Slashdot Mirror
Details of Cyber Storm War Games Released
I Don't Believe in Imaginary Property writes "Apparently, the participants in the U.S. 'Cyber Storm' war games are familiar with the Kobayashi Maru, because some of them tried to cheat by hacking the games themselves. They also prepare for some very interesting scenarios. Among other things, the organizers are worried about having too many people on the 'No Fly' list show up at an airport, finding 'mystery liquids' in the subway, and having bloggers reveal the classified location of railcars with hazardous materials. The Department of Homeland Security has already analyzed the results of the games, and plans to hold 'Cyber Storm 2' in March."
how about a game of global thermo nuclear war?
Have any details on how these "games" are actually run? I'm interested in how they simulate everything...is it just a mock control room with a game server hooked up to everything instead of the real world, or do they actually use real world utilities and networks to do this? I read the article but it was more newspaper-speak than technical details.
Obligatory blog plug: http://www.caseybanner.ca/
Thanks.
Does anyone else feel like a huge nerd for knowing what the Kobayashi Maru is?
Paedicabo vos, et immurabo...
...there are spies, profiteers, and anarchists that would do things like that. So I guess it was a successful experiment to see what just might happen.
Eviscerate the Proletariat!
Seems to me that the two cases would have equal consequences and equal risk levels, and that no other individual could possibly modify those values significantly, reducing the security through obscurity to someone's job security through obscurity. Tell me, why should I care about this person's job more than I care about any potential risk to my wellbeing?
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
People find mystery liquids on the subway all the time. It's called "urine".
I find it interesting that they call hacking the game itself "cheating."
Reminds me of when I was in college and us CS people used to get together and play a computerized version of capture the flag. The premise of the game was simple enough -- players were divided into 4 teams of 2-3 people each, and each team got a machine that came pre-loaded with an older unpatched version of Linux that had well known and published security vulnerabilities (something like Red Hat 7.3). Each machine had 4 services running on it -- typically SSH, Bind, Apache, and telnet (yeah...*sigh*). Each of those services came configured to return a certain string (the so-called flag) when queried by a master scoring server that ran a fairly simple Python script. The script ran once every minute and then displayed up to date team scores on a video projector. The rules of the game stated that we could not patch the machine or use IPtables to lock down the machine. Anything else was fair game. The machines and the scoring server were all networked together on small private network, and each team was given one additional network drop to do with as they pleased.
Anyway, one night we got together to play CTF and there were only enough people for 3 teams of two. Since that doesn't make for such an interesting game, one of our professors who was just supposed to be observing decided to join in and be on his own team. As soon as the game started, everyone went to work furiously trying to defend their boxen and then the real fun -- the attacking -- began.
We were all quite surprised when the first round of results came in and our professor hadn't had anyone hijack his machine. He also evidently hadn't attacked anyone else. The night went on and each of the student teams went back and forth, attacking and defending, but our professor stayed the same -- he neither had anyone successfully compromise his box, nor successfully compromised anyone elses.
The last few minutes of the game saw my team dead last, our professor in third place, and two other teams above us. 5 seconds from the end, our professor's score suddenly increased to an ungodly high (and according to the rules unattainable) score, with the rest of our scores getting set to zero. As the clock ticked down and the game came to an end, we were befuddled as to what happened.
Suddenly it dawned on us -- our professor had spent the entire time hacking the scoring server (which was supposed to have been an up to date, secure Linux install) and replacing the Python scoring script with one of his own, all to his advantage. At some point during the game, he had actually replaced the running script with his own, without any of us ever noticing. We were all in awe and amazement at his creativity -- the idea to do such a thing had not even occurred to any of us. We learned several valuable lessons that night, one of which was that the mind of a creative attacker may not be confined solely within the nice little security box that you place it in. That, and never mess with your professors!
echo $SIG
I love how the Feds find uncensored and uncontrolled free press a "threat".
Reading that article really opens eyes as to the real inside of our government. The founding fathesr have got to be spinning at 30-40 thousand RPM in their graves by now.
Do not look at laser with remaining good eye.
I just want to know:
1. How much does it cost per month to play?
2. Does it support DirectX 10, and
3. Where do I sign up for the Cyber Storm Goonswarm?
You are welcome on my lawn.
