Cyber Storm II exercise shows improvement in preparedness

Share this article:

The Department of Homeland Security's second massive cybersecurity exercise has revealed improved preparedness across IT infrastructures and government agencies, compared to the first “Cyber Storm” in 2006, according to the acting director of DHS's National Cybersecurity Division.

More than 100 U.S. and overseas companies and 18 federal departments and agencies participated in the week-long Cyber Storm II exercise, which concluded last Friday. Ten information-sharing and analysis centers across critical IT infrastructures also were deployed.

In this year's exercise, 100 “controllers” – cybersecurity experts from law enforcement and intelligence agencies – staged a simulated disruption of computer networks governing chemical and transportation infrastructure, including rail service and pipelines.

Working from the U.S. Secret Service headquarters, the controllers managed and “injected” the attack scenario – including a mock telecom and internet disruption, coupled with “cyberattacks” on critical control systems – into participants' networks and monitored their efforts to coordinate a response.

Cheri McGuire, the acting director of DHS's National Cybersecurity Division, who organized the exercise, told SCMagazineUS.com it was designed to be as realistic as possible.

“It was a continuous exercise, and each scenario builds on itself and becomes more intense. We reward our participants with more and more difficult types of attacks,” she said. “We were looking at individual responses and watching closely to see how everyone worked together in a coordinated response.”

According to McGuire, “our overall preparedness has gotten better and more mature [since the 2006 exercise] across infrastructures, federal agencies and the private sector, in our ability to coordinate and to know who to call and when to call them."

McGuire declined to specify any significant deficiencies uncovered by this year's exercise, which will now be subjected to a three-month “action review” in which participants will convene in teleconferences and share lessons learned from Cyber Storm II.

However, she did admit she was surprised by the heavy reliance of Cyber Storm II participants on the fake online media outlets that were created to lend a bit more realism to the exercise.

"We had more than 500,000 hits over our player sets on one simulated media site,” she told SCMagazineUS.com. “This indicates the importance of the media's role in informing stakeholders and the general public during this type of crisis.”

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.