The innovation: Combating cyber attacks through real-time sharing of a Master Block List (MBL)

WASHINGTON, Nov. 5, 2012 /PRNewswire-USNewswire/ -- The Department of Energy's Lawrence Livermore National Laboratory (LLNL) has won a 2012 U.S. National Cybersecurity Innovation Award for proving that defenders can work together to improve security by combating advanced persistent threats through real-time sharing of reputation data in an operational Master Block List (MBL). Multiple Department of Energy labs and plants actively share block information through the MBL tool.

(Photo: http://photos.prnewswire.com/prnh/20121105/DC06418)

The MBL was developed by the Department of Energy's Focused Advanced Persistent Threat Group led by the LLNL. It allows any application to be easily enrolled to automatically share up-to-the minute data on malicious websites, hashes, and spear phishers with all others that participate in the MBL. It also allows multiple labs and plants to share block information in real time. The MBL enables the Department of Energy to increase its ability to leverage the intelligence of the collective as opposed to the fragmented, individual pieces.

The development of the MBL primarily took place at the LLNL in Livermore, CA as well as at the Sandia National Laboratories in Albuquerque, NM. The MBL is being used by 10 agencies within the Department of Energy and is rapidly growing. The innovative idea behind the MBL is that sharing does not have to be complicated and that defenders can adopt methods used by adversaries to create a protocol that can function in any environment. This innovation helped overcome the segregated nature of cyber security across Department of Energy agencies.  LLNL uses the MBL to block an average of 50 domain and/or IP addresses daily from other MBL participants. 

About the National Cybersecurity Innovation Awards

The annual U.S. National Cybersecurity Innovation Awards recognize initiatives by companies and government agencies that contribute to significant cyber risk reduction, have not been deployed effectively before in a similar fashion, can be scaled quickly to serve large numbers of people, and should be supported and adopted quickly by many other organizations. Nominators include senior U.S. government officials involved with cybersecurity as well as leaders from major cybersecurity Information Sharing and Analysis Centers.  Corporations and individuals may also nominate innovations.   For the 2012 awards, more than 30 nominations were received and nine were selected. The panel of judges for the 2012 awards is described below.

Sameer Bhalotra served as White House Senior Director for Cybersecurity, leading the national identity management and continuous monitoring initiatives.  He also served as the principal cybersecurity staffer for the Senate Intelligence Committee, which oversees the cyber budgets of the National Security Agency and the other intelligence agencies. 

Tony Sager's stellar career at the National Security Agency spanned 34 years. He headed the Systems & Network Attack Center, oversaw all Red and Blue Team projects, created and headed security product evaluation teams, helped guide the agency's top talent development programs, served as founding director of the Vulnerability Analysis & Operations Group (comprised of 700 of the NSA's top technical cybersecurity specialists), and was the Chief Operating Officer for the Information Assurance Directorate.

Asheem Chandna is the dean of venture capitalists in the cybersecurity field. As a partner at Greylock since 2003, he has helped create and grow multiple security technology businesses to market-leading positions, and successfully merged several into larger companies.  He also serves on the panel of judges for the Wall Street Journal Global Technology Innovation Awards.

Alan Paller is Director of Research at the SANS Institute, where he oversees an international search for people and organizations that have identified important ways to reduce the risk posed by cyber threats. He also oversees the Internet Storm Center and the annual initiative to determine the seven most dangerous new attack vectors.  He co-chairs the DHS Task Force on Cyberskills and the FCC Working Group on Cybersecurity Best Practices in the telecommunications industry.

SOURCE SANS Institute