Simulated IT Attacks Reveal Response Flaws

The Department of Homeland Security's Cyber Storm IT security exercise found problems and some strengths in the United States' ability to respond to simulated attacks on electronic infrastructure.

The U.S. Department of Homeland Security issued the results of its Cyber Storm exercise on Sept. 13, highlighting areas where the government and private organizations must improve their responsiveness to emerging IT-related threats.

The agency release a 23-page report on the findings of the simulated IT attack, labeled by Homeland Security leaders as "the largest and most complex multinational, government-led cyber exercise to examine response, coordination and recovery mechanisms to a simulated cyber event."

The test found that major issues remain with the communication between public and private sector organizations in the face of attacks on IT infrastructure, and in those groups' ability to piece together information to understand the scope of distributed threats. But the exercise does also contend that progress in improving those details is already being made.

The Cyber Storm test was launched to help gauge the information-sharing capabilities and IT attack readiness of government branches on the federal, state and local level. Also part of the study was those groups' abilities to cooperate with foreign nations and private sector organizations in the event of a major attack or natural disaster.

Carried out over Feb. 6-10, 2006, by the National Cyber Security Division of the DoHS, the agency said Cyber Storm was meant to provide participants with a controlled environment in which they could simulate the coordination that would be necessary during a cyber-related incident of national significance, such as an attack on the infrastructure supporting the nation's Internet operations or a natural disaster like Hurricane Katrina.

This article was originally published on 09-13-2006
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.