Slashdot Mirror
DHS Publishes Report on Operation Cyberstorm
uniquebydegrees writes "InfoWorld reports that the Department of Homeland Security has released the findings of Operation Cyber Storm, a large-scale simulation of combined cyber-physical attacks on U.S. critical infrastructure. From the article: 'According to DHS, "observers noted that players had difficulty ascertaining what organizations and whom within those organizations to contact when there was no previously established relationship or pre-determined plans for response coordination and risk assessments/mitigation. There was a general recognition of the difficulties organizations faced when attempting to establish trust with unfamiliar organizations during time of crisis."'"
> "observers noted that players had difficulty ascertaining what organizations and whom within those organizations to contact when there was no previously established relationship or pre-determined plans for response coordination and risk assessments/mitigation. There was a general recognition of the difficulties organizations faced when attempting to establish trust with unfamiliar organizations during time of crisis."
English:
"Situation Normal, All Fucked Up."
Come to think of it, that's what your translation says, too.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
At least according to the blurb, it sounds like the organizations involved will probably be working on ways to communicate with each other better in times of crisis, probably by developing trust relationships ahead of time.
Assuming that's the case, it's exactly the kind of improvements we should expect to see from government agencies: identifying weaknesses, and working to eliminate them.
So, kudos to DHS, and may they successfully apply the lessons learned from this exercise.
Any sufficiently well-organized community is indistinguishable from Government.
it's hard to call people when the phone lines are down
also, it's hard to email people when the Internet is DDOSed
1. Reboot the internet
or
2. Restore the internet from yesterday's backup
Bush:
BUT I DONT WANT FREE VIAGRA, HOW DO YOU KEEP GETTING TO ME!?
This, combined with the submitter's bad line:
Honestly, what's with all hyphenated oxymorons? Normally I'm not a Grammar Nazi, but it feels like the left-right side of my grammar center just got a swift kick in the nuts.
Finally, I found it funny that at the bottom of TFA they had links such as "Digg this!"
However, they also had a "Slashdot this!"
To which I reply. "You keep using that word, I do not think it means what you think it means."
If this signature is witty enough, maybe somebody will like me.
We're all hopelessly paranoid, making trust impossible, and rigidly stratified, making flexible response or communication impossible, oh and so totally self-centered that the mere notion of cooperation causes outbreaks of hives
... no, I can't get money out of the bank machine either. But the good news is that the price of bread is down to ten cigarettes here in Wichita ...
Hello, FBI? Mid-level functionary from FEMA here. Nasty computer virus we're having, eh? Yeah, I haven't had power for a week either
Anyway, I know you've never heard of me, and have no way of verifying my identity. And I know we're in the middle of an unprecedented national crisis. But it would really help us out if you could forward all your operational plans and the locations of all your agents as soon as possible. You know, I really value your trust, flexibility, and co-operation on this one. 'Kay, thanks, bye.
Toronto-area transit rider? Rate your ride.
"DHS Publishes Report on Operation Cybertron"
The terrorists are after our energon cubes.
The FBI can't even get a modern computer to the majority of it's employees. FEMA "misallocated" (read: got suckered out of mucho money) more money than Bill Gates can come up with. DOT engineers have to fill out fifteen forms to receive a box of pencils. The IRS has to rely on outside collection agencies to retrieve back taxes. Veterans' benefits have been slashed - by a government - which claims to support our troops - creating more disabled veterans because of a war we had no business fighting (Iraq). The federal deficit is in the trillions, yet we cut taxes. How the hell am I supposed to be surprised that they can't maintain computer system security?
"Tu fui, ego eris" - Virgil
Sometimes it helps to simplify.
It may be too late at this point but can we please ban the word "[cC]yber" from use in the U.S. government? This can go for any other stupid, vague, technology fantasy land word as well. This kind of nomenclature just helps make us look like ignorant idiots the world over. Not that we needed it in that department.
Link to the actual DHS press release: http://www.dhs.gov/dhspublic/display?content=5431/
Could somebody please post this, if it exists?
This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
program seriously when it has the word "Cyber" in it. Sure, I realize that the original Terminator was a Cyberdyne Systems Series 800 Model 101, and that sounded really cool at the time. It doesn't anymore. They need to find another prefix for their project names.
The higher the technology, the sharper that two-edged sword.
... run in circles, scream and shout.
So everything's normal then?
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
Here: http://home.comcast.net/~plutarch/911.html
Being cube shaped, they must be transported in trucks which makes them vulnerable, instead of being moved around through a series of (secure) tubes.
[Fuck Beta]
o0t!
> "Clarifying roles and responsibilities across government, and clearly articulating expectations between public and private sectors will enable the advancement of processes and communications architecture to support the development and maintenance of situational awareness across sectors.
