Cyber Storm II kicks off: Prepping for disaster, practice makes perfect
The incident will mark the launch of Cyber Storm II, the largest homeland security exercise ever. Hosted by the Department of Homeland Security, it involves teams working in five countries; here in the U.S., participants represent nine states, 18 cabinet-level agencies and more than 40 private sector companies.
Unlike the initial Cyber Storm exercise, in which participating agencies and companies often knew each other during the exercise (only under fictitious names), many of this week’s participants have been eager to declare their presence. The U.S. Government players include the CIA, Department of Defense, FBI and the National Security Agency, as well as DHS itself. Corporate participants include Cisco Systems, Dow Chemical, McAfee and Microsoft.
The event is designed to meet the training and exercise requirements found in Homeland Security Presidential Directive 8 (HSPD-8), which mandates national preparedness. Coordinated under the DHS National Exercise Program, CSII supports the National Strategy to Secure Cyberspace by exercising the national cyber security response.
According to a spokesman for the DHS National Cyber Security Division (NCSD), Cyber Storm II will be "a comprehensive, dynamic cyber security exercise [simulating] a large-scale coordinated cyber attack on critical infrastructure," designed to evaluate the mettle of information technology experts and incident response teams.
"This exercise examines our response and coordination mechanisms against a simulated cyber event affecting international, federal, state, and local governments, and the private sector," said Greg Garcia, the DHS assistant secretary of cybersecurity and communications.
According to Garcia, planning for this exercise has been underway for 18 months. It began even as analysts were pouring over data gathered from Cyber Storm I, which was held back in February 2006.
While all Cyber Storm exercises test the resilience of the communications and information technology sectors, CSI focused on the energy and airline industries. This year’s simulated attack is expected to target facilities and systems in the chemical, rail transportation and pipeline industries.
What makes "CSII" unique, aside from the sheer scale of it, is the degree to which organizers will be able to simulate reality, manipulating the exercise even as it is in progress. Officials in the exercise control center, located at U.S. Secret Service headquarters in Washington, DC, will relay "injects" via e-mail, phone, fax, in-person and through exercise Web sites.
The "injects" will prevent complacency. All participants will be able to test their crisis response systems, policies and procedures.
The enemy side in this exercise will include nations, terrorists and saboteurs. And they won’t play easy: Defenders will face a simulated Internet outage (testing their back-up systems), and some of the information players get as the exercise unfolds will come from a simulated news outlet whose feeds may be intentionally misleading.
"By organizing and executing an exercise such as Cyber Storm, DHS is able to test our planning, information sharing and response to attack scenarios, assess our strengths and weaknesses in those areas, and learn how to improve response capabilities," Garcia said.
Indeed, the most rewarding aspects of CSII won’t be revealed until after the exercise is over. Analyses of how participants performed, and how their performance can be improved, might take a year or more.
It won’t be cheap: DHS officials estimate that CSII will cost roughly $6.2 million.
But that is a small price to pay for preparedness against the day when a real attack might occur.
- Add your comment
- trackback url: http://www.gsnmagazine.com/cms/trackback/577-2
