Saturday, March 8, 2008

Cyber Storm exercise

Cyber Storm II will be launched by the Attorney General in which five countries will engage in an international hacking exercise.

The wargame is a follow-up to last years' Cyber Storm and will test the national security of Australia, the United States, Canada, the United Kingdom and New Zealand between March 11 to 14.;1447007406;fp;16;fpid;1


The U.S. Department of Homeland Security’s (DHS) National Cyber Security Division (NCSD), a division within the department’s Preparedness Directorate, provides the federal government with a centralized cyber security coordination and preparedness function called for in the National Strategy for Homeland Security, the National Strategy to Secure Cyberspace and Homeland Security Presidential Directive 7. NCSD is the focal point for the federal government’s interaction with state and local government, the private sector and the international community concerning cyberspace vulnerability reduction efforts.

In 2006 (Feb. 6 thru Feb. 10) the first government-led, full-scale cyber security exercise of its kind was held: "Cyber Storm" was designed to test communications, policies and procedures in response to various cyber attacks, and to identify where further planning and process improvements are needed.

...The intent of these scenarios was to highlight the interconnectedness of cyber systems with physical infrastructure and to exercise coordination and communication between the public and private sectors...

---------------------------------------------- between the lines of the public report and the term "Needs Improvement" comes to mind.

...the report found that the National Cyber Response Coordination Group (NCRCG) did not have sufficient technical experts on staff to respond to the volume of incidents...

That's kind of like saying "If the test was just easier, I would have done better!"

According to DHS, "observers noted that players had difficulty ascertaining what organizations and whom within those organizations to contact when there was no previously established relationship or pre-determined plans for response coordination and risk assessments/mitigation. There was a general recognition of the difficulties organizations faced when attempting to establish trust with unfamiliar organizations during time of crisis."

Or how about this one:
"Contingency planning for backup or resilient communications methods is a critical need...many players noted a high reliance of cyber incident response activities on communication systems that can be, themselves, vulnerable to attack or failure."

"The majority of players reported difficulty in identifying accurate and up-to-date sources of information. Multiple alerts on a single issue created confusion among players, making it difficult to establish a single coordinated response..."

Most of the "key achievements" listed in the report seem to relate to the planning and carrying out of the exercise itself, not the government's actual performance during the test. That's like Derek Jeter claiming his key achievement in last night's game was putting his uniform and cleats on and making it to the ballpark. I don't think so.

...The feds...need more technical staff...

No comments: