more on Preparing for 'Cyber-Katrina']

[Dave Farber <dave () farber net>]

-------- Original Message --------
Subject:        [Dewayne-Net] Preparing for 'Cyber-Katrina'
Date:   Wed, 08 Feb 2006 02:39:45 -0800
From:   Dewayne Hendricks <dewayne () warpspeed com>
Reply-To:       dewayne () warpspeed com
To:     Dewayne-Net Technology List <dewayne-net () warpspeed com>
References:     <1139360650.5849.110.camel () linux site>



[Note:  This item comes from reader Randall.  DLH]

> From: Randall <rvh40 () insightbb com>
> Date: February 7, 2006 5:04:10 PM PST
> To: Dave <dave () farber net>, Dewayne Hendricks <dewayne () warpspeed com>
> Cc: JMG <johnmacsgroup () yahoogroups com>
> Subject: Preparing for 'Cyber-Katrina'
>
> <http://htdaw.blogsource.com/post.mhtml?post_id=223197>
>
> Preparing for 'Cyber-Katrina'
> Tuesday, February 07, 2006 at 7:58 PM EST
>  U.S. Government to Put 'Cyber Katrina' to the Test
> February 6, 2006
> By Paul F. Roberts
>
> U.S. Government agencies are conducting electronic war games this week
> to test the government's ability to respond to the digital  
> equivalent of
> Hurricane Katrina.
>
> The exercise, dubbed "Operation Cyber Storm," was postponed for two
> months because of Katrina, but will take place between Feb. 6 and Feb.
> 10.
>
> The exercise will mimic the effects of a large-scale cyber-attack that
> affects the IT, transportation, energy and telecommunications sectors,
> according to published information.
>
> The exercise is sponsored by the Department of Homeland Security's  
> NCSD
> (National Cyber Security Division). Representatives from a number of
> U.S. government agencies will participate, including the  
> Departments of
> Commerce, Defense, Energy, Justice and Transportation.
>
> In addition, private companies participate through ISACs (Information
> Sharing and Analysis Centers), including the IT-ISAC and
> Telecommunications ISAC.
>
> DHS did not respond to requests for comment.
>
> Representatives from Cisco Systems, Citadel Security Software,  
> Computer
> Associates International, Computer Sciences Corporation, Intel,
> Microsoft, Symantec and VeriSign are taking part, according to
> information published by the IT-ISAC.
>
> Details about the specific scenario that is being used in Cyber Storm
> are not public. However, the government has said the test scenario  
> will
> involve cyber-attacks and physical attacks that disrupt transportation
> and energy infrastructure, coupled with attacks on the state and  
> federal
> IT infrastructure that undermine the public's confidence by crippling
> its ability to deliver public services and respond to the attacks.
>
> The exercise is designed to assess the government's ability to
> communicate internally with the private sector about situational
> awareness, decision making and proper response to attacks.
>
> DHS has said little publicly about the war game, despite recent news
> articles. The agency's silence prompted inquires to The SANS ISC
> (Internet Storm Center) from IT administrators around the globe who  
> were
> concerned that their networks might be affected, said Marc Sachs,  
> an ISC
> volunteer.
>
> "People are worried that DHS is about to hack the planet," he said.
>
> Despite its name, Cyber Storm is more akin to a "tabletop" exercise  
> than
> a real-life simulation of a cyber-attack. It is designed,  
> primarily, to
> test the mettle of high-level government decision-makers, Sachs said.
>
> "The general idea is to do simulated tests. They're not firing live
> bullets," he said. "The senior people don't need the technical side to
> make decisions. They know what a [denial-of-service] attack is like."
>
> Cyber Storm was originally scheduled for Nov. 2005, but was postponed
> because of the government's need to respond to Hurricane Katrina in
> Mississippi and Louisiana. Ironically, that natural disaster created
> real-life versions of many of the conditions that government planners
> will test this week.
>
> But Cyber Storm is designed to prevent the kinds of mishaps and
> miscommunications between agencies that respond to cyber threats as
> those that marred the response to Katrina, Sachs said.
>
> "With Katrina, the problem was with the very senior decision-makers.
> Once the senior people got their act together, you saw the lower level
> decision-makers start to coordinate," he said.
>
> <http://www.eweek.com/print_article2/0,1217,a=170866,00.asp>

Weblog at: <http://weblog.warpspeed.com>


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/