Material contained herein is made available for the purpose of peer review and discussion and does not necessarily reflect the views of the Department of the Navy or the Department of Defense. ; Alan Shaffer, Commander, USN, Assistant Professor, Permanent Military Professor (PMP), Department of Computer Science, Naval Postgraduate School, Monterey, California
Military weapon systems are often built using embedded, non-IP (Internet Protocol) based computer systems that are not regularly updated and patched due to their isolation. As adversaries expand their capability to exploit and penetrate these systems, we must be able to verify they are not susceptible to cyber-attack. Currently, cyber red teams are employed to assess the security of systems and networks in isolated environments, however, this method can be costly and time-consuming, and the availability of red teams is limited. To address this need and resource shortfall, we have developed the Cyber Automated Red Team Tool (CARTT) that leverages open source software and methods to discover, identify, and conduct a vulnerability scan on a computer system's software. The results of the vulnerability scan offer possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network.
Proceedings of the 53rd Hawaii International Conference on System Sciences | 2020 ; The article of record as published may be found at https://doi.org/10.24251/HICSS.2020.820 ; Military weapon systems are often built using embedded, non-IP (Internet Protocol) based computer systems that are not regularly updated and patched due to their isolation. As adversaries expand their capability to exploit and penetrate these systems, we must be able to verify they are not susceptible to cyber-attack. Currently, cyber red teams are employed to assess the security of systems and networks in isolated environments, however, this method can be costly and time-consuming, and the availability of red teams is limited. To +ress this need and resource shortfall, we have developed the Cyber Automated Red Team Tool (CARTT) that leverages open source software and methods to discover, identify, and conduct a vulnerability scan on a computer system's software. The results of the vulnerability scan offer possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network.
Proceedings of the 13th International Conference on Cyber Warfare and Security ICCWS 2018; Hosted By National Defense University, Washington DC, USA; 8 - 9 March 2018. ; Cyberspace Is recognized as a critical domain In modern warfare. The ability of military forces to maintain and secure their own operational networks, while simultaneously degrading or denying the ability of adversaries to operate their networks, ls a critical strategic objective for military planners and leaders. Conducting effective offensive cyber operations (OCO) against sophisticated adversary networks requires the ability to develop, test, and rehearse cyber-attack actions before they are employed operationally. This requirement Is well understood and practiced In the physical warfare domains, where ships, aircraft and tanks can exercise their capabilities against physical targets; It Is not, however, well refined In the cyber domain. This research Introduces a framework to address this need, and demonstrates a prototype for cyber-attack scenario development and rehearsal In a virtual network environment. By extending the earlier work of the Naval Postgraduate School's Malicious Activity Simulation Tool (MAST), a distributed client-server based software tool designed to launch Inert malware attacks on live networks, we were able to demonstrate cyber-attack scenarios based on temporal specificity and target discrimination as attack parameters. Our prototype accurately models an adversary network In a virtual environment, providing the ability to develop cyber-attack actions to achieve specific cyber effects against hosts on the Intended target network. The architecture allows cyber forces to rehearse specific cyber actions prior to launching a cyberattack, In order to provide a more accurate assessment of the efficacy of these actions against a realistic model of the target network. This framework allows military forces to better train and prepare for cyber operations to help achieve cyber superiority In modern warfare.