By Ben Bain
February 29, 2008
The Homeland Security Department is getting ready to lead foreign
governments, corporations, states and federal agencies on a second round
of cyber war games.
During the second week of March, nine states, four foreign governments,
18 federal agencies and 40 private companies will participate in Cyber
Storm II a weeklong simulation designed to better prepare the players
for cyberattacks. DHS, FBI and the Defense Department are among the
federal agencies that will participate.
The exercise will be the culmination of more than 18 months of planning,
led by DHS National Cyber Security Division, to design a series of
simulations that will test the players abilities to respond to
cyberattacks on information technology, communications, chemical and
transportation infrastructure. The first Cyber Storm exercise, in 2006,
focused on air transportation.
Cyber Storm II participants have been broken into two teams: planners
and players. The players have not seen any of the scenarios they will
have to mitigate.
A source familiar with the planning of the exercise said that this years
simulation exercises could include elements of organized crime,
terrorism or a hacking attempt driven by political goals.
We are looking at a more sophisticated scenario this time around, he
said. Its going to be quite an event.
The exercise will take place in Washington, but will also be played out
virtually by thousands of people worldwide. Australia, along with the
United Kingdom, New Zealand, Canada and the United States, is planning a
simultaneous cyber simulation exercise that will include its military.
Its going to be quite an event, the source said.
Each of Cyber Storm IIs participants will have their own goals and
challenges designed to bolster their own abilities. The private-sector
participant list includes giants such as Dow Chemical, Microsoft,
McAfee, Cisco and Nova Chemicals, among others, the source said.
The exercise is very much deliberately intended to overload people, the
source said. We dont do these things to pat ourselves on the back.
The exercise stresses confidentiality and afterward DHS will hold an
after-session and produce a general lessons-learned document.
Participants are encouraged but not required to do the same.
President Bush requested an additional $83.1 million for the U.S.
Computer Emergency Readiness Team for fiscal 2009 and has recently made
headlines with the issuance of its classified cyber initiative.
Lawmakers have grown increasingly concerned with the job DHS is doing in
thwarting cyberattacks, which have increased exponentially in recent
years. Congressional staff will be observing the event.
Subscribe to InfoSec News