# /usr/bin/whoami

[About me]

Dr. Bernhards Blumbergs is a lead cyber-security expert at the Information Technology Security Incident Response Institution of the Republic of Latvia (CERT.LV) and the former Technology Researcher at the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) also the Ambassador of the Centre since 2018. Currently, he is doing his postdoctoral research project at the Nara Institute of Science of Technology, in Japan, within the JSPS fellowship.

His primary focus is on technical red teaming operation execution and leading threat hunting operations against national critical infrastructure. He is the creator and the technical director of the world’s largest and most innovative full-spectrum offensive cyber operation exercise Crossed Swords. He is a certified exploit researcher and advanced penetration tester (GXPN), industrial cyber security professional (GICSP), and response and industrial defense expert (GRID). He has a solid military background, targeted at developing, administering, and securing wide-area information systems.

Dr. Blumbergs received his Computer Science Ph.D. degree in Cyber Security from Tallinn Technical University in 2019, with his dissertation on specialized cyber red team responsive computer network operations.

# /usr/bin/ps

[Publications]

  1. B.Blumbergs (2024). Black Sheep Wall: Towards Multiple Vantage Point-based Information Space Situational Awareness. In Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT24). SCITEPRESS. Dijon, France. [author-copy]
  2. Skrodelis, Heinrihs; Blumbergs, Bernhards; Romanovs, Andrejs. (2024). Threat Scenario Generation for IEC104 Cyber Defense. the 2024 IEEE Workshop on Advances in Information, Electronic and Electrical Engineering (AIEEE), IEEE, 10.1109/AIEEE62837.2024. [link][author-copy]
  3. B.Blumbergs (2024). Black Sheep Wall: Clearing the Fog-of-War for Cyber Intelligence Collection. ArcticSecurity Public Exposure blog. [link] [author-copy]
  4. B.Blumbergs (2023). A Multiple Vantage Point-based Concept for Open-Source Information Space Awareness (technical report). In Information and Communication System Security (ICSS) technical workshop. Sapporo, Japan. [author-copy]
  5. B.Blumbergs, Ē.Dobelis, P.Paikens, K.Nesenbergs, K.Solovjovs, A.Rusiņš (2022).  WearSec: Towards Automated Security Evaluation of Wireless Wearable Devices. In the 27th Nordic Conference on Secure IT Systems (NordSec 2022). [author-copy]
  6. Uljāns, A. and Blumbergs, B. (2022). Industrial and Automation Control System Cyber Range Prototype for Offensive Capability Development. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, ISBN 978-989-758-553-1; ISSN 2184-4356, pages 478-490. DOI: 10.5220/0010879500003120. [author-copy]
  7. B.Blumbergs (2021). A pragmatic perspective towards minimizing the civilian harm of offensive cyberspace operations. The ICRC Humanitarian Law & Policy blog. [link]
  8. Blumbergs, Bernhards (2019). Specialized Cyber Red Team Responsive Computer Network Operations. (PhD Thesis, Tallinn University of Technology, School of Information Technologies, Department of Software Science). Tallinn: TTÜ Press. DOI: 10.23658/taltech.25/2019.  [author-copy]
  9. Blumbergs, Bernhards; Ottis, Rain; Vaarandi, Risto (2019). Crossed Swords: a cyber red team oriented technical exercise. Proceedings of the 18th European Conference on Cyber Warfare and Security, ECCWS 2019 : University of Coimbra, Portugal, 4-5 July 2019. Reading, UK: ACPI, 37−44. [author-copy]
  10. Blumbergs, Bernhards (2019). Remote exploit development for cyber red team computer network operations targeting industrial control systems. Proceedings of the 5th International Conference on Information Systems Security and Privacy, ICISSP 2019, February 23-25, 2019, Prague, Czech Republic, Vol. 1. Ed. Mori, Paolo; Furnell, Steven; Camp, Oliver. Prague: SciTePress, 88−99. DOI: 10.5220/0007310300880099. [author-copy]
  11. Mucci, Daniele; Blumbergs, Bernhards (2019). TED: A container based tool to perform security risk assessment for ELF binaries. Proceedings of the 5th International Conference on Information Systems Security and Privacy, ICISSP 2019, February 23-25, 2019, Prague, Czech Republic, Vol. 1. Ed. Mori, Paolo; Furnell, Steven; Camp, Oliver. Prague: SciTePress, 361−369. DOI: 10.5220/0007371603610369. [author-copy]
  12. Vaarandi, Risto; Blumbergs, Bernhards; Kont, Markus (2018). An unsupervised framework for detecting anomalous messages from syslog log files. NOMS 2018 IEEE/IFIP Network Operations and Management Symposium, Cognitive Management in a Cyber World : 23-27 April 2018, Taipei, Taiwan. IEEE, 1−6. DOI: 10.1109/NOMS.2018.8406283. [author-copy]
  13. Schmitt, Michael; Vihul, Liis; Akande, Dapo, Brown, Gary; Ducheine, Paul; Gill, Terry; Heinstchel von Heinegg, Wolff; Hernandez, Gleider; Housen-Couriel, Deborah; Huang, Zhixiong; Talbot Jensen, Eric; Kittichaisaree, Kringsak; Kozik, Andrey; Kreiss, Claus; McCormak, Tim; Nakatani, Kazuhiro; Rona, Gabor; Spector, Phillip; Watts, Sean; Blumbergs, Bernhards (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. United Kingdom: Cambridge University Press. [author-copy]
  14. Farar, A.; Bahsi, H.; Blumbergs, B. (2017). A case study about the use and evaluation of cyber deceptive methods against highly targeted attacks. 2017 International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident): 19-20 June, 2017, London, UK, Proceedings. London, UK: IEEE, [1−7]. DOI: 10.1109/CYBERINCIDENT.2017.8054640. [author-copy]
  15. Blumbergs, Bernhards; Vaarandi, Risto (2017). Bbuzz: a bit-aware fuzzing framework for network protocol systematic reverse engineering and analysis. MILCOM 2017 - IEEE Military Communications Conference : Baltimore, Maryland, USA, 23 - 25 October 2017, [Proceedings]. Baltimore, MD, USA: IEEE, 707−712. DOI: 10.1109/MILCOM.2017.8170785. [author-copy]
  16. Kont, Markus; Pihelgas, Mauno; Maennel, Kaie; Blumbergs, Bernhards; Lepik, Toomas (2017). Frankenstack: toward real-time red team feedback. MILCOM 2017 - IEEE Military Communications Conference : Baltimore, Maryland, USA, 23 - 25 October 2017, [Proceedings]. Baltimore, MD, USA: IEEE, 400−405. DOI: 10.1109/MILCOM.2017.8170852. [author-copy]
  17. Blumbergs, B.; Pihelgas, M.; Kont, M.; Maennel, O.; Vaarandi, R. (2016). Creating and detecting IPv6 transition mechanism-based information exfiltration covert channels. Secure IT Systems: 21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016, Proceedings. Ed. Brumley, B. B.; Röning, J. Cham: Springer, 85−100. (Lecture Notes in Computer Science; 10014). DOI: 10.1007/978-3-319-47560-8_6. [author-copy] [EC3 bulletin]
  18. Vaarandi, R.; Blumbergs, B.; Caliskan, E. (2015). Simple Event Correlator - Best Practices for Creating Scalable Configurations. Proceedings of the 2015 IEEE CogSIMA Conference. IEEE, 96−100. DOI: 10.1109/COGSIMA.2015.7108181. [author-copy]
  19. Väisänen, Teemu; Farar, Alexandria; Pissanidis, Nikolaos; Braccini, Christian; Blumbergs, Bernhards; Diez, Enrique (2015). Defending mobile devices for high level officials and decision-makers.
  20. Blumbergs, Bernhards (2014). Technical Analysis of Advanced Threat Tactics Targeting Critical Information Infrastructure. Cyber Security Review, 25−36. [author-copy]


