Cyber Storm scenario
This report from the AP (please take it with a grain of salt) gioves us an idea of some of the things that keeps the White House up and pacing the halls at night:
In the middle of the biggest-ever "Cyber Storm" war game to test the nation's hacker defenses, someone quietly targeted the very computers used to conduct the exercise.
The surprising culprit? The players themselves, the same government and corporate experts responsible for detecting and fending off attacks against vital computer systems, according to hundreds of pages of heavily censored files obtained by The Associated Press. Perplexed organizers sent everyone an urgent e-mail marked "IMPORTANT!" instructing them not to probe or attack the game's control computers.
"Any time you get a group of (information technology) experts together, there's always a desire, 'Let's show them what we can do,'" said George Foresman, a former senior Homeland Security official. "Whether its intent was embarrassment or a prank, we had to temper the enthusiasm of the players."
The exercise was a big deal for all concerned.
The $3 million, invitation-only war game simulated what the U.S. describes as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalization hackers. The government is organizing a multimillion-dollar "Cyber Storm 2," to take place in early March.
Among the mock disasters confronting officials in the previous exercise: Washington's Metro trains shut down. Seaport computers in New York went dark. Bloggers revealed locations of railcars with hazardous materials. Airport control towers were disrupted in Philadelphia and Chicago. Overseas, a mysterious liquid was found on London's subway.
The list of fictional catastrophes — which also included hundreds of people on "No Fly" lists suddenly arriving at airport ticket counters — is significant because it suggests what kind of real-world trouble keeps the White House awake at night. Railway switches failed. Planes flew too close to the White House. Water utilities in Los Angeles were compromised.
The Homeland Security Department ran the exercise, with help from the State Department, Pentagon, Justice Department, CIA, National Security Agency and others.
Imagined villains included hackers, bloggers and even reporters. In one scenario, after mock electronic attacks overwhelmed computers at the Port Authority of New York and New Jersey, an unspecified "major news network" airing reports about the attackers refused to reveal its sources to the government. Other simulated reporters were duped into spreading "believable but misleading" information that confused the public and financial markets, according to the government's documents.
The upcoming "Cyber Storm 2" in March also will simulate electronic attacks against chemical plants and communication lines, and include targets in California, Colorado, Delaware, Illinois, Michigan, North Carolina, Pennsylvania, Texas and Virginia.
"They point out where your expectations of your capabilities may be overstated," Homeland Security Secretary Michael Chertoff told the AP. "They may reveal to you things you haven't thought about. It's a good way of testing that you're going to do the job the way you think you were. It's the difference between doing drills and doing a scrimmage."
The AP obtained the Cyber Storm internal records nearly two years after it requested them under the Freedom of Information Act. The government censored most of the 328 pages it turned over, marked "For Official Use Only," citing rules against disclosing sensitive information. The government is still reviewing hundreds more documents before they can be turned over to the AP.
"Definitely a challenging scenario," said Scott C. Algeier, who runs a cyber-defense group for leading technology companies, the Information Technology Information Sharing and Analysis Center.
For the participants — including government officials from the United States, England, Canada, Australia and New Zealand and executives from technology and transportation companies — the mock disasters came fast and furious: hacker break-ins at an airline; stolen commercial software blueprints; problems with satellite navigation systems; trouble with police radios in Montana; school closures in Washington, Miami and New York; computer failures at border checkpoints.
The incidents, designed to tax responders, were divided among categories: computer attacks, physical attacks and psychological operations.
"We want to stress these players," said Jeffrey Wright, the former Cyber Storm director for the Homeland Security Department. "None of the players took 100 percent of the correct, right actions. If they had, we wouldn't have done our job as planners."
How did they do? Reviews were mixed. Companies and governments worked successfully in some cases. But key players didn't understand the role of the premier U.S. organization responsible for fending off major cyber attacks, called the National Cyber Response Coordination Group, and it didn't have enough technical experts. Also, the sheer number of mock attacks complicated defensive efforts.
A wqord to readers, this was only a simulation, but for the past couple of decades war-gamers have constantly looked at cyber attacks that could do significant damage to not only infrastructure, but also, as the report states, hampering defensive and emergency response efforts.
Now, being bloggers ourselves, we can't fathom the idea of blogger revealing any sort of national security secrets if they get their hands on them. Most bloggers we know of, have spoken with, etc., wouldn't reveal such things to the public where our enemy could obtain such things. Chances are, bloggers would link with one another, and work to help coordinate information and response efforts. Maybe the government forgot this, but there were plenty of bloggers during Hurrican Katrina who stayed behind, and helped disseminate over-hyped media reports. They also helped National Guard and FEMA responders locate those that were left behind, and hiding in what those people believed were safe places. That is a flip side of the scenario I don't think the gamers actually figured in.
This is interesting reading. It's good to know that we're doing what we can to prevent such nasty attacks. But it takes more than wargames to accomplish this. It takes planning, and having the best "cyber fighters" in our own arsenal.
