goals being to offer their services at a much lower cost. The intent is to drive participation among organizations with varying degrees of budgetary flexibility, or access to funds, to get training and experience to further the knowledge base of the security space as a whole, at an affordable cost. While this is physically locate din Michigan they are open to organizations outside the state to participate as well.  By painting a complete picture, the MCR takes professional security training to a whole new level as the entire nation scales up to the cybersecurity demands of today, and better prepares them for the threats of tomorrow.


Now back to Westeros. In a fun read from Net-Security, the article outlines 6 tips every cybersecurity professional can take away from Game of Thrones and apply them to their work-flow. I've highlighted them below but make sure to check out the article for the full breakdown of each step.

  1. The sturdiest wall may conceal a hidden passage
    • Think of your perimeter as The Wall protecting Westeros from the North.
  2. Heed the warning of ravens
    • The kingdoms of Westeros use ravens to send out critical information to each other, especially around attacks. Think of these as your logs and alerts sent out by various tools.
  3. Words carry more power than weapons.
    • The author identifies 3 characters that use their words, as opposed to their swords, to get what they want. Think of this as Social Engineering.
  4. Beware the insider threat.
    • In one of the latest episodes SOMEONE dies suddenly and given that this happened while people looked on there was no clear actor that took part in his demise. Think of this as the need to monitor those in your organization with the necessary credentials to do harm to your organization.
  5. The best training makes the best defenders.
    • The author eguates this to the training a young character must go through in the series to take on the warriors and thieves she encounters along the way. Her heart and drive are always in the right place but without training she is ill-equipped to fight off an attacker. Think of this as continued security training for your ENTIRE organization.
  6. Winter is coming.
    • This is heard throughout the saga, over and over again. George R.R. Martin's characters are referring to the White Walkers of the the north in the same scenario that we talk about breaches; not that if an attack will happen but more so when it will happen. Think of this as an oft repeated phrase I use here; Stay Vigilant.


And now, I can't believe I'm actually typing this, Joffrey offers some sage advice.


hbo animated GIF



Federal Friends! Next week we are offing a 1 hour webcast focusing on the Cybersecurity Framework. You can read the abstract and sign up for it here. Don't forget to follow our Federal Security LinkedIn page as well!