Cyber-Storm II is blowing through DC

Cyber-Storm II is blowing through DC

Summary: It’s time, once again, for Cyber Storm, the "the largest-ever exercise designed to evaluate the mettle of information technology experts and incident response teams" from 18 federal agencies and nine states, The Washington Post.

SHARE:

It’s time, once again, for Cyber Storm, the "the largest-ever exercise designed to evaluate the mettle of information technology experts and incident response teams" from 18 federal agencies and nine states, The Washington Post.

Jerry Dixon, a former director of the National Cyber Security Division at the Department of Homeland Security who helped to plan both exercises, said Cyber Storm is designed to be a situational pressure-cooker for players: Those who adopt the proper stance or response to a given incident are quickly rewarded by having to respond to even more complex and potentially disastrous scenarios. Players will receive information about the latest threats in part from a simulated news outlet, and at least a portion of the feeds they receive will be intentionally misleading, Dixon said.

"They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers,' Dixon said. 'The whole time, the clock keeps ticking, and things keep getting worse."

The first Cyber Storm was held two years ago but participants say that was baby stuff compared to this year's event.

The war games will be far more realistic and inclusive for Australia, whose participation in the first Cyber Storm amounted to what a spokesperson for the Australian Attorney General's department called "a desktop exercise" that did not include any private sector companies.

"This year, we're setting up an exercise control room and will be sending out injects to the players in both the private sector and the government," said Daniel Gleeson of the Australia's Attorney General's office. "So we'll be involved in this as it unfolds in real time, rather than just talking about what we'd do in those situations."

Topics: Security, CXO, Government, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Last Year Revealed Major Weaknesses in the Exercise Parameters

    While it made a good place to start, the "play nice" instructions automatically limited the effectiveness of the exercise.

    In a true full-blown attack, the opponents will NOT play nice or restrict themselves to a single attack. They will be dynamically reacting to the government's and private sector's countermeasures.

    Of course an effective attack will be either of stealth variety where they slip in and out without gettign blocked or caught; or an attempt for a simultaneous Pearl Harbor style knockout.
    Dr_Zinj