[Research projects]

  • Context-driven cyber threat intelligence collection and information space awareness towards early warning
  • Operational technology and industrial automation and control system exploitation and security
  • Offensive and active cyber operation technical execution. Nation-wide threat hunting operation execution.
  • Wearable device security analysis


[Community activities]

  • Guest lecturer at Industrial Cyber Security Centre of Excellence (ICS-CoE), Tokyo, Japan, 2023-2024
  • Invited expert at EU CyberNet, 2022 and 2023
  • Invited expert at the International Committee of the Red Cross working group on minimizing cyber operation impact on society, 2020.
  • Invited speaker at Cyber Crisis Conference, South Korea, 2019.
  • Invited speaker at Future Forces Forum on SCADA Security, Czech Republic, 2019.
  • Member of Beer-ISAC (since 2019).
  • Program chair of "Cyber Chess" and "Cyber Shock" CERT.LV conference series (since 2018).
  • Invited speaker and instructor at NATO CCDCoE Executive Cyber Seminar (since 2016).
  • Program committee member of NATO CCDCoE Conference on Cyber Conflict - CyCon (since 2015).
  • Creator, technical manager, and developer of the Crossed Swords exercise (since 2014).
  • Developer and special system red team leader at Locked Shields exercise (since 2013).
  • Developer and instructor of Python for Red Teamers Course (since 2019)
  • Developer and instructor of Malware and Exploitation Essentials Course (2015 - 2018).
  • Co-developer and instructor of IT System Attack and Defence Course (2015-2017).

$ /usr/bin/wall

[Contact]

To contact me, please use the form below.