.

Simulated cyber-attack to test government response

<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Thu Feb 11, 2010 2:57 pm

Simulated cyber-attack to test government response

Cyber ShockWave test involves former administration staff, national security officials.  They are holding the simulation in a hotel by reproducing the White House war room.  Apparently a production company is providing scripts to security professionals.  I assume there will be no actual networks or computers involved.

http://www.computerworld.com/s/article/ ... t_response
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Thu Feb 11, 2010 3:23 pm

Re: Simulated cyber-attack to test government response

I knew they'd done this with the oil scenario, so not really suprised that they'll work one up for cyber attacks, too.

I think that would be a very interesting room to be in, if one were actually allowed to observe it...  You often wonder how those particular folks would respond to a scenario like that, although because they DO know it's simulation, you've still removed the 'fear' factor of the unknown, in that, while you DO want to show you'll react appropriately, the stress and situational awareness (or lack thereof) in a TRUE attack scenario (where real systems are already down, or compromised, etc,) would be much less 'real' / minimized.

Wonder how much info, if any, the public will actually hear about.  After all, explaining how something like this is handled, publicly, just gives attackers more thought process to try to workaround similar response methodologies, in the event of a real cyber attack.  Assumably, actual 'details' of what are done will not be made public, and we'll only be told that those in the know have decided appropriate actions and behaviors were taken (or not.)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Thu Feb 11, 2010 5:57 pm

Re: Simulated cyber-attack to test government response

This is the same company which did the oil scenario. 

Yes, being that they know it is a simulation does relieve some of the edge to the scenario, but it is just like testing your backups, pulling random security footage, updating/testing DRP plans, going to a warm site.  It's all part of planning.  They need to make sure their plans, actions, and reactions are up to the threat at hand.  I would love to see the outbrief/lessons learned documentation.

Some of my co-workers may be involved, so I'll ask around.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Thu Feb 11, 2010 6:23 pm

Re: Simulated cyber-attack to test government response

Hey, unsupported!

I definitely wasn't debating the seriousness of the exercise, nor the meaningfulness of the outcome.  Any preparation, even in a less than 'perfect' simulation, is better than none at all.  I'm all for the exercise, just not so sure that making it public knowledge is the best thing, as the public's view of said outcomes / simulations is totally different from those of seasoned security folks, and the general public would likely be much more critical of the process and expected outcomes, even with much less 'informed' knowledge of the procedures and severity.

I'd agree with you, though, as I'd LOVE to see the lessons learned, etc.  Just questioning if the public ever will (or should, for that matter!)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Thu Feb 11, 2010 6:56 pm

Re: Simulated cyber-attack to test government response

I wasn't debating you either, just commenting on your points and further solidifying mine. :)

I originally saw this on Slashdot, where it broke down into "OMG!  The real hackers are going to take advantage of this and p0wn us!". :)  I like that I can get real discussion here.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Thu Feb 11, 2010 7:28 pm

Re: Simulated cyber-attack to test government response

unsupported wrote:"OMG!  The real hackers are going to take advantage of this and p0wn us!". :)


L-O-L!!!  'nuff said!  I'm in full agreement, as it's definitely nicer to come discuss with folks who understand the reality of it, rather than just the hype and 'fantastic'-ness of it all.

If your buddies are involved, definitely keep us posted on this.  I'd really like even a 'mini-synopsis' of the whole ordeal, when they finish it up.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

Ash Chole

User avatar

Newbie
Newbie

Posts: 21

Joined: Sun Nov 01, 2009 9:56 pm

Post Fri Feb 12, 2010 9:50 am

Re: Simulated cyber-attack to test government response

This is designed more to coordinate who does what and work on communication and leadership. Not as much to find TRUE weaknesses in the systems. 
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Feb 12, 2010 10:53 am

Re: Simulated cyber-attack to test government response

Agreed, fully.  We understand the purpose of the exercises.  It's not about the specific systems, etc, it's about testing leadership and incident response methodology, in general.  

However, as I'd said, general public (not the IT-'informed') might not understand this, to the same degree, and thus, my questioning the public-release nature, even of the event taking place, let alone any detail on the outcomes, beforehand.  I think it might have fared better had they gone through the drill, then after the fact, gone over the results of the response side of things, rather than opening it up, pre-simulation, to scrutiny or 'blind' questions from media, etc.  

