Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Storm II Set To Begin

Posted by Soulskill on from the the-revenge dept.

mr sanjeev notes that Computerworld is running a story about Cyber Storm II, set to run from March 11th until the 14th. The exercise will test the security of the US, Australia, the UK, New Zealand, and Canada. The organizers' goals are to test preparedness and responsiveness in relation to real-time threats. The previous Cyber Storm test identified "eight specific areas in need of improvement." We recently discussed the details of the tests themselves. From Computerworld: "Security experts said the first Cyber Storm event last year improved participants' understanding of who to call in the event of an attack, but did not identify specific vulnerabilities in the nation's computer systems. 'What they're trying to do is highlight the inefficiencies in the process,' according to Marcus Sachs, deputy director with research group SRI International's Computer Science Laboratory. 'They're not really looking for technical solutions.'"

36 comments

  1. MICROSOFT IS WORKING ON SOMETHING LIKE THIS! by Mr.Ballmer · · Score: -1, Offtopic

    Just wait for the real thing people! http://fakesteveballmer.blogspot.com/

  2. Funny and everything, but... by Anonymous Coward · · Score: -1, Offtopic

    How do I get Quake 3 to run on Linux?

    1. Re:Funny and everything, but... by brezel · · Score: 2, Funny

      How do I get Quake 3 to run on Linux? ./quake3 ?
    2. Re:Funny and everything, but... by Almahtar · · Score: 1

      I would mod you funny, but I used all the points yesterday. Dangit.

    3. Re:Funny and everything, but... by brezel · · Score: 1

      hehe :)

  3. pointless by OffTheLip · · Score: 3, Interesting

    Why do I not feel like anything was learned from the previous go round "http://arstechnica.com/news.ars/post/20080306-pentagon-attack-last-june-stole-an-amazing-amount-of-data.html"

    1. Re:pointless by OMNIpotusCOM · · Score: 1

      Yeah, we learned to invite China next time. Maybe that way they won't hire out their tweeners to hack our site in their downtime from gold farming in WoW

    2. Re:pointless by Anonymous Coward · · Score: 0

      That was a real attack, so it doesn't count towards their grade. This is an exercise. They've prepared for this and hope to improve their score from last time.

    3. Re:pointless by lunartik · · Score: 4, Insightful
      Most commenters seem to miss the point of what they are doing. It doesn't sound like they are getting together and probing each others networks, or getting involved in this in very minute technical details (but they could be). That is not what these sorts of exercises are usually about. The article says that the first exercise "involved nine large IT firms, six electricity utility firms (generation transmission and grid operations) and two major airline carriers. "

      In fact, the article calls this a "hacking exercise" but says:

      A Cyber Storm report was released following the exercise in February last year which identified eight specific areas in need of improvement.

      These included better inter-agency coordination, the formation of a training and exercise program, increased coordination between those involved in cyber incidents, the development of a common framework for response and information access, as well as the development of a strategic communications and public relations plan.

      Security experts said the first Cyber Storm event last year improved participants' understanding of who to call in the event of an attack, but did not identify specific vulnerabilities in the nation's computer systems. What they were likely doing was role-playing major systems getting corrupted, altered or going off-line. There is a non-technical side to such an event that needs to be thought about and practiced. When a crisis happens, there will be a period of chaos, which you quickly need to get under control and then fix. Say you were an airline, and air traffic systems went out. What do you do with your planes? Your passengers? Who is your contact at the Federal government? Who do they report to? Who are they speaking for? What assistance can they provide? Who are your contacts at other airlines? Who is in charge of communicating with the airports? Does finance have money available to put passengers in hotels if necessary? Who in finance is can make those decisions? Who are your contacts at the hotels? What assistance will they provide? What are our plans for handling major schedule disruption? How long would it take to get the planes back online and normal service resumed?

      If the exercise tells you that your systems have been infiltrated, you could imagine similar questions raised.

      The idea is to get people thinking about what their specific role is and understanding it. We always told people there are no wrong answers, they are not graded. The facilitator guides the exercise and observes how well things go, and makes recommendations afterwards.
    4. Re:pointless by Jeruvy · · Score: 1

      Well if you lose your flight, or can't get money from an ATM, or other such day to day activity stops, just think of all the good coming from these games.

      Where can I get rose colored glasses?

      --
      Jeruvy
    5. Re:pointless by Dennerman · · Score: 1

      This is a fairly accurate representation of the Cyber Storm II exercise and well said. Technical folks often forget that there are other issues at a different level that have just as much validity in the preparation for and protection against such attacks. That is what this exercise is focused on.

  4. How did the first one help? by Anonymous Coward · · Score: -1

    The first one didn't prevent an "amazing amount" data from being stolen from the Pentagon.

    http://it.slashdot.org/it/08/03/08/0213228.shtml

    Let's hope this ain't another PR exercise...

