Pennsylvania Participates in Nation's Largest Simulated Cyber Attack Exercise

HARRISBURG , Pa., March 21 /PRNewswire-USNewswire/ -- Pennsylvania was a key player in the nation's largest and most comprehensive cyber security exercise ever organized. The five-day, simulated series of attacks, called Cyber Storm II, began March 10 and concluded March 14 .

Pennsylvania was one of nine states, five countries, 18 federal agencies, 40 companies and 10 information-sharing and analysis centers that took part in the event, which was hosted by the U.S. Department of Homeland Security.

Participants were able to gauge how they respond to incidents of this magnitude and to decide what tools they need to become even better prepared to counter simultaneous and coordinated attacks on the global cyber infrastructure. Information technology, communications, chemical and transportation systems and assets were specifically targeted during the week.

Pennsylvania's involvement in Cyber Storm II included the participation of more than 100 people from 10 commonwealth agencies.

"With today's reliance on information technology, and the inter-connection between federal, state and local governments and our private sector partners, it is critical that we remain vigilant and are proactive in dealing with cyber threats," said Brenda Orth , deputy secretary for information technology and the commonwealth's chief information officer.

Throughout the week, players responded to nearly 1,800 "injects," or specific pieces of information that noted a potential cyber incident had occurred and required a response. However, some injects were, essentially, distractions intended to take player focus off of information that posed a real threat. Injects were sent to players via phone, fax, e-mail, in person and posted on the Cyber Storm II Web site.

The Department of Homeland Security plans to host several post-exercise conferences to discuss the findings from the exercise and finalize an after-action report that will be released during the summer. In addition, Pennsylvania, and each participating organization, will assess its own performance and develop its own plan of action for strengthening its cyber security efforts.

"We have already started the self-evaluation process in Pennsylvania," said Orth. "We will take the lessons learned from Cyber Storm II and apply them to improve upon our every day incident response practices."

For more information on what Pennsylvania is doing regarding information security, visit


Mia DeVane

(717) 772-4237

Nancy Beckwith

(717) 346-2194

SOURCE Pennsylvania Office of Administration