Forgot your password?
typodupeerror
Government Security IT Your Rights Online

Largest Simulated Cyber Attack To Date 71

Posted by CmdrTaco
from the they-know-how-to-party dept.
Orome1 noted that the government will be running simulated cyber attacks as part of the Department of Homeland Security's Cyber Storm III exercise. It says "The exercise will be controlled from the Secret Service headquarters, where organizers from various agencies will be sending out 'exercise injects,' information that a player will receive that indicates that a certain event has taken place as part of the narrative set up by the organizers. This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take." ...which makes me wonder how effective this test would actually be.
This discussion has been archived. No new comments can be posted.

Largest Simulated Cyber Attack To Date

Comments Filter:
  • Uh Oh (Score:3, Interesting)

    by AppleOSuX (1080499) on Tuesday September 28, 2010 @11:27AM (#33722912)

    Should we expect a real attack at the same time?

  • by Anonymous Coward on Tuesday September 28, 2010 @11:28AM (#33722918)

    I hope they're not just testing over the wire attacks, that new janitor with the thumb drive could do some damage...

  • by JonySuede (1908576) on Tuesday September 28, 2010 @11:30AM (#33722950) Journal
    I wonder if a real attacker could subvert this simulation to hide a real attack. The "exercise injects" canals seems like a good way to inject malicious payload.
  • Now's the time (Score:3, Interesting)

    by Anonymous Coward on Tuesday September 28, 2010 @11:32AM (#33722978)

    Can anyone think of a good time to run a real cyber attack against DHS?

  • by dragonhunter21 (1815102) on Tuesday September 28, 2010 @11:44AM (#33723186) Journal
    From the summary, it appears as though they're using drives with fake malware on them to keep operators on their toes. This should be fun.
  • Dynamic != Static? (Score:3, Interesting)

    by Tekfactory (937086) on Tuesday September 28, 2010 @11:44AM (#33723194) Homepage

    "This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take." which makes me wonder how effective this test would actually be."

    Why shouldn't the test adapt to moves the player's make, do you think a hacker is going to keep running off the same script when he knows he's been noticed?

    Some of the worst botnets move their Command and controls nodes around and the people behind them release new code to adapt to what security researchers are doing to stop them. Including DoSing the researchers.

    What idiot thinks we can fight a changing landscape of threats with a static defense?

    No Really I can't tell from the context if that's Taco or the submitter, but paper narrative tests that the author mentions basically are just there to make sure you know your job or have memorized your DR plan, but they don't make you think.

    I'd be more worried if all facets of the scenario didn't get played out because nobody said "I image the hard drive" and so they skip that part of the test. In that case it would be up to the folks running the exercise to move the scenario along by saying someone at another agency imaged the drive, here is a copy, maybe you should look at it.

    It's a lot like preparing for a D&D game and having the players ignore half the story/encounters you wrote up.

  • by Jawnn (445279) on Tuesday September 28, 2010 @12:42PM (#33724130)
    True words, sir. It's almost as if the new "cyber warriors" are nothing more than contractors being provided from new divisions of traditional "brick and mortar", or should I say "bombs and bullets" defense contractors.
    Oh..., wait.

Nothing is more admirable than the fortitude with which millionaires tolerate the disadvantages of their wealth. -- Nero Wolfe

Working...