    1. Re:How did the first one help? by PopeRatzo · · Score: 5, Insightful

      Friend, it's all a PR exercise. In the next seven months, we're going to be hearing about every possible type of attack. If you were to judge the state of the world by the media coverage in the coming months (thanks to a lazy, complicit press), you would think that every other human living on earth is a satanic terrorist, looking to kill your babies.

      History books will look back on our current confluence of Terrorism and War as a type of madness. It will judge harshly the weak-hearted "leaders" who used fear to govern.

      One thing, though: The past seven years has certainly changed my opinion of the Second Amendment. And I choose to extend the "right to bear arms" to the "cyber" type, including the best crypto I can find. Maybe not to use every day, but to keep for the inevitable.

      --
      You are welcome on my lawn.
    2. Re:How did the first one help? by Bob9113 · · Score: 1

      Brief, to the point, and insightful. I wish I had mod points. Thanks!

      --
      Stop-Prism.org: Opt Out of Surveillance
    3. Re:How did the first one help? by lunartik · · Score: 2, Insightful

      It is not a PR exercise (well, maybe it is, I haven't read TFA), these types of scenarios are used all the time for crisis testing. I used to help run part of a major multi-national's crisis team, and the main goal in table-topping various disaster scenarios is not to drum up some mass paranoia, or even to exercise more likely minor events. The goal is to come up with something large enough to involve all, or most, members of the team. Too often people are tasked with a crisis function on top of their "real" job, and it is something they will hardly ever be called upon to perform. So you pull them together, give them a scenario, and basically you role-play it. The idea is that they need to become familiar with their specific role, what the other members roles are, and the decision-making and communication structure. Afterwards, you assess how it went, and make suggestions for improvement. We did this all the time. It generally had nothing to do with terrorism (weather or infrastructure failures were more likely scenarios, but sometimes terrorism, crime or political instability were used).

    4. Re:How did the first one help? by noidentity · · Score: 1

      It is not a PR exercise (well, maybe it is, I haven't read TFA), these types of scenarios are used all the time for crisis testing.

      If it had nothing to do with PR, it wouldn't have even been mentioned to the press. When's the last time they reported on a fire drill or internal audit?

    5. Re:How did the first one help? by kesuki · · Score: 1

      Sir, there are plenty of hackers who are entirely motivated by greed. Most of those, probably have nightmares about being shot if they talk about what they do every day, that earns them good money without working hard. If they're the type who don't have nightmares then sir you should be worried. Those Are the type of people who Enjoy their work, breaking the law, and have no qualms about staying hush hush. It didn't take long for organized crime to realize the potential of the internet, and depending on how you count the score they're taking a couple billion, to tens of billions each year from the people who earned it, to the people who knew how to steal it.

      of course, this practice is just pr, and most of what's been done has done almost nothing about the crimes being committed online, or ways to stop them... this is all just practice preparing for what if scenarios that pale in comparison to what's really being done. exploits that install rootkits that can't be detected, neither while it's being installed, nor while it's running, not even by the best of anti virus or anti rootkit technology... that puts the data in places that can't even be read much less submitted to anti virus/anti rootkit vendors... really quite scary stuff.

      I am in the process of trying to figure out how to submit just such a rootkit, right now I'm running dd with special options so it can read and write the whole cd-rom, then i have to figure out how to submit such a large file, i can use the unix split command to make them 19 mb a piece so i can e-mail it through gmail, but that's a lot of work... might be easier to find some place to upload it, that i could give a password to dl it from there... but dd is getting stuck at 133 MB even though i know the disc has more than 200 mb of data... k3b was only able to extract 3 of the 4 tracks... the 4th one is 'incomplete' but that doesn't prevent it from installing a rootkit on windows.

      --
      https://www.gnu.org/philosophy/free-sw.html
    6. Re:How did the first one help? by lunartik · · Score: 1

      If it had nothing to do with PR, it wouldn't have even been mentioned to the press. When's the last time they reported on a fire drill or internal audit? I didn't say it has "nothing to do with PR," I said it wasn't a PR exercise. The article quotes politicians, who are of course looking for PR. The article has everything to do with PR. The actual exercise probably has very little to do with it.
    7. Re:How did the first one help? by RKBA · · Score: 1

      "One thing, though: The past seven years has certainly changed my opinion of the Second Amendment. And I choose to extend the "right to bear arms" to the "cyber" type, including the best crypto I can find. Maybe not to use every day, but to keep for the inevitable."
      Welcome to the "Right to Keep and Bear Arms" club. The way things are looking, we may need to use all the weapons in our arsenals to restore Constitutional government and defeat the ruling fascists.
      ~ RKBA
      --
      9/11 Eyewitnesses to Explosive WTC Demolition 1 of 2
    8. Re:How did the first one help? by PopeRatzo · · Score: 1

      Welcome to the "Right to Keep and Bear Arms" club.


