Post on 02-Apr-2015
Lawrence Livermore National Laboratory
Denise Sumikawa
CIAC Program LeaderLLNL-PRES-403246
Lawrence Livermore National Laboratory, P. O. Box 808, Livermore, CA 94551
This work performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under Contract DE-AC52-07NA27344
DOE Computer Incident Advisory Capability (CIAC)
May 7, 2008
2Lawrence Livermore National Laboratory
CIAC provides cyber security services to 96 DOE and NNSA Laboratories and Field Facilities
3Lawrence Livermore National Laboratory
CIAC offers a full range of cyber security services to protect DOE
DOE-Wide CIAC Services
Monitor security sites
Network traffic analysis
Security notifications
Security architecture consulting
White-hat assessments
Technology watch
24x7 “on-call” incident response
Response tools & scripts
Malcode analysis
DOE incident reporting
Collaborating with Local Site Security Capabilities and Personnel
Prevention Watch and Warn Response
4Lawrence Livermore National Laboratory
CIAC culls out actionable information from network traffic data
Data Volume LowHigh
Analysis Query
Results
Analysis Reports
Site and Security
Notifications
~ 250 Million Sessions per
Day
5Lawrence Livermore National Laboratory
CIAC’s web and application security service helps protect DOE against application layer attacks
Full or Self-serve (sites scan their own) 190 Assessments completed C&A Web Site Testing
6Lawrence Livermore National Laboratory
DOE FY07 Incident Statistics
Incident TypePercentage
of FY07 total
Malicious Code 32% Phishing attacks increasingly targeted
Loss, Theft, or Missing 24% Laptops, PDAs, removable media
Information Compromise 15% PII in unencrypted email
Compromise (Root & User) 12%
Unauthorized Use 5% Waste, fraud, abuse
Web Defacements 5%
Denial of Service 4%
Other 3%
Critical Infrastructure 0%
7Lawrence Livermore National Laboratory
CIAC collaborates with DOE, NNSA, Federal, and International cyber security teams
Partnering for a secure DOE
8Lawrence Livermore National Laboratory
Questions/Comments