Re: Cyber Storm Exercise Will Be Global, Official Says

["Logan5" <Logan5 () logan5 com>]

Good thing they announced the dates like a real cyber-attack.  Otherwise
some folks might not have prepared... That's always the first step in a
'real-world' penetration test:  announce it to all the employees.  Oh, and
enforce rules so the test doesn't go 'out of the box'.

On the other hand, if someone wanted to re-enact the coincidence between
9/11 'scenario excercises', 7/7 'assessment excercises', and actual
attacks which exploit the confusion (or to the paranoid: make use of the
patsies), should be an tempting window of oppurtunity.

How do they plan to exclude outside influence against 'participants' to
get an accurate assessment of results?  How do they plan to include rogue
elements like a _successful_ Blackmal worm, or does that just not happen,
ever?  Or, is this just a closed-circuit sandbox akin to RootFu?

This smells an awful lot like a public oppurtunity to celebrate one's
defenses against an enemy of one's own choosing on a battlefield of one's
own design.

But then again, I'm just a pessimistic paranoid p0s3r.  I'm sure the
'excercise' will pass with flying colors.

;)

-Logan

-----Original Message-----
From: "Fergie" <fergdawg () netzero net>
To: funsec () linuxbox org
Date: Sun, 5 Feb 2006 17:46:15 GMT
Subject: [funsec] Cyber Storm Exercise Will Be Global, Official Says


> The massive exercise, scheduled for Feb. 6-10, has been planned for a
> long time, the official said. Participants will face realistic
> scenarios, the official said.



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.