      Thank you, RKBA.

      I think the thing that made me take so long to realize the importance of the Right to Bear Arms was my lack of imagination when it comes to what "Arms" can mean.

      Living in a big city, it was easy for me to see why wider availability of cheap handguns might be a problem. Now that I look at "arms" more broadly, I can see the importance of that right.
      --
      You are welcome on my lawn.
  5. I know what to do by call-me-kenneth · · Score: 0

    I'll be wearing my cyber-mackintosh and a cyber-umbrella. Also cyber-wellies.

  6. I had one of these! by schon · · Score: 1

    In my Amiga 3000. Was pretty cool, at the time.

    1. Re:I had one of these! by nogginthenog · · Score: 1

      I still have one in my A4000! Mine doesn't have a fan though (doesn't seem to be a problem...).

  7. Your mission by StarfishOne · · Score: 2, Funny
    Your mission, if you choose to accept it, is to prevent certain military groups from sending sensitive information about Air Force One.

  8. Ready Set Go by sciop101 · · Score: 3, Funny
    The call-lists are up-to-date. The start/stop dates are set. Did we forget anything?

    Our recent unknown intruder penetrated using the superuser account, giving him access to our whole system.

    LET THE GAMES BEGIN.

    I still feel I forgot something.

    --
    The only thing new in this world is the history that you don't know.[Harry Truman]
  9. Will they... by another+joe · · Score: 3, Informative

    ...invite these folks? http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html Never mind, they don't need an invite.

  10. I hope they get strong corporate backing ... by chronosan · · Score: 1

    Everyone knows sequels suck, I'm waiting for the third edition.

  11. The perfect date by nurb432 · · Score: 2, Interesting

    To do *real* break-ins. Yours might get lost in the noise of the 'test'.

    --
    ---- Booth was a patriot ----
  12. There has already been the denial of WoW attack by dbIII · · Score: 1

    OK, co-incidence but still annoying.

  13. Invite the general public to participate? by hughperkins · · Score: 1

    Could it make sense to hide some arbitrary data (string of random letters lets say), on a secured network, and give authorisation for anyone anywhere to attack this network, attempt to obtain the letters?

    First one to get the letters gets USD500 000; with an extra USD500 000 if they can describe how it was done sufficiently for other people to be able to reproduce these steps. (So, half a million for succeeding, half a million for communicating how they succeeded).

  14. Botnets got there first... by Anonymous Coward · · Score: -1

    If you want to conduct a meaningful cyber wargame, you need to launch worms that will spread rapidly through known vulnerabilities in defective operating systems and applications. The resulting worm swarm should build its own secure network on top of the Internet. To make it a "war" game, multiple worm swarms controlled by different players need to be involved, competing for communications assets and demonstrating the ability to deny communications assets to others.

    No need to simulate that - the real war already in progress, and so far it appears that U.S. based forces are coming in far behind the Russians and Chinese.

    The Cyber Storm wargames are something completely different. The focus is on traditional information warfare. The real objective appears to be a capability of shutting off the flow of information from and between "unauthorized" political actors (you and me for instance), without shutting down Internet assets of commercial, C3I, and propaganda value to State and Corporate actors.

    When Rumsfeld said "fight the Internet", he meant exactly that. See you on the barricades... :)

  15. Corporate Wars? by Lunatrik · · Score: 1

    Every time I see articles about Cyberstorm it brings me back to the old Cyberstorm strategy games. I wish they still made those (or something similar).

    On a side note, if these games teach us anything it's that Cyberstorm 1 will have been a heckofalot better than 2 :)

    1. Re:Corporate Wars? by Anonymous Coward · · Score: -1

      Glad I'm not alone on that - I agree with you on all counts.

    2. Re:Corporate Wars? by Fuzzlekits · · Score: 1

      These corporate wars? http://www.gamespot.com/pc/strategy/cyberstorm2corporatewars/index.html I missed not getting to play the original Cyberstorm. Hexes were a much better play surface than squares. Maybe someone should make sure they're using Hexes for the second operation, might suck less...

  16. The DoD could use some friendly probing. by cavebison · · Score: 1

    If they break into a chorus of Moon River, something definitely got past the ring of protection.

  17. You know, the funniest thing happened ... by psycho+sparky · · Score: 1

    At half past nine this morning we were actually running an exercise for a company of over a thousand people in London based on simultaneous bombs going off precisely at the railway stations where it happened this morning, so I still have the hairs on the back of my neck standing up right now.