Here's the translation: We don't know who is going to do what, or how they are going to do it. So, we need a study (which will be done after the election and the campaign contributions are calculated) to find out.
(I can still speak bureaucratese, from when I was a social worker.)
Heh. Personally, my favorite is Yoyodyne. More tech-related things should use the yoyo- prefix. Darn -- Yoyosoft is already taken.
All one needs is 10-30k machines ddosing the root name servers for 2-5 days. Positive conclusions my ASS.
Believe me, if I started murdering people, there would be none of you left.
Government spends money inefficiently.
Let's analyze the sentence. First, Government...not the people, not corporations, not monkeys, just government. Second, spends money. Not saves money, not earns money, spends it. That's what they do. Third, inefficiently. Poorly, wastefully, full of fraud waste and abuse. Is anyone surprised that the government spent billions setting up DHS, updating NSAT&T's computers, creating huge bureaucracies, hundreds of new policies, etc., and none of it works?
Other than this text, there is no discernible information contained in this sig.
Hm ... Project YoyoStorm. I like it.
The higher the technology, the sharper that two-edged sword.
Actually the DNS root servers are a fairly resiliant target.
.com and .org, are too large to cache and the access is sparse. So if a TLD stops responding almost everyone will perceive the outage almost instantly.
.net is the home to many of the servers themselves - so there is a cross-TLD dependency.
The reason is that their data is so small - only about 250 names, the whole thing compresses down to less than 20K bytes - that it is well cached (and privately replicated.)
I've traced root server queries and most sites that don't reboot their resolvers will generate usually no more than a few hundred queries to the roots per month. If root servers stopped responding, most people would live out of their ISP's resolver caches for a long time, many people might not even notice unless root servers were inoperable for days.
On the other hand, the large top level domains (TLDs), such as
And
So a DDoS attack on TLD servers is more likely to cause trouble than a DDoS to root servers.
This is not anything new - several folks (such as Bruce Schneier) have written about this for years.
And I've been trying for years to get ICANN to actually get concerned. But they only pay attention to attacks on trademarks, prices, and whether accurate "whois" data.
But at least our pipes are secure. Oil pipes.
Obama likes poor people so much, he wants to make more of them.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
The Feds went way out of their way to make the situation worse. On purpose, planned, ordered as such. They clearly lied about when they knew what, by a large amount. They sent in goons and CUT communications lines for the locals, yes, CUT THEM, and the locals had a mexican armed standoff with those goons to get their comms back. Go ahead, look it up, it happened. They held back hospital equipment, held back ice, water, food, thousands of locals from further inland with boats coming down to evac people, yes, told them to GO HOME, forced them to turn around at gunpoint and with threat of arrest, while people were drownding, and brought in those disgusting blackwater mercenaries (fuck you blackwater you scum sucking murdering assholes) and just ran roughshod over everyone.
It was a real world live-fire training test to see how far they could push people around at the local level and take advantage of emergency situations, a test, it had NOTHING to do with "helping people". The federals are the enemy of the people now, they exist (their upper leadership who give all the orders) to take down the nation and replace it with a big fat second world master/slave second world styled creation called the north american union.
All this stuff is verified, it's all there hiding in plain sight, all one has to do is to lay it all out in front of you and just *look* at the evidence. It doesn't take much to parse what is going on combined with all the other weird stuff the feds do.
Here's a link to the Operationg Cyberstorm Report on the DHS web site.
My blog
anyone can lookup a netblock with arin.net
then simply call the phone number of the network owner.
that is easy.
the government is so caught up in buying expensive shit to solve non-existant problems, they have forgotten basic net troubleshooting.
They're using their grammar skills there.
It is the nature of both military and government in general (esp. military) to operate under a chain of command. When this link is broken, no one is used to thinking for him/herself. When we teach "yes sir, no sir", we do a disservice to the critical thinking and independent decision making that would have helped out here.
Meh
Though his cover story was that he was looking for UFO's.
"There was a general recognition of the difficulties organizations faced when attempting to establish trust with unfamiliar organizations during time of crisis."
:-)
This is the same conclusion the Berkeley and MIT folks came to in the post-mortem of the Morris worm back nearly twenty years ago. The MIT hackers and the Berkeley hackers had trouble establishing trust when trying to communicate to debug and close the vulnerabilities on the Sun3 and VAX machines that were propagating the worm. And if my memory serves me correctly, that's how CERT got established, i.e. as an ongoing body that could be trusted to communicate security related info.
No disrespect meant to the DHS. I find it reassuring that they did an honest enough analysis and therefore came to the same sensible conclusion.
Yes, I'm old.
anonymous (canadian) coward