Lecture 5
Play Video |
Panel: Internet Wars 2007
DEFCON 15
Panel: Internet Wars 2007
Gadi Evron Moderator
Andrew Fried IRS
Thomas Grasso FBI
Dan Hubbard Websense
Dan Kaminsky IOActive
Randy Vaughn Baylor
Paul Vixie ISC
Continuing our new tradition from last year, leading experts from different industries, academia and law enforcement will go on stage and participate in this panel, discussing the current threats on and to the Internet, from regular cyber-crime all the way to the mafia, and even some information warfare.
In this panel session we will begin with a short introductory presentation from Gadi Evron on the latest technologies and operations by the Bad Guys and the Good Guys. What's going on with Internet operations, global routing, botnets, extortion, phishing and the annual revenue the mafia is getting from it. The members will accept questions on any subject related to the topic at hand, and discuss it openly in regard to what's being done and what we can expect in the future, both from the Bad Guys and the Good Guys.
Discussion is to be limited to issues happening on the Internet, rather than this or that vulnerability. The discussion is mostly technological and operational in nature, although last year attendees chose to ask questions directing the discussion to the legal side of things. Participants are people who are involved with battling cyber-crime daily, and are some of the leaders in the security operations community of the Internet.
Gadi Evron works for the McLean, VA based vulnerability assessment solution vendor Beyond Security as Security Evangelist and is the chief editor of the security portal SecuriTeam. He is a known leader in the world of Internet security operations, and especially in the realm of botnets and phishing as well as is the operations manager for the Zeroday Emergency Response Team (ZERT). He is a known expert on corporate security and espionage threats. Previously Gadi was the Israeli Government Internet Security Operations Manager (CISO) and the Israeli Government CERT Manager which he founded.
Andrew Fried is a Senior Special Agent with the Treasury Inspector General for Tax Administration's System Intrusion and Network Attach Response Team (SINART). His organization is responsible for investigating computer security incidents involving the Internal Revenue Service.
During his 17 year career with Treasury, he is credited with developing his agency's Computer Investigative Specialist (CIS) program, whose members are responsible for analyzing seized computers, as well as the SINART program, whose mission is to investigate computer intrusions and conduct pro-active network penetration testing.
In 1986, while working at the Kennedy Space Center, he developed one of the first suites of software programs specifically designed for analyzing seized computers. His software was distributed, free of charge, to law enforcement agencies throughout the world.
Thomas Grasso began working with computers in 1993 as a network administrator. In 1998 Mr. Grasso received an appointment to the position of Special Agent with the Federal Bureau of Investigation (FBI). After attending new agents training at the FBI Academy in Quantico, Virginia, Mr. Grasso was transferred to the FBI.s Chicago Field Office where he was assigned to the Regional Computer Crime Squad. In the fall of 2000, Mr. Grasso was transferred to the FBI.s Pittsburgh Field Office and assigned to the High Technology Crimes Task Force where he served as the FBI Liaison to the Computer Emergency Response Team Coordination Center (CERT/CC) at Carnegie Mellon University. Mr. Grasso is now part of the FBI.s Cyber Division and is assigned to the National Cyber-Forensics and Training Alliance (NCFTA) in Pittsburgh, a joint partnership between law enforcement, academia, and industry. Mr. Grasso is a 1991 graduate of the State University of New York at Buffalo, where he majored in Geological Sciences and minored in Music.
Dan Hubbard is the VP of Security Research at Websense and runs Websense Security Labs. He is responsible for all things security at Websense, including managing the Websense Security Labs that researches, analyzes, and reverse engineers malicious code, analyzes security trends, and provides research on malicious Websites and network protocols. Hubbard also defines security-related product features. He is the pioneer behind Websense's Web filtering database that supports its Security Group. Hubbard also acts as the company's security spokesperson
Dan Kaminsky is the Director of Penetration Testing for Seattle-based IOActive, where he is greatly enjoying having minions. Formerly of Cisco and Avaya, Dan was most recently one of the "Blue Hat Hackers" tasked with auditing Microsoft's Vista client and Windows Serve 2008 operating systems. He specializes in absurdly large scale network sweeps, strange packet tricks, and design bugs.
