Homeland Security Wraps up First Mock Cyberattack

'Cyber Storm' stages mock attack on network infrastructure affecting energy, telecom sectors


The government has ended its first large-scale mock cyberattack, aimed at gauging the nation's readiness to handle such threats, the Department of Homeland Security said Friday.

The weeklong exercise, dubbed "Cyber Storm," was organized by the department's National Cyber Security Division and 115 public- and private-sector partners. It was designed to model the coordination among government and industry necessary for responding to and recovering from "large-scale" intrusions affecting the energy, information technology, telecommunications and transportation sectors.

"Preparedness against a cyberattack requires partnership and coordination between all levels of government and the private sector," Homeland Security Under Secretary for Preparedness George Foresman said in a statement Friday. "Cyber Storm provides an excellent opportunity to enhance our nation's cyberpreparedness and better manage risk."

What remained unclear was the extent to which the exercise proved successful. The agency said it plans to compile responses from all of the participants and to issue a final report this summer assessing Cyber Storm's performance.

Bob Dix, an executive vice president for Dallas-based Citadel Security Systems, which participated in the simulation, said "We won't have the results for a little while yet." But the very organization of the program, he said, symbolizes "how seriously people are taking (cybersecurity), to try and simulate a situation so that we can evaluate our preparedness and take the necessary steps ahead of time to improve on that."

Homeland Security officials revealed few details about the project, except to say that all attacks were "prescripted and executed in a closed and secure environment, eliminating any external distress to participants' day-to-day systems during the exercise." One of the incidents, for example, simulated the breach of a utility company's computer system and subsequent power grid disruptions.

The main "control center" for the game was located at U.S. Secret Service headquarters in Washington, D.C. Within the U.S. government, seven cabinet-level departments, including Justice, Commerce, Defense and Treasury, along with the U.S. military, the CIA, the National Security Agency, the FBI and the American Red Cross, participated. Among the other private businesses on board were Intel, Microsoft, Symantec, McAfee and Verisign. Representatives from the governments of the United Kingdom, Australia, New Zealand and Canada also were involved.

"The exercise is critical because it brings it out of the abstract," said Paul Kurtz, director of the Cyber Security Industry Alliance, which counted some of its member companies among the exercise's participants.

"Most importantly, it's not just proving plausibility, it's, 'What do we do? Who does what?'"

The nationwide exercise marked one of several steps that Homeland Security has been taking in recent months as it attempts to raise its cybersecurity profile. Government auditors and cybersecurity analysts have charged that the feds are not living up to their responsibilities in that realm.

The test was originally supposed to occur during the fall but was postponed because many of those assigned to coordinating the task were bogged down by the aftermath of Hurricanes Katrina and Rita.

The department has also lagged in installing an assistant secretary for cybersecurity, a post suggested by Homeland Security Secretary Michael Chertoff in a six-point reorganization plan and supported strongly by the security industry.

DHS, however, may not be entirely to blame. The authority to create that position lies in a congressional proposal that remains bottled up in the Senate. It was unclear Friday when action would be taken.

[ZDNet News -- 02/13/06]