Homeland Security holds “Cyber Storm” war game

What, us worry? From the AP, Feb. 10:

WASHINGTON — The government concluded its “Cyber Storm” wargame Friday, its biggest-ever exercise to test how it would respond to devastating attacks over the Internet from anti-globalization activists, underground hackers and bloggers.

Bloggers?

Participants confirmed parts of the worldwide simulation challenged government officials and industry executives to respond to deliberate misinformation campaigns and activist calls by Internet bloggers, online diarists whose “Web logs” include political rantings and musings about current events.

The Internet survived, even against fictional abuses against the world’s computers on a scale typical for Fox’s popular “24” television series. Experts depicted hackers who shut down electricity in 10 states, failures in vital systems for online banking and retail sales, infected discs mistakenly distributed by commercial software companies and critical flaws discovered in core Internet technology.

Some mock attacks were aimed at causing a “significant cyber disruption” that could seriously damage energy, transportation and health care industries and undermine public confidence, said George Foresman, an undersecretary at the Homeland Security Department.

There was no impact on the real Internet during the weeklong exercise. Government officials from the United States, Canada, Australia and England and executives from Microsoft, Cisco, Verisign and others said they were careful to simulate attacks only using isolated computers, working from basement offices at the Secret Services headquarters in downtown Washington.

The Homeland Security Department promised a full report on results from the exercise by summer.

Foresman likened his agency’s role during any Internet attack to an orchestra conductor, coordinating responses from law enforcement, intelligence agencies, the military and private firms. The government’s goal is a “symphony of preparedness,” Foresman said.

Homeland Security coordinated the exercise. More than 115 government agencies, companies and organizations participated. They included the White House National Security Council, Justice Department, Defense Department, State Department, National Security Agency and CIA, which conducted its own cybersecurity exercise called “Silent Horizon” last May.

An earlier cyberterrorism exercise called “Livewire” for Homeland Security and other federal agencies concluded there were serious questions over government’s role during a cyberattack depending on who was identified as the culprit – terrorists, a foreign government or bored teenagers.

It also questioned whether the U.S. government would be able to detect the early stages of such an attack without significant help from private technology companies.

See our last posts on cyber culture and the information wars.