Randal Vaughn teaches a variety of courses in Information Systems. Vaughn is a widely quoted expert in the areas of cyber warfare, cyber defense, and internet threat metrics and reporting. He is on the Board of Advisors for MI5 Security and an Academic associate for the AntiPhishingWorkingGroup. He is a member of Educause, the Society for Information Management (SIM), and the Association for Computing Machinery (ACM). His work has been published in several mathematics publications and he has authored white papers such as "Using PowWow in the Academic Environment" for Tribal Voice. Previously, Vaughn worked at Mobil Exploration and Producing Services, Inc. as a computer analyst for seismic processing support. Prior to that, he was the lead designer for Vought Aircraft's Group Technology Support Software, a component of the U.S. Air Force's Integrated Computer Aided Manufacturing project. He also served in the U.S. Air Force as a project engineer and database administrator. Vaughn's operating system experience includes legacy mainframe operating systems, Microsoft Windows, Linux, and Apple Mac OS and Mac OS X operating systems.
Paul Vixie holds the record for "most CERT advisories due to a single author" which came primarily from his years hacking on BIND4 and BIND8. Later on he cut off the oxygen supply to his brain by wearing a necktie for AboveNet, MFN, and PAIX. At the moment he is President at ISC where his primary duty is to sign paychecks for the people who bring you BIND9 and F.ROOT-SERVERS.NET. He is also an occasional critic of just about everything (the blog: FM.VIX.COM).
DefCon 15 T539 Internet Wars 2007
Tags:
computer science math engineering humanities language communications business social physical economics performing arts media medicine visual aviation space video game diy electronics environment gadget mechanics random
|
Lecture 16
Play Video |
Meet the Fed
Panel 1: Meet the Fed
Jim Christy DoD
Jerry Dixon DHS
Tim Fowler NCIS
Andy Fried IRS
Barry Gundy NASA
Bob Hopper NW3C
Jon Iadonisi DoD
Mike Jacobs SRA
Tim Koshiba FBI
Bob Lentz DoD
Kevin Manson DHS FLETC
Rich Marshall NSA
Ken Privette Postal IG
Keith Rhodes GAO
Linton Wells NDU
This year we will have so many feds representing their federal agencies that we will have to break it up into two separate panels:
IA Panel: Information Assurance, CERTS, first responder's organizations from agencies including DC3, DHS, SOCOM, NSA, OSD, NDU, and GAO.
LE Panel: and Law Enforcement, Counterintelligence agencies including DC3, FBI, IRS, NCIS, NASA, NWC3, US Postal IG, FLETC, and RCMP.
Each of the agency reps will make an opening statement regarding their agencies role, and then open it up to the audience for questions.
Agencies that will have representatives include: Defense Cyber Crime Center (DC3), FBI, IRS, NCIS, NASA, DHS, National White Collar Crime Center (NWC3), Special Operations Command (SOCOM), NSA, US Postal IG, Office of the Secretary of Defense, National Defense University, Federal Law Enforcement Training Center (FLETC), and the Government Accountability Office (GAO). For the third year in a row, the "Meet the Feds" panel has gone international. We will have a rep from the Royal Canadian Mounted Police.
For years Defcon participants have played "Spot the Fed" For the 2nd year, the feds will play "Spot the Lamer" Come watch the feds burn another lamer.
Jim Christy, FX/DC3
* Dir of Futures Exploration
* Dir the Defense Cyber Crime Institute
* R&D of digital forensic tools and processes
* T&Validation of tools both Hardware & software used in an accredited digital forensics lab
* Dir of Ops for Defense Computer Forensics Lab
* LE/CI Liaison to OSD IA
* DoD Rep to President's Infrastructure Protection Task Force
* US Senate Investigator Perm Sub of Invest
* 11 years Dir of AF OSI Computer Crime Investigations
Jerry Dixon, DHS
As Director of National Cyber Security Division (NCSD) of the Department of Homeland Security, Jerry Dixon leads the national effort to protect America's cyber infrastructure and identify cyber threats. He works collaboratively and facilitates strategic partnerships with stakeholders in the public sector, private industry, and the international arena. Mr. Dixon was appointed Director of the NCSD on January 7, 2006.
Prior to being chosen to lead NCSD, Mr. Dixon served as the Deputy Director of Operations for the U.S. Computer Emergency Readiness Team (US-CERT), where he was responsible for coordinating incident response activities across federal, state, local government agencies, and private sector organizations. Mr. Dixon was instrumental in creating US-CERT, which serves America as the 24x7x365 cyber watch, warning, and incident response center that protects the cyber infrastructure by coordinating defense against and response to cyber attacks. Mr. Dixon led the initial development of US-CERT's capabilities for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities across federal, state, local government agencies, and private sector organizations, making it Homeland Security's primary element of cyber preparedness and response.
Before joining NCSD, Mr. Dixon was the founding director of the Internal Revenue Service's (IRS) Computer Security Incident Response Capability. In this role, Mr. Dixon led their operational cyber security capability for the IRS and developed their ability to detect and respond to protect American taxpayer's private information from security attacks. Mr. Dixon has also served as Director of Information Security for Marriott International, a global private sector company, where he led cyber security planning, security architecture, and security operations.
