How to Dress Like a Cyber Warrior OR Looking Like a Tier-Zero Hero

-->

A lot of ink’s been spent lately on the idea of cyber warfare, cyber defense, the enemies, the allies, what would we do if we had a cyber Pearl Harbor, etc. As one of the foremost experts on all things cyber, I thought I would take a day to explain some of the finer points of this new realm of warfare and how to fit in.

Organization

Now despite what anyone may say, Cyber Warriors are going to be a huge part of any future war. In the military there is a name for highly skilled Special Mission Units (SMUs). They are referred to as a “Tier-One” units. These units are well known secrets like the Army’s 1st Special Forces Operational Detachment-Delta (Delta Force), the Navy’s Naval Special Warfare Development Group (DEVGRU or SEAL Team 6), and the Intelligence SupportActivity (ISA). These are the men and women our country calls upon to solve the “big boy” problems. Cyber Warriors will soon join their ranks, but not as a Tier-One unit. 

 

Every true Cyber Warrior worth his deck knows that counting starts at zero. Be prepared to see DoD messages about Tier-Zero units. These will be the cyber warriors with access to military-grade exploits and viruses. They’ll be the guys with the authority to infect an enemy’s computer with e-sheep in the name of freedom.

How To Join

The training required for Tier-One operators to arrive at the “tip of the spear” is a highly classified secret. Expect no less for Tier-Zero operators. Various methods of recruitment could be, but are not limited to:

1.     Apprehending you when you break into your school to change your grades.

2.     Lurking on IRC channels that elite hackers are known to frequent.

3.     Breaking into your Call of Duty clan meeting to taunt you. This will test your mental stamina and toughness. They need to see if you have what it takes. There’s no good time during a mission to cry over getting flamed.

4.     Sending out mass flyers advertising “military style” boot camps for MCSEs. Do you have the guts to respond?

However the recruiting is done, you can be sure it will be subtle. It will in no way resemble a NSA recruiting booth at Defcon.

How to Dress

Since Tier-Zero and Tier-One units will work together closely, it makes sense to dress as much alike as possible. Generally, if you are a sniper you wanna take out the guy that looks like he is in charge. You’re looking for the guy who looks somehow “different.” Different means important. Important means “target.” This is why saluting unpopular officers in the field is called a “sniper check.” If the “different” looking guy doesn’t get shot, it’s just because there wasn’t a sniper around to shoot him. Here is how to blend in with a Tier-One unit while carrying out your Tier-Zero mission.

1. Uniform – Just because you are not actually with them does not mean you should not dress like them. Stock up on tactical pants and combat shirts. The preferred brand is a company called Crye Precision. Their combat pants and shirts will help you blend in considerably. The Tier-One guys use all the pockets to carry things like first aid kits, high tech military gear, secondary weapons, etc. A Cyberwarrior can carry things like USB doodads (microphones and thumb drives), extra Ethernet cables, your secureID card, multiple cell phones, a tablet, and your office badge. The combat clothes also have removable knee and elbow pads. I suggest you use these when you have to rewire a server room, plug something in under your desk, or reach under the vending machine when a Mountain Dew slips out of your hands.

As a word of caution, go for the Khaki, Black or Green. The Multicam will make you blend into your surroundings, causing you to be counted absent at work or a no-show for a boring meeting. You don’t want to lose a vacation day because you blend in too well.

2. Footwear – Tier-One assets can expect to go anywhere and do anything. For that reason, they wear specialized shoes and boots from makers like Oakley and Salomon. This footwear is designed to withstand jumping out of airplanes, trekking across deserts, and slogging through jungles. The ankle support is key. Getting a sprained ankle in a firefight is just embarrassing.

A Tier-Zero operator needs the same support. A hallway could be getting mopped. A data center could have a pulled tile you don’t notice, or someone could spill their Big Gulp at lunch and cause a slip hazard. Fire drills and offsite meetings are also concerns. Take care of your feet, and they will take care of you.

3. Helmets – Just because you are not on a kinetic battlefield does not mean you do not need a helmet. Tier-One units have a variety they use, but I suggest you stick with the Crye Precision Airframe. Other operators will recognize how high-speed you are when you wear it. It actually serves two functional purposes. First, your brain is all you have going for you. In cramped office and cubicles Cyberwarriors will often stack collectibles. You can’t have one of these action figures falling on your head and putting you out of commission. Second, the Crye helmets have side rails for quickly attaching several high tech devices like flashlights. I recommend the SureFire brand, since the guys doing the shooting may have to borrow yours one day and you don’t want to hand them anything cheap. Make sure yours can do regular white light or green tinted light. The best is a red tinted light that won’t ruin your night vision when on an all night “op.” Believe me, giving away your position in your office at your desk is a definite no-go.

4. Armor – Cyberwarring is a dirty business. Sometimes things get hot. For those times, I suggest you have a “plate carrier” and a good set of armor plates ready to go. Tier-One guys expect their armor to stop AK-47 rounds and fragments from explosives. You should as well. If it can stop a speeding 7.62x39mm bullet, think of the wonders it will do in office airsoft fights. You can stride through a hail of Nerf projectiles like they aren’t even there. These plate carriers are designed to carry extra magazines for weapons, explosives, and other tools of the Tier-One trade. You can use that space to carry extra Limitless energy shots, snacks, your ID, or reloads for your own Airsoft/Nerf weapons. Don’t cut corners on the cost here. Your enemies can tell the difference between a Condor vest from the local Airsoft store and a real deal London Bridge Trading Company6094 plate carrier used by Navy SEALs. Learn the difference and make fun of the nerds with the cheap stuff. They are not Tier-Zero.

