Powersellersunite Power Sellers Unite
Bringing Buyers and Sellers Together

Homeland Security Wraps Up First Mock Cyberattack
Click here to go to the original topic

       Power Sellers Unite Forum Index -> News
Author Message

Joined: 24 Feb 2005
Posts: 12601
Location: Texas

Posted: Fri Feb 10, 2006 10:08 pm    Post subject: Homeland Security Wraps Up First Mock Cyberattack  

The weeklong exercise, dubbed "Cyber Storm," was organized by the department's National Cyber Security Division and 115 public- and private-sector partners. It was designed to model the coordination among government and industry necessary for responding to and recovering from "large-scale" intrusions affecting the energy, information technology, telecommunications and transportation sectors.

"Preparedness against a cyberattack requires partnership and coordination between all levels of government and the private sector," Homeland Security Under Secretary for Preparedness George Foresman said in a statement Friday. "Cyber Storm provides an excellent opportunity to enhance our nation's cyberpreparedness and better manage risk."

What remained unclear was the extent to which the exercise proved successful. The agency said it plans to compile responses from all of the participants and to issue a final report this summer assessing Cyber Storm's performance.

Bob Dix, an executive vice president for Dallas-based Citadel Security Systems, which participated in the simulation, said, "We won't have the results for a little while yet." But the very organization of the program, he said, symbolizes "how seriously people are taking (cybersecurity), to try and simulate a situation so that we can evaluate our preparedness and take the necessary steps ahead of time to improve on that."

Homeland Security officials revealed few details about the project, except to say that all attacks were "prescripted and executed in a closed and secure environment, eliminating any external distress to participants' day-to-day systems during the exercise." One of the incidents, for example, simulated the breach of a utility company's computer system and subsequent power grid disruptions.

The main "control center" for the game was located at U.S. Secret Service headquarters in Washington, D.C. Within the U.S. government, seven cabinet-level departments, including Justice, Commerce, Defense and Treasury, along with the U.S. military, the CIA, the National Security Agency, the FBI and the American Red Cross, participated. Among the other private businesses onboard were Intel, Microsoft, Symantec, McAfee and VeriSign. Representatives from the governments of the United Kingdom, Australia, New Zealand and Canada also were involved.

"The exercise is critical because it brings it out of the abstract," said Paul Kurtz, director of the Cyber Security Industry Alliance, which counted some of its member companies among the exercise's participants. "Most importantly, it's not just proving plausibility, it's, 'What do we do? Who does what?'"

The nationwide exercise marked one of several steps that Homeland Security has been taking in recent months as it attempts to raise its cybersecurity profile. Government auditors and cybersecurity analysts have charged that the department is not living up to its responsibilities in that realm.

The test was originally supposed to occur during the fall but was postponed because many of those assigned to coordinating the task were bogged down by the aftermath of Hurricanes Katrina and Rita.

The department has also lagged in installing an assistant secretary for cybersecurity, a post suggested by Homeland Security Secretary Michael Chertoff in a six-point reorganization plan and supported strongly by the security industry. The department, however, may not be entirely to blame. The authority to create that position lies in a congressional proposal that remains bottled up in the Senate. It was unclear Friday when action would be taken.


Back to top  

Joined: 24 Feb 2005
Posts: 12601
Location: Texas

Posted: Fri Feb 17, 2012 5:22 pm    Post subject: Re: Homeland Security Wraps Up First Mock Cyberattack  


"Experts urge stronger online regulation bill"

WASHINGTON (AP) Cybersecurity experts urged senators Thursday to close loopholes in legislation to give the government more power to force critical industries to make their computer networks more secure.

Experts told the Senate Homeland Security and Governmental Affairs Committee said the bill could allow many companies to avoid regulation entirely or drag out the process for up to eight years before they would actually have to improve their computer security.

The legislation would limit the number of industries subject to regulation to those in which a cyberattack could cause "an extraordinary number of fatalities" or a "severe degradation" of national security.

"So an individual infrastructure owner, such as a rural electricity provider, has no responsibility under this title if it can show that an undefended cyberattack would only cause an ordinary number of fatalities?" said Stewart Baker, a former assistant secretary at the Department of Homeland Security who is now with the law firm of Steptoe & Johnson. "How many dead Americans is that, exactly?"

Baker and James Lewis, a cybersecurity expert and senior fellow at the Center for Strategic and International Studies, said the bill takes important steps toward improving computer security.

But they said the measure has been weakened by corporate and other interests arguing against any attempt at regulation.

By using "terms like mass casualties, mass evacuations, or effects similar to weapons of mass destruction, we are essentially writing target lists for our attackers," said Lewis. "They will attack what we choose not to defend."

The legislation is intended to ensure that computer systems running power plants and other essential parts of the country's infrastructure are protected from hackers, terrorists or other criminals.

Back to top  
       Power Sellers Unite Forum Index -> News
Page 1 of 1

Powered by phpBB © 2001, 2002 phpBB Group