Tim Fowler, NCIS
Tim is an active duty Marine Special Agent who has worked as a Cyber Agent for the NCIS Cyber Department in Washington, DC, for the last six years. Tim has 19 years of active duty service in the U.S. Marine Corps working in the fields of military police, polygraph, criminal investigations and computer crime investigations and operations. While working as a Cyber Agent for NCIS, Tim specializes in conducting criminal, counterintelligence and counter-terrorism computer crime investigations and operations. Tim also has extensive knowledge and experience conducting media exploitation operations in hostile environments. In 2004, Tim was awarded the Bronze Star with combat Valor device by the Secretary of the Navy for his media exploitation efforts in Iraq.
Barry J. Grundy, NASA
Barry J. Grundy has worked as a Special Agent for the NASA Office of Inspector General (OIG), Computer Crimes Division (CCD) for the past six years. In that time he has been responsible for conducting computer intrusion investigations related to NASA systems. In 2005, SA Grundy received the annual Inspector General's award for his investigative efforts. He currently serves as the Resident Agent in Charge of the Eastern Region of the NASA OIG CCD, responsible for the supervision of criminal investigations related to cyber events at eight NASA Centers. Before working for the NASA OIG, SA Grundy was employed as a Special Agent for the Ohio Attorney General's Office, Health Care Fraud Unit, where he was responsible for the computer seizure and forensic media analysis support for the unit in addition to maintaining a normal health care fraud case load.
Prior to his law enforcement career, Grundy served for six years in the United States Marine Corps. All of his active duty service was spent in Reconnaissance Battalions, eventually as a Recon Team Leader, Scout/Sniper, and Combat Diver.
SA Grundy currently lives in Maryland with his wife, Jo Ann and son, Patrick. Hobbies include motorcycles, computers, and outdoor activities.
Andrew Fried, IRS
Andrew Fried is a Senior Special Agent with the Treasury Inspector General for Tax Administration's System Intrusion and Network Attach Response Team (SINART). His organization is responsible for investigating computer security incidents involving the Internal Revenue Service.
During his 17 year career with Treasury, he is credited with developing his agency's Computer Investigative Specialist (CIS) program, whose members are responsible for analyzing seized computers, as well as the SINART program, whose mission is to investigate computer intrusions and conduct pro-active network penetration testing.
In 1986, while working at the Kennedy Space Center, he developed one of the first suites of software programs specifically designed for analyzing seized computers. His software was distributed, free of charge, to law enforcement agencies throughout the world.
Bob Hopper, NW3C
Mr. Hopper manages NW3C Computer Crimes instructor cadre who provide computer forensics training to state and local Law Enforcement throughout the United States. The Computer Crimes Section offers basic, intermediate and advance training in computer forensics and computer crimes as well as provides technical assistance and research and development for computer forensic examiners.
Mr. Hopper retired with nearly thirty years service with the Arizona Department of Public Safety and thirty seven years in Law Enforcement. Mr. Hopper's Law Enforcement career included assignments in Narcotics, Air Smuggling, White Collar Crime and Organized Crime. Mr. Hopper also developed and managed the Arizona DPS Regional Computer Forensic Lab. This computer forensic lab grew from a two man unit in 1998 to a state of the art computer forensic lab that, in 2005 when he retired, had grown to seven state, local and federal agencies and nearly twenty five computer forensic examiners.
Michael J. Jacobs, SRA International, Inc.
Michael Jacobs joined SRA in October 2002 as a Senior Advisor following his retirement from the Federal Government after 38 years of service. In March 2003 he was appointed Director of SRA's Cyber and National Security Program. Prior to SRA, Mr. Jacobs was the Information Assurance (IA) Director at the National Security Agency (NSA). Under his leadership, NSA began implementing an Information Assurance strategy to protect the Defense Information Infrastructure and as appropriate, the National Information Infrastructure. He was responsible for overseeing the evolution of security products, services, and operations to ensure that the Federal Government's national security information was free-flowing, unobstructed and uncorrupted.
Mr. Jacobs had a long and distinguished career at the National Security Agency where he served in key management positions in both the Intelligence and IA mission areas. He served as the Deputy Associate Director for Operations, Military Support where he was responsible for developing a single, coherent military support strategy for NSA. During his 38 years of NSA service, Jacobs was a leader in Information Systems Security production and control, policy and doctrine and customer relations. He has testified before Congress on defense issues and has spoken widely on topics ranging from IA to cultural diversity. For his vision, dedication, and accomplishments, he has been recognized by the Department of Defense with the Distinguished Civilian Service Medal; by the Director Central Intelligence with the Intelligence Community's Distinguished Service Award; and by NSA with the Exceptional Civilian Service Award. In addition, he has been awarded the National Intelligence Medal of Achievement and was twice awarded the Presidential Rank Award for Meritorious Achievement.