I've been in a position to analyze various infrastructure systems for several large cities in my life, and I can tell you that they are not thinking this through correctly. The best cyber storm possible is one that you have not prepared for, nor thought of, and to even begin to contemplate them, like a chess playing program, you have to know ALL possible moves. As an example of what I'm hinting at, the recent cable cut that killed the Internet pipe to a large part of the middle east was NOT anticipated. Sure, there were re-routes, but every possible combination of data loss, connectivity loss, and possible system intrusion cannot have been prepared for.
You see, one big accident that allows in just the right trojan, followed by something akin to the butterfly effect, and in 47 days all kinds of Internet hell breaks loose. It might even take two such accidental outage events to place all the trojans where they need to be. Then when all is in place the silent enemy takes over what you have been protecting for so long.
Neither you nor I can determine with zero error exactly where a DDoS attack will overwhelm the right system resources to allow take-over of the desired systems. Yes, this spaghetti mess of events is something that cannot be fully prepared for, so saying that the test was successful and that you are safer now is absolutely head-up-your-ass stupid.
Until the test team knows ALL possible flaws, a full cyberwar test is not possible. Simulating real life systems in isolation removes those little annoying system weak spots that can be exploited. I dare say that there are NOT enough people in the NSA to create a test group large enough to handle even one large metropolitan area, never mind a full state, or say the tri-state area near NYC.
I'd like to see the data sets that they are using for the testing system simulations.
sigh
Support NYCountryLawyer RIAA vs People
Why does did sound like the plot to war games 2?
http://en.wikipedia.org/wiki/WarGames_2:_The_Dead_Code
the movie has a system that sounds alot like the one talked about hear.
With Side do you want?
1. U.S.A
2. U.S.S.R
http://yellow5.com/pokey/archive/index397.html
(rot13) rpbzbab@tznvy.pbz
"http://www.dhs.gov/xlibrary/assets/prep_cyberstormreport_sep06.pdf
From the report, it looks like everything was simulated. "
Oooooooook, which of you jerks put goatse boy there?
Need Mercedes parts ?
Am I the only one that thought of the old Dynamix games "Cyberstorm" and its sequal Cyberstorm 2: Coporate Wars when reading the title?
as does everyone who drives on the NJ Turnpike. do I win?
What about China's reaction to unforseen disaster? Currently they are suffering a huge week long bizzard that has stranded millions of people who were travelling home for Chinese new year. At one station alone there were several hundered thousand people waiting several days for the trains to restart.
People stuck in a blizzard is nothing new in China, what I found interesting was the government has made a rare official appology to the people for being unprepared for the magnitude of this particular storm. Politicians are turning up at train stations and adressing the massive crowds with bullhorns, appologising profusely while explaining that the trains can't run until the power lines are back up and the tracks are cleared.
Some people were complaining, but the majority were spontaneously applauding and cheering the guy with the bullhorn.
BTW: I realise that the news from China is tainted with propoganda and a poloitician with a blowhorn won't get the trains back any faster. However, since they have a million troops working on the clean up, have hailed 6 electrical workers who died trying to restore power as national heros, plus the afforementioned apology for something they could not realistically prevent, I think the applause is not entirely hollow.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
I haven't seen anything but their say so that the cut was an accident. It could have been deliberate to slow down middle eastern stock market transactions, to try and avert a meltdown...just sayin'.... or something else. Could be a lot of things. I don't know but so far ain't buying the story as advertised. It might be true, but it smells bad. We have one report that says ships got "ordered" to go anchor in an unusual place..this is a clear WTF? episode then. Why they do that? Plausible deniability excuse some "ships anchor" did it?
Whenever there is a HUGE screwup, judging by past historical references and parallels,.... with big business or governments, it pays to reject the first official "explanation".
The question is what the goal of the exercise was.
Sometimes, these exercises are "free for all". There's a scoring system and you win if you get the highest score, good luck.
Sometimes, though, there are more refined goals. If the goal of the exercise is to evaluate different reactions to a given threat, for example, then taking away that threat by whatever creativity you bring isn't a "smart move", it's breaking the game because removing the threat wasn't the goal, and by doing so you make it impossible for the exercise to reach its goal.
That reminds me of the US general who played a wargame at the start of the Iraq war. He played the Iraqis, and through clever use of everything he had, including guerilla tactics, concentrating on fighting street battles, misdirection and other tactics, he actually managed to beat the invading US forces. That probably gave them a little shiver. They also fired him from the war games. At first I thought that was dumb. But later news reports were more detailed and revealed that he had not, in fact, been given the goal of trying to win or playing the Iraqi forces as best as he could, but to lead them through a scenario of pre-planned basic strategies. He didn't win the game, he ruined it, because the goal was to analyze specific scenarios, not to find out who would win a sandbox version of Iraq.