From the standpoint of those involved (industry analysts and lawmakers, as well as the folks formerly holding the critical positions,) I fully agree with their perspectives and knowledge being put to use for this, as well as for the lawmakers having opportunity to lend their insight and reasoning to form new policies and the like, in relation to this type of situation.  Mind you, I know I'm being overly cautious / critical, and that ultimately, those in the know will NOT release any data that they shouldn't.  (We are talking about politicians, right?   ;) )  Personally, though, I just don't think it was as wise to open the floor to public media, even just in acknowledgement, this soon, but rather, I'd have waited until after the exercise is concluded, to brief the rest of the world.  (And then, again, only to brief them on generalities, and nothing specific.)  Even though we are NOT talking about specific security and infrastructure systems and the like, directly, even giving a firm understanding of how the TEAM of invididuals works together, in this scenario, allows others to try to manipulate that system, and come up with other means to an end.

Even in penetration testing and security analysis, we often examine our clients' security policies for backup, data handling, incident handling / prevention, etc.  That doesn't mean that if we question any of it, disagree or even agree with it, that we release it to other individuals outside the scope of the testing.  It defeats the purpose of confidentiality, ethics and common sense.  And while yes, this IS the United States' critical infrastructure we are talking about, that doesn't preclude US citizens, some of whom HAVE ill intentions, from using any given data against the system.

Understand, I fully agree with everything stated in this thread, from the nature of the testing and simulation, to the lessened severity of the outcome of simply simulating, and awareness of the results, per se.  And these are FORMER post holders, not present, so there's no guarantee that the responses will be the same as they'd be with the current position holders involved in a real scenario.  However, IF protocol is in place, as it SHOULD be, then 'technically' they should be following set procedures, etc, and those procedures do NOT need to be publicly scrutinized or disclosed, as it's the job of those in the proper positions of authority to adequately understand, react and rectify these types of situations, by procedural guidelines.  (That's the point of this, right, to analyze current procedures and modify / change / better them, to accommodate future changes in technology and methodology, in order to come up with BETTER ones?)

That's my opinion, and again, I fully agree with the rest of the points by myself, unsupported, and Ash Chole.

Again, from the security-realm / world perspective, I'd still be interested in hearing any results of the procedural outcome, so if you hear anything, unsupported, let us know.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Mon Feb 15, 2010 7:08 am

Re: Simulated cyber-attack to test government response

CNN is filming the events and will report on it after it is completed.

I agree with Salina.  I picture future wars to be like the episode in ST:OS, where the civilization wages war with each other on a computer and then the "causalities" are loaded into an incinerator, single file.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Feb 15, 2010 7:41 am

Re: Simulated cyber-attack to test government response

unsupported wrote:I picture future wars to be like the episode in ST:OS, where the civilization wages war with each other on a computer and then the "causalities" are loaded into an incinerator, single file.


LOL...  It'd be nice if war were that simple, even when waged on computers...  But yes, I'd agree with you both, that in the end, the technology of warfare is less likely to be physical, and more logical.  Thus the even greater need to train up and prepare those in our line of work.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Tue Feb 16, 2010 7:02 am

Re: Simulated cyber-attack to test government response

unsupported wrote:CNN is filming the events and will report on it after it is completed.


For those interested, from the BPC Website:

Set your DVR! CNN will be airing Cyber ShockWave Feb. 20th and 21st at 8pm and 11pm EST.
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Tue Feb 16, 2010 10:35 am

Re: Simulated cyber-attack to test government response

Last edited by blackazarro on Tue Feb 16, 2010 10:43 am, edited 1 time in total.
Security+, OSCP, CEH
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Tue Feb 16, 2010 12:10 pm

Re: Simulated cyber-attack to test government response

In today's simulated attack (Cyber ShockWave), it appears based on twitter feeds from @BPC_Bipartisan that the attackers were able to bring down a large portion of the U.S. grid. There's massive power outage and smart phones have stop working. The president has express his concerns regarding the Cyber Warefare attack:
How much worse will this get? What can we do to restore electricity? Who did this? Is it connected?


Additionally, there were power outages in Canada as well. The economy is being hit hard.
Security+, OSCP, CEH
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Tue Feb 16, 2010 12:33 pm

Re: Simulated cyber-attack to test government response

Ok, so, one of the first comments I see from officials is about retaliation.  For realz?  What about covering our asses and getting us back up and running?  At least Canadia is taking the hit as well.

Stay up to date, http://twitter.com/BPC_Bipartisan
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Tue Feb 16, 2010 12:44 pm

Re: Simulated cyber-attack to test government response

The east coast is now officially a disaster area.  For power and cell phone outage?

Ok, the rational part of me understands calling a disaster area in order to better provide federal assistance, but is this the right action to take?

Also, too bad I haven't been accepted into Infragard yet.  I could be preparing for martial law.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
Next

Return to Cyber Warfare

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software