He earned his B.S. degree in Business Administration from King's College and completed the Senior Managers in Government Program at Harvard University's Kennedy School.
Mr. Jacobs resides in College Park, Maryland with his wife Ethel and their five children. From 1997 through 2001 he served as the City's elected Mayor following fourteen years as an elected member of the City Council.
Timothy Kosiba, FBI
Timothy Kosiba has been a Forensic Examiner with the FBI CART Program for 12 years, and managing the CART-BWI Laboratory in Linthicum, Maryland for the last 6 years. Mr. Kosiba has a B.S. in Management Information Systems from the University of Baltimore, and M.S. in Forensic Science from George Washington University. Currently, he is also the Program Manager for the Forensic Networks Program within CART, and is responsible for managing the deployment of 25 Storage Area Networks around the country, for use in examining and reviewing digital evidence. Mr. Kosiba is also a Certified ASCLD/LAB Inspector in the discipline of Digital Forensics.
Robert F. Lentz, OSD
Mr. Lentz is the Director for Information Assurance (IA) in the Office of the Assistant Secretary of Defense, Networks and Information Integration/Chief Information Officer. He is the Chief Information Assurance Officer (CIAO) for the Department of Defense (DoD) and oversees the Defense-wide IA Program, which plans, monitors, coordinates, and integrates IA activities across DoD. Mr. Lentz is also the Chairman of the National Space INFOSEC Steering Council (NSISC), a member of the Presidential Sub-Committee on National Security Systems (CNSS), the Manager of the DoD IA Steering Council, and the IA Domain Owner of the Global Information Grid Enterprise Information Management Mission Area. In his capacity of IA Domain Owner, Mr. Lentz is a member of the DoD CIO Executive Council. He also reports to the Deputy Undersecretary for Security and Counter-Intelligence and is a member of the Information Operations (IO) Steering Council. Mr. Lentz represents DoD on several private sector boards, including the Center for Internet Security (CIS) Strategic Advisory Council, the Common Vulnerabilities & Exposures (CVE) Senior Advisory Council, and the Federal Electronic Commerce Coalition (FECC).
Mr. Lentz has over 26 years of experience with the National Security Agency (NSA) in the areas of financial management and technical program management. He has served as Chief of the Space and Networks IA Office, Chief Financial Officer of the NSA IA Directorate, Executive Assistant to the NSA SIGINT Collections and Operations Group and Field Chief of the Finksburg National Public Key Infrastructure / Key Management Infrastructure Operations Center. He has also served on several strategic planning and acquisition reform panels. Mr. Lentz has received the NSA Resource Manager of the Year Award, the Defense Meritorious Service Award, the 2003 Presidential Rank Award and the 2004 ≥Federal 100≤ award. In 2004, Mr. Lentz also received the highest-level honorary award the Department can bestow on a civilian employee, the prestigious Secretary of Defense Distinguished Civilian Service Award. Mr. Lentz is a graduate of the National Senior Cryptologic Course at the National Cryptologic School, Federal Executive Institute (FEI) and the Resource Management Course at the Naval Postgraduate School. He earned a Bachelor of Science Degree with a double major in History and Political Science from Saint Mary's College of Maryland and a Masters Degree in National Security Strategy from the National War College. While attending the National War College in 1999, Mr. Lentz's primary focus was on Homeland Security.
Richard Marshall, NSA
Mr. Richard H. L. Marshall is the Senior Information Assurance (IA) Representative, Office of Legislative Affairs at the National Security Agency (NSA). NSA's Legislative Affairs Office is the Agency's point of contact for all NSA matters concerning Congress and is committed to maintaining a relationship with Congress built on trust, candor, completeness, correctness, consistency, and corporateness. Mr. Marshall has been instrumental in framing critical appreciation by key Senators and Representatives on Information Assurance and its impact on helping to protect the nation's critical infrastructures. As an additional duty, Mr. Marshall also represents NSA in the National Centers of Academic Excellence in Information Assurance Program in Boston, Massachusetts and the Detroit, Michigan areas where he led the effort to establish an International Consortium on Information Assurance.
