Cyber Storm II exercise shows improvement in preparedness

Share this article:

The Department of Homeland Security's second massive cybersecurity exercise has revealed improved preparedness across IT infrastructures and government agencies, compared to the first “Cyber Storm” in 2006, according to the acting director of DHS's National Cybersecurity Division.

More than 100 U.S. and overseas companies and 18 federal departments and agencies participated in the week-long Cyber Storm II exercise, which concluded last Friday. Ten information-sharing and analysis centers across critical IT infrastructures also were deployed.

In this year's exercise, 100 “controllers” – cybersecurity experts from law enforcement and intelligence agencies – staged a simulated disruption of computer networks governing chemical and transportation infrastructure, including rail service and pipelines.

Working from the U.S. Secret Service headquarters, the controllers managed and “injected” the attack scenario – including a mock telecom and internet disruption, coupled with “cyberattacks” on critical control systems – into participants' networks and monitored their efforts to coordinate a response.

Cheri McGuire, the acting director of DHS's National Cybersecurity Division, who organized the exercise, told SCMagazineUS.com it was designed to be as realistic as possible.

“It was a continuous exercise, and each scenario builds on itself and becomes more intense. We reward our participants with more and more difficult types of attacks,” she said. “We were looking at individual responses and watching closely to see how everyone worked together in a coordinated response.”

According to McGuire, “our overall preparedness has gotten better and more mature [since the 2006 exercise] across infrastructures, federal agencies and the private sector, in our ability to coordinate and to know who to call and when to call them."

McGuire declined to specify any significant deficiencies uncovered by this year's exercise, which will now be subjected to a three-month “action review” in which participants will convene in teleconferences and share lessons learned from Cyber Storm II.

However, she did admit she was surprised by the heavy reliance of Cyber Storm II participants on the fake online media outlets that were created to lend a bit more realism to the exercise.

"We had more than 500,000 hits over our player sets on one simulated media site,” she told SCMagazineUS.com. “This indicates the importance of the media's role in informing stakeholders and the general public during this type of crisis.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.