AOH :: ISNQ5169.HTM

Cyber Storm to Hit America for a Second Time

Cyber Storm to Hit America for a Second Time
Cyber Storm to Hit America for a Second Time


http://canadafreepress.com/index.php/article/1649 

By Joshua Hill 
Canada Free Press
January 31, 2008

The AP described it as a really bad day, but that somewhat understates 
the magnitude of it all. It, of course, refers to the Cyber Storm war 
game that the US Government held early in 2006, in an attempt to gauge 
the necessary reaction and requisite skills of the games participants.

If anyone has seen the 1983 movie War Games starring a very young 
Matthew Broderick, then multiply that by 10 and youll begin to get close 
to just what it was the US Government sicked on to the willing 
participants. The Homeland Security Department ran the exercise to test 
the nations hacker defenses, with help from the State Department, 
Pentagon, Justice Department, CIA, National Security Agency and others.

Those others, included government officials from the United States, 
England, Canada, Australia and New Zealand and executives from leading 
technology and transportation companies.

The simulated attacks consisted of everything imaginable: Washingtons 
metro trains being shut down. New Yorks seaport computers going dark. 
Bloggers revealing the locations of secret railcars containing hazardous 
materials (its always the bloggers!). Airport control towers disrupted 
at Philadelphia and Chicago. A mysterious liquid found on Londons 
subway. Planes flying too close to the White House, and more.

In short, the test was to throw everything at the players to see what 
they could handle, in an attempt to simulate as much public panic as 
possible. They point out where your expectations of your capabilities 
may be overstated, Homeland Security Secretary Michael Chertoff told the 
AP. They may reveal to you things you havent thought about. Its a good 
way of testing that youre going to do the job the way you think you 
were. Its the difference between doing drills and doing a scrimmage.

?We want to stress these players, said Jeffrey Wright, the former Cyber 
Storm director for the Homeland Security Department. None of the players 
took 100 percent of the correct, right actions. If they had, we wouldnt 
have done our job as planners.

And the results arent overly encouraging to be honest. No one took home 
the 100% as mentioned, and companies and governments were said to have 
worked successfully only in some cases. But key players didnt understand 
the role of the premier U.S. organization responsible for fending off 
major cyber attacks, called the National Cyber Response Coordination 
Group, and it didnt have enough technical experts. Also, the sheer 
number of mock attacks complicated defensive efforts.

One last thing though, in proof that a geeks ego is much bigger than 
anyone else youve ever met; the geeks struck back! Or tried too at 
least. Apparently, according to the 328 heavily censored pages that were 
turned over to the AP, somebody or someones attacked the computers that 
was being used to conduct the exercise.

Any time you get a group of (information technology) experts together, 
theres always a desire, Lets show them what we can do,? said George 
Foresman, a former senior Homeland Security official who oversaw Cyber 
Storm. Whether its intent was embarrassment or a prank, we had to temper 
the enthusiasm of the players.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn

Site design & layout copyright © 1986- CodeGods