Mr. Marshall was selected by Dick Clarke, the Cyber Advisor to the President to serve as the Principal Deputy Director, Critical Infrastructure Assurance Office (CIAO), Bureau of Industry and Security, Department of Commerce where he led a team of 40 dedicated professionals in coordinating and implementing the Administration's National Security for Critical Infrastructure Protection initiative to address potential threats to the nation's critical infrastructures. He persuasively articulated the business case for enhancing information assurance in government and private sectors, and championed national outreach and awareness of information assurance issues to key stakeholders such as owners and operators of critical infrastructures, opinion influencers, business leaders, and government officials.
Before being nominated by the DIRNSA and approved by the SECDEF to serve in an Executive Development assignment to help lead the CIAO, Mr. Marshall served with distinction as the Associate General Counsel for Information Systems Security/Information Assurance, Office of the General Counsel, National Security Agency for over eight years. In that capacity, Mr. Marshall provided advice and counsel on national security telecommunications and technology transfer policies and programs, the National Information Assurance Partnership, the Common Criteria Mutual Recognition Arrangement, legislative initiatives and international law. Mr. Marshall was the legal architect for the Joint Chiefs of Staff directed exercise ≥Eligible Receiver 97≤ that spotlighted many of the cyber-vulnerabilities of our nation's critical infrastructures and helped bring focus on this issue at the national leadership level.
Mr. Marshall graduated from The Citadel with a B.A. in Political Science; Creighton University School of Law with a J.D. in Jurisprudence; Georgetown School of Law with an LL.M. in International and Comparative Law; was a Fellow at the National Security Law Institute, University of Virginia School of Law in National Security Law; attended the Harvard School of Law Summer Program for Lawyers; the Georgetown University Government Affairs Institute on Advanced Legislative Strategies and participated in the Information Society Project at Yale Law School and in the Privacy, Security and Technology in the 21st Century program at Georgetown University School of Law.
Ken Privette, USPS
Ken works as the Special Agent in Charge of the Computer Crimes Unit (CCU) at the United States Postal Service Office of Inspector General. His Unit conducts computer crime investigations and provides computer forensics support to a force of over 650 agents who conduct fraud and internal crime investigations for the U. S. Postal Service. Over the past two years Ken's team has doubled in size, now managing a computer forensics workload of more than 900 requests per year.
Ken spent much of his professional life as a Special Agent with the Naval Criminal Investigative Service both overseas and state-side where he conducted investigations involving computer crime, terrorism, and counterintelligence matters.
Keith Rhodes, GSA
Keith Rhodes is currently the Chief Technologist of the U. S. Government Accountability Office and Director of the Center for Technology & Engineering. He provides assistance throughout the Legislative Branch on computer and telecommunications issues and leads reviews requiring significant technical expertise. He has been the senior advisor on a range of assignments covering continuity of government & operations, export control, computer security & privacy, e-commerce & e-government, voting systems, and various unconventional weapons systems. He has served as a Commissioner on the Independent Review of the National Imagery and Mapping Agency. Before joining GAO, he was a supervisory scientist at the Lawrence Livermore National Laboratory. His other work experience includes computer and telecommunications projects at Northrop Corporation and Ohio State.
Linton Wells II, Principal Deputy Assistant Secretary of Defense, Networks and Information Integration
Dr. Linton Wells II serves as the Principal Deputy Assistant Secretary of Defense (Networks and Information Integration). He resumed these duties on November 14, 2005 after serving as the Acting Assistant Secretary and DoD Chief Information Officer from March 8, 2004. He became the Principal Deputy Assistant Secretary of Defense (Command, Control, Communications and Intelligence) on August 20, 1998 which became Networks and Information Integration in 2003. Prior to this assignment, he had served in the Office of the Under Secretary of Defense (Policy) from 1991 to 1998, most recently as the Deputy Under Secretary of Defense (Policy Support).
In twenty-six years of naval service, Dr. Wells served in a variety of surface ships, including command of a destroyer squadron and guided missile destroyer. In addition, he acquired a wide range of experience in operations analysis; Pacific, Indian Ocean and Middle East affairs; C3I; and special access program oversight.
Dr. Wells was born in Luanda, Angola, in 1946. He was graduated from the United States Naval Academy in 1967 and holds a Bachelor of Science degree in physics and oceanography. He attended graduate school at The Johns Hopkins University, receiving a Master of Science in Engineering degree in mathematical sciences and a PhD in international relations. He is also a 1983 graduate of the Japanese National Institute for Defense Studies in Tokyo, the first U.S. naval officer to attend there.
Dr. Wells has written widely on security studies in English and Japanese journals. He co-authored Japanese Cruisers of the Pacific War, which was published in 1997. His hobbies include history, the relationship between policy and technology, scuba diving, and flying.
|
Searching...
