WEBVTT 00:03.589 --> 00:05.867 The future war will not be fought with , 00:05.867 --> 00:08.420 with just sailors on the deck of ships 00:08.430 --> 00:11.279 and submarines and boots on the ground 00:11.289 --> 00:13.760 with army personnel and Marine Corps . 00:14.449 --> 00:17.610 It will also be with cyber . There will 00:17.620 --> 00:20.159 be effects from cyber from all parties 00:20.170 --> 00:22.700 involved and we need to be ready for it . 00:34.150 --> 00:37.349 Red teamers are paid to act like 00:37.360 --> 00:40.270 they're a nation state actor who is 00:40.279 --> 00:43.770 trying to infiltrate the systems of 00:43.779 --> 00:45.946 another government or another military 00:45.946 --> 00:49.930 or hack into us . Networks do D 00:49.939 --> 00:51.840 networks and we're talking about 00:51.900 --> 00:55.319 everything from our it capabilities all 00:55.330 --> 00:57.497 the way to our weapon systems that are 00:57.497 --> 00:59.608 on our ships and our aircraft and our 00:59.608 --> 01:01.830 submarines . We need to be able to have 01:01.830 --> 01:05.269 those systems withstand any attacks 01:05.279 --> 01:07.446 that might come from our adversaries . 01:11.550 --> 01:13.272 So I'll show you an example of 01:13.272 --> 01:15.639 something that we did on a recent 01:15.650 --> 01:18.250 operation uh against a target in the 01:18.260 --> 01:21.260 fleet . And what we did was we actually 01:21.269 --> 01:24.839 generated custom payloads to uh 01:24.849 --> 01:27.339 send against the fleet . And once we 01:27.349 --> 01:30.279 were able to uh upload these files to 01:30.290 --> 01:32.760 that system and receive some type of 01:32.769 --> 01:34.880 interaction with them from the user , 01:34.880 --> 01:36.880 we received a call back and then we 01:36.880 --> 01:38.959 were able to actually conduct more 01:38.970 --> 01:41.319 attack chain . So a few examples right 01:41.330 --> 01:43.660 here of different implants that we used 01:43.669 --> 01:47.239 on that operation . We're building a 01:47.250 --> 01:49.650 system , we tend to focus on the 01:49.660 --> 01:52.650 operating system and the applications 01:52.660 --> 01:54.716 that live on those operating systems 01:54.716 --> 01:57.650 individually and kind of in silos . But 01:57.660 --> 01:59.739 a red team cuts across all of those 01:59.750 --> 02:02.714 pieces and it looks where they can find 02:02.764 --> 02:04.820 vulnerabilities that might have been 02:04.820 --> 02:07.042 missed during the development . They're 02:07.042 --> 02:08.744 looking for bugs in code of 02:08.755 --> 02:10.865 applications and operating systems . 02:10.914 --> 02:13.025 They're looking at mis configurations 02:13.025 --> 02:15.225 of systems and they're looking at 02:15.345 --> 02:18.880 operator mistakes . A red team often 02:18.889 --> 02:20.667 finds what is called a zero day 02:20.667 --> 02:22.820 vulnerability and what that is is a 02:22.830 --> 02:26.610 flaw in software or operating systems 02:26.619 --> 02:29.720 or even hardware that has not yet been 02:29.729 --> 02:32.520 known . It's important for Nyk Atlantic 02:32.529 --> 02:36.119 to have this team because there are so 02:36.229 --> 02:38.669 few red teams in the department of 02:38.679 --> 02:41.330 Defense that it's great that Nyk is 02:41.339 --> 02:43.759 able to receive priority here at home . 02:43.770 --> 02:45.826 There are 13 red teams in the entire 02:45.826 --> 02:48.479 department of Defense . And uh that's a 02:48.490 --> 02:50.434 fairly small number when you think 02:50.434 --> 02:52.601 about the amount of work that needs to 02:52.601 --> 02:54.768 be done by red teams . The NAV war red 02:54.768 --> 02:56.657 team that is operated here at Nyk 02:56.657 --> 02:59.789 Atlantic is unique in that it focuses 02:59.800 --> 03:03.270 on navy assets and also things that 03:03.279 --> 03:06.149 support the Navy like health systems . 03:06.369 --> 03:08.619 But it also puts Nyk Atlantic and the 03:08.630 --> 03:11.589 Navy on the center stage of an active 03:11.600 --> 03:13.600 battle that's going on right now , 03:13.610 --> 03:15.550 which is the cyber battle for the 03:15.559 --> 03:17.910 United States . This is one of the most 03:17.919 --> 03:20.369 sought after career fields in 03:20.380 --> 03:22.213 information technology and cyber 03:22.213 --> 03:25.470 security . Today . It is um quite an 03:25.479 --> 03:27.449 honor and it's challenging 03:29.559 --> 03:31.781 the Department of Defense puts out what 03:31.781 --> 03:34.089 is called a cybersecurity TNE test and 03:34.100 --> 03:36.820 evaluation guidebook . And it has six 03:36.830 --> 03:39.199 phases in it to operate in that six 03:39.210 --> 03:40.988 phase where you're emulating an 03:40.988 --> 03:43.330 adversary against an operational system . 03:43.660 --> 03:46.429 That is what really requires that a red 03:46.440 --> 03:49.360 team be certified by the dod . And that 03:49.369 --> 03:51.850 certification process is run by the NSA 03:52.080 --> 03:54.490 because a certified red team are the 03:54.500 --> 03:57.759 only ones that are allowed to attack do 03:57.889 --> 04:00.119 D systems that are in operation . Our 04:00.130 --> 04:02.770 adversaries are going to do that to us 04:03.149 --> 04:05.316 in a conflict and sometimes they do it 04:05.316 --> 04:07.538 when it's outside of a conflict . So we 04:07.538 --> 04:09.705 need to be prepared even in peace time 04:09.705 --> 04:11.705 to have our systems be as secure as 04:11.705 --> 04:14.990 possible . Being a part of a certified 04:15.000 --> 04:18.519 red team is an elite club . It is not 04:18.529 --> 04:20.649 something that is taken lightly . And 04:20.660 --> 04:23.410 even in our own pipeline inside of our 04:23.420 --> 04:25.940 organization , there's a very few 04:25.950 --> 04:28.980 number of people who can say that they 04:28.989 --> 04:31.579 are a part of a dod certified red team . 04:31.660 --> 04:34.140 What you'll find on some of the other 04:34.260 --> 04:37.019 uh teams throughout the dod and in 04:37.029 --> 04:39.320 commercial is that they will have uh 04:39.329 --> 04:42.510 knit niches or specialties as a team . 04:42.640 --> 04:45.059 Uh I'm very proud to say that our team 04:45.070 --> 04:48.510 contains a very diverse group of skills 04:48.519 --> 04:50.630 uh amongst each other and amongst the 04:50.630 --> 04:51.630 individuals . 04:54.730 --> 04:57.760 Having an opportunity to be a part of a 04:57.769 --> 05:01.000 dod certified red team is unique . It 05:01.010 --> 05:03.660 is unique because we're helping to 05:03.670 --> 05:06.989 ensure that the systems are secure 05:07.369 --> 05:09.730 for our marines , our sailors and our 05:09.739 --> 05:12.450 soldiers . So it is an opportunity 05:12.459 --> 05:15.329 unlike any other in the industry of 05:15.339 --> 05:16.170 cyber security .