Operation Cyber Storm
In this month’s </ENDTAG> column, I wrote about cyberwar and its place in the Fourth Generation conflicts that have affected much of the world, from Kinshasa to Kabul and beyond. These physical and virtual forms of asymmetrical attack represent the dark side of the globalism, as the enemy has further reach (and consequently can do much more with much less) than ever before. And thus far, the United States and its allies’ vaunted, expensive defense organizations have not found feasible, enduring solutions to these threats, whether it’s Iraqi insurgents or Chinese hackers.
One of their attempts to deal with this unsettling fact was the Cyber Storm war gaming exercise that took place this month. The drill—the largest of its kind to date—involved 115 federal and state agencies, private sector organizations and other foreign governments, including the U.S. Department of Homeland Security, the U.K.’s Ministry of Defence and the National Infrastructure Security Co-ordination Centre (NISCC), Microsoft, Symantec and Cisco.
The foes in mock confrontation were anti-globalization activists, underground hackers and bloggers that coordinated attacks on various government and corporate systems via the Web. From a control center located in the basement of Secret Service headquarters in Washington, DC, the defenders had to go through various scenarios that ranged from hackers who shut down electricity in 10 states to failures in vital systems for online banking and retail sales to infected discs mistakenly distributed by commercial software companies.
Homeland Security officials have not commented on the outcomes of Cyber Storm, other than banalities about how the exercise was a “significant accomplishment” and represents “great progress.” A public report of the results and lessons learned is reportedly scheduled for release around the middle of this year.
While I can’t say for certain how the defenders did, I would question the wisdom of some of the war game’s elements. For example, why in the world would they include anti-globalization activists and political malcontents who blog on the Internet among the “enemies”? Ostensibly, they felt that these folks would be working to spread disinformation during these attacks, but the Web works in such a way that rumors and falsehoods can be countered very quickly—much faster than in the mainstream media’s case. Besides, the main threats so far have been tight, highly skilled groups of hackers from places like Eastern Europe and the Pacific Rim. Also, the “major cyber disruptions” that the exercise simulated seem fairly unlikely to me, unless they’re accompanied by a “hot” shooting war involving a hostile nation or major terrorist outfit.
All of the public explanations of the scenarios seem so fanciful to me that I have to wonder if they were a cover for very different, highly classified set of war games that dealt with credible and truly dangerous threats. I’d like to think so, but given our government’s failure to anticipate the very predictable uprising following the invasion of Iraq, I’m not optimistic.
What do you think about Cyber Storm or the U.S. information security strategy? Let me know about it at firstname.lastname@example.org or comment on it in the thread I’ve started in the Security community discussion board at www.certmag.com/forums.