DHS Launches Cyber Attack Exercise

  /     /     /  
Publicated : 22/11/2024   Category : security


DHS Launches Cyber Attack Exercise


Cyber Storm III, the largest simulated cyber attack to date, aims to test a new national cyber response plan and stretch the limits of collaborative cybersecurity.



Strategic Security Survey: Global Threat, Local Pain

(click image for larger view and for full photo gallery)
For three or four days this week, the Internet will come under a virtual attack from an unknown adversary, and it will be up to the government and private sectors coordinated efforts to root out the cause and work together to keep systems up and running -- at least within the simulated confines of the Department of Homeland Securitys Cyber Storm III exercise, which begins Tuesday.
The Cyber Storm series of exercises simulates large cyber attacks on critical infrastructure and government IT assets in order to test the governments preparedness. Specifically, this years exercise will be the first time DHS will test both the draft National Cyber Incident Response Plan (an effort to provide a coordinated response to major cybersecurity incidents) that will be publicly released later this year and the new National Cybersecurity and Communications Integration Center (the hub of DHS cybersecurity coordination efforts).
With cybersecurity continuing to heat up as a national defense priority, Cyber Storm III will give the government a chance to see how ready its processes and people really are in protecting the nation and Internet against malicious hackers. So much of the cyber mission space is about collaboration, and every once in a while youve got to kick the tires to see how well it works, Bobbie Stempfley, director of DHS National Cyber Security Division, said in a meeting with reporters last week.
This years exercise will be the largest yet, including representatives from seven cabinet-level federal departments, intelligence agencies, 11 states, 12 international partners and 60 private sector companies in multiple critical infrastructure sectors like banking, defense, energy and transportation. High-level officials, including federal cybersecurity coordinator Howard Schmidt and deputy homeland security secretary Jane Holl Lute, will be among those taking part.
The exercises players will be working through the scenario in their real-world offices, including the new National Cybersecurity and Communications Integration Center. Its happening where it would because were trying to as closely simulate the real world as we can, Brett Lambo, director of DHS National Cyber Security Divisions cyber exercise program, said.
Strategic Security Survey: Global Threat, Local Pain

(click image for larger view and for full photo gallery)
However, the scenario wont use a virtual network. Instead, the exercise will be controlled from the Secret Service headquarters, where organizers from various agencies will be sending out exercise injects, information that a player will receive that indicates that a certain event has taken place as part of the narrative set up by the organizers. This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take.
This years scenario reflects the fact that threats are becoming increasingly more sophisticated with potential for widespread damage. We really wanted to come up with something thats a core scenario, foundational to the Internet, affecting not necessarily just uptime but also integrity, Lambo said. We’re trying to upset the chain of trust. Were basically using the Internet against itself. Lambo requested media not publish deeper details of the scenario ahead of time as to maintain an element of suspense for the players.
Lambo said he hopes the exercise pushes the response to the point where things go wrong with the response process. The point of an exercise like this is to lay yourself bare a little bit and get to the point where you break certain things, he said. We want to make sure not how well were doing everything, but, is the way were contemplating doing it right-headed, and are we on track both philosophically and organizationally.
Cyber Storm III has several key objectives, foremost of which is to test the National Cyber Incident Response Plan. Other objectives include focusing on coordination and information sharing, examining the DHS role in a global event, applying findings of past Cyber Storm exercises, and determining how best to incorporate the National Cybersecurity and Communications Integration Center into operational responses.

Last News

▸ Researches contributed to CryptoLockers downfall. ◂
Discovered: 23/12/2024
Category: security

▸ Simplocker: Innovative Android Ransomware Encrypts Data ◂
Discovered: 23/12/2024
Category: security

▸ Fraza reinterpretata: Bank Fraudsters Work While Brazilians Enjoy World Cup ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DHS Launches Cyber Attack Exercise