An Imperfect (Cyber) Storm

SAN FRANCISCO -- Say a highly organized, international group of anti-globalization organizations coordinated a protest attack on the network infrastructure of the United States. Maybe disgruntled individuals and opportunistic hackers quickly launched their own attacks when they saw what was going on.

If a systems glitch could black out the entire northwest in 2003, what kind of damage could such a concerted assault produce?

You might say that the biggest question is why hasn't it happened yet?

The federal government has been working with private companies and security vendors to develop protocols and communications systems that will let them respond quickly and share relevant information on threats and attacks. On March 10, they put the system to the test.

Cyber Storm II was an international exercise, conducted by the U.S. Department of Homeland Security on March 10 through 14 in Washington, D.C. High-level participants provided some general comments about what they learned in a panel discussion held at the RSA Conference on Wednesday.

"It fundamentally was about identifying and responding to a fast-breaking cyber-epidemic. It tested our ability to identify an attack, validate or correct the analysis with our partners -- because we were all getting different pieces of information -- and to respond individually and collectively," said Greg Garcia, assistant secretary for cyber security and communications for the Department of Homeland Security (DHS).

Cyber Storm II simulated attacks via control systems, networks, software, and social engineering to disrupt transportation and energy infrastructure elements of state, federal and international government agencies.

The exploits were intended to degrade government operations and the delivery of public services, diminish the ability of authorities to help fend off attacks on other sectors and undermine public confidence.

Homeland Security hasn't disclosed the nature of the simulated attacks, but the first CyberStorm's threats ranged from denial of service attacks on the oil and gas pipeline map to unauthorized access of the FAA network, crashing the flight control system. Simulated protesters defaced newspaper Web sites and posted the No Fly List on the public Web. They sent false Amber alerts, compromised the HIPAA database and turned off the heat in government buildings.

"In Cyber Storm I, we learned lessons on what we needed to do to get information and propagation strategies out, and get information back," said Randy Vickers, associate deputy director of the U.S. Computer Emergency Readiness Team. "We wanted to leverage II to understand how we take information we discover, develop mitigation strategies and propagate that out."

This article was first published on InternetNews.com. To read the full article, click here.