Assorted stuff I do sometimes: Lemuria.org
Thank you for reminding me why I learn Japanese instead.
OSx86 FTW
Indeed - there have been plans to generate power from the corpses of America's founding fathers, but there are a few issues with the drivetrain and transmission - The big one is, how would you attach a flywheel to a power plant that doesn't fall below 25krpm, even at night? Once that's dealt with, the transmission can be rev-matched to the power plant using a series of starter engines (the power plant, being composed primarily of rotting organic material, WILL NOT stand up to any shock), finally with a "starter turbine" that would match the power plant speed (controlled by a computer with inputs from precision tachometers on the transmission on flywheel), then a strong clutch can be engaged, then through multiple gear reduction using a series of differential gears, energy is transferred to a huge generator, and everything will be good to go. It's just that one big problem preventing this clean energy from being put to use.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Does this class and professor still exist, where do I sign up!
: )
Sounds like my kind of fun
l0ser, ha ha
My big question is, how do *I* get involved in the game?
.0.1 older than kernel.org. The exploit was known to crash kernels over .1.? older than mine. There was no mention of patching it in the changelog, but upgrading the kernel beyond the distro kernel fixed it.
:)
It's nice and all to hire private 'security' companies, and have all the agencies beating up on it, but it's already been proven that the most dangerous folks out there are just regular folks (regardless of age). Regular people are the ones finding the exploits to break perfectly good security. It's not a 'security' company with a library of those works who are the most dangerous threats, it's the kid who just figured out an exploit on his own and hasn't released the information to anyone.
I'd like to play, just for the sake of trying. What damage could I do in an environment set up to test how much damage could be done?
I've had labs set up for exactly that over the years. I'd do my own penetration testing, and then use other tools. I've actually slipped up on occasion, and accidentally crashed a machine that I thought was bullet proof. I took a fully patched and current machine, and absolutely beat on it. I left top running on the console, just to see that things were still happening, and the machine hadn't gotten overloaded. I finally ran another penetration testing program on it, and mid-run the machine crashed.
As it turns out, the test that was being run when it died was a test for an older kernel exploit. I was running the current kernel from the distro, but it was
This has found bad things quite often. What if a simple "nmap -sV -O" were to stop a custom server? I've seen it happen, but it would only stop it on particular ports, because those are the only ports that nmap touched. It solved a long standing mystery with that group, but made a new headache that they needed to fix the oops.
What if the test infrastructure wasn't set up to protect against something as simple as flooding a core router IP? Wouldn't that be significant to know? What if.. what if..
How long would a network survive, if they invited all Slashdot readers to do their worst to it? That would be with the agreement that the people involved would disclose any method they used to damage the network?
As I found, no matter how bad *I* try to be to any network I've tested, I've always had worse with high traffic environments. As I always explained, with over 6 million daily viewers, if say 0.01% of them were semi-capable hackers, that still leaves an awful lot of people trying to damage my equipment. I had a lot of practice defending things.
Serious? Seriousness is well above my pay grade.
Well, the point of war games is to simulate real-life scenarios, so cheating is not constructive, no matter how clever it is.
...and the point of war is to win, by any means nessecary. The only rules that wargames should have is to protect the physical safety of the participants. (otherwise it would't be wargames but just simply war.)
You cannot 'cheat' at war. Anything goes, that is the point. So, the only 'cheating' that could occur in a wargame, would be doing something unsafe. Say like using live ammunition rather than blanks.
The point of wargames is to prepare for possible situations, and train people how to react to them. If you fail to anticipate a situation, you have a weakness that can be exploited.
I think this was a great ploy by the attackers, and a valid case to considder: what happens if in cyber-warfare, the attackers choose to attack your information gathering organs on the internet, rather than just selected assets?
Bravo, red team, bravo.
HA! I just wasted some of your bandwidth with a frivolous sig!
I'm sure that a cyber game test of this magnitude would reveal weaknesses; the shear number of players, incidents, options.... the senario would be infatismal... Just wonder what changes are going to be put in place to improve results of #2? Wonder if 'master control' has a view similar to the link below, except with much more detail?...... http://www.globalincidentmap.com/home.php one2busy07