5. Belt – Real “shooters” in the thick of it have special belts they can use to clip to a helicopter during a hairy exfil or while going into a hot LZ. These are known as “rigger’sbelts,” and they have an extra hook that the operator can attach a lanyard to. This keeps the operator in place. Tier-One ops don’t fall out of aircraft or off of rooftops. A Tier-Zero specialist has a very similar use for a rigger’s belt: when the cyber fighting goes hot, you will become a kidnapping target. You probably already are, and just don’t know it yet. A rigger’s belt and lanyard will allow you to clip yourself to a stationary object and foil any foreign intelligence agents’ attempts to kidnap you. I suggest LBT for these items. Do not clip yourself to something mobile, like a car, or something easily movable, like your chair or an orange emergency cone. I would not put it past a spy to just steal the car or road cone to get to you. Protip: bulk up. Your natural obesity will make pulling you into a van or helicopter against your will much harder. If they want you, make them work for it.

6. Guns – Of course Cyberwarriors need guns. We’re talking about blending in with the big boys, here. I could spend hours on this topic alone, but I’ll just give you a few tips and let OJT training cover the rest. You need good military-grade weapons. Not having them would be like a kid showing up to do pentests without installing NMap first. Poseur.

Since civilians can’t get military-grade weapons, buy weapons that look military-grade. I suggest a Daniel Defense M4A1SOCOM with a Leopuld HAMR scope. Daniel Defense makes a lot of gun parts for SOCOM, so the rifle makes you blend right in. For a pistol, go with a Sig Sauer226. The rifle needs to be in 5.56mm, and the 226 needs to be in 9mm. If anybody gives you crap about the weapon calibers, just smirk and blame the Geneva Convention or liberals, either works. The secret to dealing with caliber snobs is to know they aren’t listening to you, anyway. They are just waiting for their turn to talk.

Here is the hard part, though (you didn’t think this was just a shopping trip, did you?): you actually have to be able to shoot. Any time someone looks at your rifle, dropping some shooting lingo like, “Yeah, its zeroed to two hundred meters,” is a great response. The lingo is not a substitute for shooting, though. You have to be able to keep an inch group at 200 meters with your rifle and a two-inch group at 25 meters with your pistol. Frown and silently shake your head at anyone who can’t.

7. Random other stuff - The Devil is in the details. Here’s a list of the small things you’ll need that don’t warrant their own sections:

a. Knives – you need at least two. A really good general purposeknife and a fighting/stabbing knife. You can use them to open boxes, envelopes, or cut the crust off bread if the sandwich delivery place forgot.

b. Flashlights - Carry two of these, as well. One should be an insane 500 lumen-powered light, and the other should be something like a surefire X300 that you can use on a rifle or pistol. If people ask why you have a weapon light when you aren’t carrying a weapon, just tell them you are always prepared. (Add a smirk here. It’ll make them think you’re prepared to take someone else’s weapon if you don’t have your own on you.)

c. Paracord - This stuff is almost as useful as duct tape, without the disadvantage of making everything in your pockets stick together. Paracord can come in the form of bracelets you can wear and unwrap when you need it, but that’s not Tier-Zero cool. Get a paracord sling for your rifle, a paracord strap for your computer bag. paracord bootlaces, paracord keychain. Make some toys for your desk out of paracord. Finally, when you’re good enough, make your underwear out of paracord. Nobody ever expects paracord underwear.

d. Multitool – You don’t know what’s gonna happen any time you step outside. Get a good multitool, like the Leatherman EOD MUT. It comes with a C4 punch. Tier-One guys use C4 punches to put detonators in plastic explosives. You can use one to deflate potato chip bags to fit in your desk. You can even use it on bubble wrap.

e. Gloves – With all this dangerous stuff, you need some gloves to keep your typing assets in order. Do you know how hard it is to type with one hand? I suggest Oakley. Good, well made, hardcore protection for your knuckles, and they will insulate you from a very hot cup of coffee (Protip: Studies have been done on the body’s ability to uptake caffeine more quickly from hot liquids. Elite Tier-Zero operators microwave their Mountain Dew.)

f. Patches – As a Tier-Zero operator, you will be in a unit that doesn’t exist, so you won’t have a unit patch. It’s not cool to wear other units’ patches. You don’t wanna give those dweebs credit for your awesome missions. I wear Foxhound or Mandalorian unit patches as a form or psyops. Enemy intel agents will waste time and effort trying to figure out what unit you are with. Let them. It’s all part of the game.

How to talk

Strangely, there’s not much difference between a Tier-Zero operator and a regular InfoSec professional. Think about it: DMZs, payloads, and perimeter threats? The language isn’t that difference. Throw in some gun lingo, and you’re talking like a badass. Don’t talk about zombies, though. That’s a dead giveaway that all of your tactical training came from the Walking Dead. Instead of “Zombie Killer,” you should say “Non-permissive environment specialist.”

Wrapup

That’s all the space I have for this issue. Next week we’ll talk about hacking techniques, identifying Nation-State weak spots, and getting access to SCADA environments for testing new malware. Until then, stock up on Tier-Zero uniforms and gear, and get some time in at the gun range. Oh, and be careful. It’s a jungle out there.