Mock cyber attack shows US unpreparedness
Posted on 17 February 2010.
During the simulated cyber attack that took place yesterday in Washington and was recorded by the CNN, one thing became clear: the US are still not ready to deflect or mitigate such an attack to an extent that would not affect considerably the everyday life of its citizens.

The ballroom of the Washington's Mandarin Oriental Hotel was for this event transformed into the the White House Situation Room, complete with three video screens displaying maps of the country, simulated updates and broadcasts by "GNN", an imaginary television network "covering" the crisis.

A bevy of former top US officials were given various roles to play:
  • John Negroponte, the former Director of National Intelligence, as the Secretary of State
  • Michael Chertoff, the ex DHS Secretary, as the National Security Adviser
  • Fran Townsend, former White House Homeland Security Advisor, as the Secretary of DHS
  • John McLaughlin, ex CIA deputy director, as the Director of National Intelligence
  • Jamie Gorelick, former deputy attorney general, as attorney general
  • Charles Wald, retired Air Force general, as the Secretary of Defense
  • Stephen Friedman, former director of the National Economic Council, as the Treasury Secretary.
The entire scenario was thought up by Michael Hayden, the former CIA Director, and the faux attack began with malware masquerading as a free March Madness application for smartphones. Once activated, it spread fast and first incapacitated cellphone networks, then landlines, the Internet, and finally - aided by mock bombs exploding in a couple of gas pipelines and power stations and a hurricane hitting the Gulf Coast - brought the entire East Coast electrical power grid to its knees. Air traffic was thrown into disorder and commerce came to a standstill.

According to The Sydney Morning Herald, the group considered various maneuvers to put an end to the attack and mitigate the effects it had on national networks.

When the servers serving the malware were "discovered" to be located in Russia, "National Security Advisor" Chertoff immediately began inquiring about the possibility of shutting them down and the implications of such an action. "Would the Russians view that as an attack?" he wanted to know. "If the attacker is either a state actor or a terrorist group what are our options for responding or retaliating?"

Regarding a possible shutdown of the cell phone and Internet service to prevent a cascading effect, the group found out that federal agencies actually don't have the authority to do so, and that companies providing these services might be unwilling to do it when asked.

Another thing that might prove to be an issue is the Governors' reluctancy to put their power in the hands of the federal government, which would possibly lead to a nationalization of the National Guard.

Federal Times reports that "attorney general" Gorelick mused on the idea of introducing laws that would allow the government to seize broader power for the time it takes to suppress a nation-wide cyber attack.

When the "exercise" came to an end, the likelihood of such a scenario was discussed. "Secretary of State" Negroponte declared that the attack seemed very plausible to him. "I don't think we're as prepared as we should be," said "Secretary of Defense" Wald.

Joe Lockhart, the former press secretary during the Clinton administration, worries that the possibility of such an attack and the development of an effective response is still not high enough on the government priority list.

Will a real cyber attack of these proportions be required to wake the government up? Probably. In the meantime, war games such as these can start the ball rolling into the right direction.






Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //