Red Team in a Box (RTIB): Developing Automated Tools to Identify, Assess, and Expose Cybersecurity Vulnerabilities in Department of the Navy Systems - Cyberspace Operations and Cyber Kill Chain

This report has been professionally converted for accurate flowing-text e-book format reproduction. The U.S. Navy and Marine Corps manage a vast number of computer systems, both afloat and ashore, many of which are neither directly connected to an external Internet Protocol (IP) network nor updated regularly, but do occasionally interact with other IP-connected devices. As malicious actors advance their capabilities to exploit and penetrate computer networks, the Department of the Navy (DoN) must be able to verify whether or not its computer systems are susceptible to cyber-attacks. A current mitigation technique is to use a cyber red team to assess a friendly network in a controlled environment; however, this method of conducting assessments can be costly and time-consuming, and may not target specific critical systems. This thesis developed a proof-of-concept tool called Red Team in a Box (RTIB) that addresses the current resource limitations of cyber red teams by leveraging open source software and other methods to discover, identify, and conduct a vulnerability scan on a computer system's software via a graphical user interface. The results of the vulnerability scan offer the RTIB user possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network. This research fundamentally provides the foundation to further develop an automated tool that Sailors and Marines with limited expertise can use to conduct a thorough cybersecurity vulnerability assessment on DoN systems.

This compilation includes a reproduction of the 2019 Worldwide Threat Assessment of the U.S. Intelligence Community.

Sailors and Marines located in environments with limited Internet connectivity, such as onboard ships or at forward operating bases, have limited capabilities to scan their computer systems and other embedded devices for vulnerabilities. The benefit of this research is to provide a portable, intuitive, and practical framework for Sailors and Marines with little cyber expertise to assess their internal systems against an array of known cyber vulnerabilities. Two research scenarios tested a simulated Navy and Marine Corps system with the intent of identifying security vulnerabilities and providing the user with possible recommendations for mitigating the cyber-related threats.