Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Storm II Set To Begin

Posted by Soulskill on from the the-revenge dept.

mr sanjeev notes that Computerworld is running a story about Cyber Storm II, set to run from March 11th until the 14th. The exercise will test the security of the US, Australia, the UK, New Zealand, and Canada. The organizers' goals are to test preparedness and responsiveness in relation to real-time threats. The previous Cyber Storm test identified "eight specific areas in need of improvement." We recently discussed the details of the tests themselves. From Computerworld: "Security experts said the first Cyber Storm event last year improved participants' understanding of who to call in the event of an attack, but did not identify specific vulnerabilities in the nation's computer systems. 'What they're trying to do is highlight the inefficiencies in the process,' according to Marcus Sachs, deputy director with research group SRI International's Computer Science Laboratory. 'They're not really looking for technical solutions.'"

9 of 36 comments (clear)

  1. pointless by OffTheLip · · Score: 3, Interesting

    Why do I not feel like anything was learned from the previous go round "http://arstechnica.com/news.ars/post/20080306-pentagon-attack-last-june-stole-an-amazing-amount-of-data.html"

    1. Re:pointless by lunartik · · Score: 4, Insightful
      Most commenters seem to miss the point of what they are doing. It doesn't sound like they are getting together and probing each others networks, or getting involved in this in very minute technical details (but they could be). That is not what these sorts of exercises are usually about. The article says that the first exercise "involved nine large IT firms, six electricity utility firms (generation transmission and grid operations) and two major airline carriers. "

      In fact, the article calls this a "hacking exercise" but says:

      A Cyber Storm report was released following the exercise in February last year which identified eight specific areas in need of improvement.

      These included better inter-agency coordination, the formation of a training and exercise program, increased coordination between those involved in cyber incidents, the development of a common framework for response and information access, as well as the development of a strategic communications and public relations plan.

      Security experts said the first Cyber Storm event last year improved participants' understanding of who to call in the event of an attack, but did not identify specific vulnerabilities in the nation's computer systems. What they were likely doing was role-playing major systems getting corrupted, altered or going off-line. There is a non-technical side to such an event that needs to be thought about and practiced. When a crisis happens, there will be a period of chaos, which you quickly need to get under control and then fix. Say you were an airline, and air traffic systems went out. What do you do with your planes? Your passengers? Who is your contact at the Federal government? Who do they report to? Who are they speaking for? What assistance can they provide? Who are your contacts at other airlines? Who is in charge of communicating with the airports? Does finance have money available to put passengers in hotels if necessary? Who in finance is can make those decisions? Who are your contacts at the hotels? What assistance will they provide? What are our plans for handling major schedule disruption? How long would it take to get the planes back online and normal service resumed?

      If the exercise tells you that your systems have been infiltrated, you could imagine similar questions raised.

      The idea is to get people thinking about what their specific role is and understanding it. We always told people there are no wrong answers, they are not graded. The facilitator guides the exercise and observes how well things go, and makes recommendations afterwards.
  2. Re:Funny and everything, but... by brezel · · Score: 2, Funny

    How do I get Quake 3 to run on Linux? ./quake3 ?
  3. Re:How did the first one help? by PopeRatzo · · Score: 5, Insightful

    Friend, it's all a PR exercise. In the next seven months, we're going to be hearing about every possible type of attack. If you were to judge the state of the world by the media coverage in the coming months (thanks to a lazy, complicit press), you would think that every other human living on earth is a satanic terrorist, looking to kill your babies.

    History books will look back on our current confluence of Terrorism and War as a type of madness. It will judge harshly the weak-hearted "leaders" who used fear to govern.

    One thing, though: The past seven years has certainly changed my opinion of the Second Amendment. And I choose to extend the "right to bear arms" to the "cyber" type, including the best crypto I can find. Maybe not to use every day, but to keep for the inevitable.

    --
    You are welcome on my lawn.
  4. Your mission by StarfishOne · · Score: 2, Funny
    Your mission, if you choose to accept it, is to prevent certain military groups from sending sensitive information about Air Force One.

  5. Ready Set Go by sciop101 · · Score: 3, Funny
    The call-lists are up-to-date. The start/stop dates are set. Did we forget anything?

    Our recent unknown intruder penetrated using the superuser account, giving him access to our whole system.

    LET THE GAMES BEGIN.

    I still feel I forgot something.

    --
    The only thing new in this world is the history that you don't know.[Harry Truman]
  6. Will they... by another+joe · · Score: 3, Informative

    ...invite these folks? http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html Never mind, they don't need an invite.

  7. The perfect date by nurb432 · · Score: 2, Interesting

    To do *real* break-ins. Yours might get lost in the noise of the 'test'.

    --
    ---- Booth was a patriot ----
  8. Re:How did the first one help? by lunartik · · Score: 2, Insightful

    It is not a PR exercise (well, maybe it is, I haven't read TFA), these types of scenarios are used all the time for crisis testing. I used to help run part of a major multi-national's crisis team, and the main goal in table-topping various disaster scenarios is not to drum up some mass paranoia, or even to exercise more likely minor events. The goal is to come up with something large enough to involve all, or most, members of the team. Too often people are tasked with a crisis function on top of their "real" job, and it is something they will hardly ever be called upon to perform. So you pull them together, give them a scenario, and basically you role-play it. The idea is that they need to become familiar with their specific role, what the other members roles are, and the decision-making and communication structure. Afterwards, you assess how it went, and make suggestions for improvement. We did this all the time. It generally had nothing to do with terrorism (weather or infrastructure failures were more likely scenarios, but sometimes terrorism, crime or political instability were used).