Publius II
In the middle of the biggest-ever "Cyber Storm" war game to test the nation's hacker defenses, someone quietly targeted the very computers used to conduct the exercise.
The surprising culprit? The players themselves, the same government and corporate experts responsible for detecting and fending off attacks against vital computer systems, according to hundreds of pages of heavily censored files obtained by The Associated Press. Perplexed organizers sent everyone an urgent e-mail marked "IMPORTANT!" instructing them not to probe or attack the game's control computers.
"Any time you get a group of (information technology) experts together, there's always a desire, 'Let's show them what we can do,'" said George Foresman, a former senior Homeland Security official. "Whether its intent was embarrassment or a prank, we had to temper the enthusiasm of the players."
The exercise was a big deal for all concerned.
The $3 million, invitation-only war game simulated what the U.S. describes as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalization hackers. The government is organizing a multimillion-dollar "Cyber Storm 2," to take place in early March.
Among the mock disasters confronting officials in the previous exercise: Washington's Metro trains shut down. Seaport computers in New York went dark. Bloggers revealed locations of railcars with hazardous materials. Airport control towers were disrupted in Philadelphia and Chicago. Overseas, a mysterious liquid was found on London's subway.
The list of fictional catastrophes — which also included hundreds of people on "No Fly" lists suddenly arriving at airport ticket counters — is significant because it suggests what kind of real-world trouble keeps the White House awake at night. Railway switches failed. Planes flew too close to the White House. Water utilities in Los Angeles were compromised.
The Homeland Security Department ran the exercise, with help from the State Department, Pentagon, Justice Department, CIA, National Security Agency and others.
Imagined villains included hackers, bloggers and even reporters. In one scenario, after mock electronic attacks overwhelmed computers at the Port Authority of New York and New Jersey, an unspecified "major news network" airing reports about the attackers refused to reveal its sources to the government. Other simulated reporters were duped into spreading "believable but misleading" information that confused the public and financial markets, according to the government's documents.
The upcoming "Cyber Storm 2" in March also will simulate electronic attacks against chemical plants and communication lines, and include targets in California, Colorado, Delaware, Illinois, Michigan, North Carolina, Pennsylvania, Texas and Virginia.
"They point out where your expectations of your capabilities may be overstated," Homeland Security Secretary Michael Chertoff told the AP. "They may reveal to you things you haven't thought about. It's a good way of testing that you're going to do the job the way you think you were. It's the difference between doing drills and doing a scrimmage."
The AP obtained the Cyber Storm internal records nearly two years after it requested them under the Freedom of Information Act. The government censored most of the 328 pages it turned over, marked "For Official Use Only," citing rules against disclosing sensitive information. The government is still reviewing hundreds more documents before they can be turned over to the AP.
"Definitely a challenging scenario," said Scott C. Algeier, who runs a cyber-defense group for leading technology companies, the Information Technology Information Sharing and Analysis Center.
For the participants — including government officials from the United States, England, Canada, Australia and New Zealand and executives from technology and transportation companies — the mock disasters came fast and furious: hacker break-ins at an airline; stolen commercial software blueprints; problems with satellite navigation systems; trouble with police radios in Montana; school closures in Washington, Miami and New York; computer failures at border checkpoints.
The incidents, designed to tax responders, were divided among categories: computer attacks, physical attacks and psychological operations.
"We want to stress these players," said Jeffrey Wright, the former Cyber Storm director for the Homeland Security Department. "None of the players took 100 percent of the correct, right actions. If they had, we wouldn't have done our job as planners."
How did they do? Reviews were mixed. Companies and governments worked successfully in some cases. But key players didn't understand the role of the premier U.S. organization responsible for fending off major cyber attacks, called the National Cyber Response Coordination Group, and it didn't have enough technical experts. Also, the sheer number of mock attacks complicated defensive efforts.
A wqord to readers, this was only a simulation, but for the past couple of decades war-gamers have constantly looked at cyber attacks that could do significant damage to not only infrastructure, but also, as the report states, hampering defensive and emergency response efforts.
Now, being bloggers ourselves, we can't fathom the idea of blogger revealing any sort of national security secrets if they get their hands on them. Most bloggers we know of, have spoken with, etc., wouldn't reveal such things to the public where our enemy could obtain such things. Chances are, bloggers would link with one another, and work to help coordinate information and response efforts. Maybe the government forgot this, but there were plenty of bloggers during Hurrican Katrina who stayed behind, and helped disseminate over-hyped media reports. They also helped National Guard and FEMA responders locate those that were left behind, and hiding in what those people believed were safe places. That is a flip side of the scenario I don't think the gamers actually figured in.
This is interesting reading. It's good to know that we're doing what we can to prevent such nasty attacks. But it takes more than wargames to accomplish this. It takes planning, and having the best "cyber fighters" in our own arsenal.
Publius II
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home