Russian News  
Analysis: DHS stages cyberwar exercise

disclaimer: image is for illustration purposes only
by Shaun Waterman
Washington (UPI) Mar 10, 2008
Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

The war game, codenamed Cyber Storm II, will run Monday to Thursday, based at U.S. Secret Service headquarters in Washington. It is the second DHS biannual cyber-exercise, designed to test the ability of federal agencies and their partners in state, local and foreign governments and the private sector to respond to and recover from cyberattacks on their computer networks.

"The goal of Cyber Storm II is to examine the processes, procedures, tools, and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure," says a fact sheet from the department.

Details of the planning for the event are closely held, in part to avoid tipping off participants. The fact sheet says only that the exercise -- the culmination of more than 18 months of planning led by DHS' National Cyber Security Division -- will simulate a series of coordinated physical and cyberattacks on IT and communications systems and chemical, rail and pipeline infrastructure.

The attacker is not identified, but has "a specific political and economic agenda," says the fact sheet. In the last Cyber Storm exercise in 2006, the enemy was an anarchistic coalition of "hacktivists" -- politically motivated hackers -- called the Worldwide Anti-Globalization Alliance, joined by a number of "independent actors."

In the scenario, the attackers penetrated state health records' databases, attacked Federal Aviation Administration systems and defaced newspaper sites.

"Key elements of the hacker attack plan were to strike at trusted cyber systems that were used to control both physical infrastructures and digital commerce and services," says the DHS' after-action report, released in September 2006. "The attackers focused on maximizing economic harm and fomenting general distrust of big business and government by disrupting services and misleading news media and other information outlets."

The choice of adversary -- which the report stressed "was neither a forecast of any particular threats �� currently existing nor an expression of any specific concerns" -- raised some eyebrows. Among U.S. military planners, nation states, and in particular China, are considered the actually existing adversaries with the most significant capabilities to launch attacks on, or through, the Internet.

One report, by Washington Post blogger Brian Krebs, said Cyber Storm II will feature a nation-state attacker, but a DHS official familiar with the planning said only that this was "a possibility."

The official added that the adversary was "more sophisticated" than in 2006. The scenario was "designed to examine the response to some of the threats that are out there in the real world," he said.

Having a nation-state adversary would make sense, former DHS preparedness chief George Foresman told UPI.

"The top candidates for adversaries would be states, terrorist groups and criminal enterprises" as they were in the real world, said Foresman, who was only involved in the very early stages of planning the event.

As in 2006, the attacks this week will be simulated on special systems set up for the exercise "and will not impact any live networks," says the fact sheet.

Participants in the exercise, which consists of a series of detailed scenarios unfolding according to a strict timetable, will learn of developments via more than 1,700 pre-scripted "injects" in the form of phone calls or e-mails from exercise managers, or through a mock TV news channel set up for the event.

But some of what players will learn from the channel will be bogus, former DHS official Jerry Dixon told Krebs' Security Fix blog.

"They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers," said Dixon, who helped plan the exercise.

The $6 million event will involve thousands of participants across the world, including from departments of the Australian, British, Canadian and New Zealand governments, and from U.S. agencies including the Department of Defense, CIA, National Security Agency and FBI.

Foresman said the foreign countries participating, all signatories to the 1947 UKUSA intelligence-sharing accords with the United States, were chosen because "there is a shared basis by which you can deal with classified information."

In Australia, which has ramped up its level of participation since the last exercise in 2006, officials from the federal police, Attorney General's Department and AUSCERT -- the Australian national Computer Emergency Response Team -- will all take part, Attorney General Robert McClelland told a news conference Friday.

In New Zealand, participating agencies include the Ministry of Foreign Affairs and Trade, the Ministry of Health, the Customs Service and the New Zealand Defense Forces, according to ComputerWorld.co.nz.

Companies taking part include ANZ National Bank, Cisco Systems Inc., which owns much U.S. Internet infrastructure, Dow Chemical, IBM, computer security firm McAfee, software giant Microsoft and Verizon.

International and private-sector participation is essential, said Foresman. "A cyberattack against the United States with real-world effects inside our borders can be launched from anywhere in the world," he said, adding that the attacks would target or utilize infrastructure owned by the private sector.

Cyber-warfare is "inherently international and inherently private (sector)," he said.

The 2006 after-action report said Cyber Storm I was designed to test basic elements of communication and decision-making in a complex environment of interdependent systems and multiple stakeholders. "Effective response to the scenario was designed to require rapid communications and de-confliction of critical information between players in all sectors and organizations, as well as strategic integration of information to gain accurate situational awareness," it said.

"It's all about the information," Foresman said, adding that "the ability to communicate highly technical information in real-time" between government officials without a common vocabulary had been a major challenge identified by Cyber Storm I.

"Collaboration between the government and the private sector" was something planners continued to wrestle with. "We haven't mastered that piece yet," he said.

Community
Email This Article
Comment On This Article

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Chinese Cyberattacks Target US Think Tanks
Washington DC (UPI) Mar 07, 2008
Defense-related think tanks and contractors, as well as the Pentagon and other U.S. agencies, were the target of repeated computer network intrusions last year apparently originating in China, the Department of Defense said this week.







  • China's military officials urge combat readiness: report
  • Analysis: China's crisis-handling problem
  • Germany Wants New Strategic Partnership With Russia
  • Taiwan boosts military spending amid China increase

  • US wants 'clear signal' from NKorea over nuclear declaration
  • US admits no silver bullet in US-led drive against Iran
  • Iran Tells West To Stop Threats Then We Talk
  • Nuclear Missile Train At Its Final Destination

  • Analysis: India eyes fake currency flow
  • Process On For Establishing Aerospace Command
  • Cisco plans to turn India into global hub, triple workforce
  • India's Biotech Baby Elephant

  • Urban, rural income disparity keeps growing in China: govt
  • China's trade surplus drops sharply in February: official data
  • Alarming Increase In Expected Growth of China's CO2 Emissions
  • China set for 30 years more years of fast growth: World Bank's Lin

  • Low-Cost Reusable Material Could Help With CO2 Capture From Power Plants
  • US law could interrupt flow from Canada's oil sands: Ottawa
  • Newly Defined Signaling Pathway Could Mean Better Biofuel Sources
  • Nordic Windpower Selects Pocatello, Idaho, For New Turbine Manufacturing Facility

  • NASA Ponders Future Without Shuttles
  • Twenty years on, Japan's 'Hope' lab to blast into space
  • Space Station Orbit Raised Five Clicks
  • Unique Three-Way Partnership For ATV Ground Control

  • Northrop Grumman Ships First Beyond-Line-of-Sight IP Network To US Air Force E-8C Fleet
  • Northrop Grumman Delivers Payload Module For Second Advanced EHF Military Communications Satellite
  • Orbital Awarded Contract For System F6 Satellite Program By DARPA
  • Lockheed Martin Completes Rigorous Test Of First Advanced Military Communications Satellite

  • First F-35 DART Pod Delivered To Lockheed Martin By Terma
  • Camera can see through clothing
  • Improvised Technology Drives Tanks Forward
  • Singapore puts ammo under ground

  • The content herein, unless otherwise known to be public domain, are Copyright 1995-2007 - SpaceDaily.AFP and UPI Wire Stories are copyright Agence France-Presse and United Press International. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by SpaceDaily on any Web page published or hosted by SpaceDaily. Privacy Statement