Simulated cyber-attack to test government response
Cyber ShockWave test involves former administration staff, national security officials
Computerworld - Security industry analysts and lawmakers will get an unprecedented chance next week to evaluate how the government might respond to a cyber-attack on critical infrastructure targets.
The Bipartisan Policy Center (BPC), a Washington-based non-profit established in 2007 by several lawmakers, will host a simulated nation-wide cyber-attack next Tuesday for a group of former administration and national security officials, who will be playing the roles of Cabinet members.
The goal of the simulation, called Cyber ShockWave, is to see how officials in key government positions would react to a real-time cyber- attack, and to evaluate the split-second decisions they may be required to take to deal with it, a BPC alert noted.
Those playing the roles of various cabinet members include former DHS secretary Michael Chertoff, the former Director of National Intelligence John Negroponte, former White House Homeland Security Advisor Fran Townsend and former White House press secretary Joe Lockhart.
The participants, none of whom will have any advance information on the simulated attacks, will be expected to advise the President on the unfolding attacks and craft a response to them. The event is scheduled to take place at Washington's Mandarin Oriental Hotel.
A report in The Atlantic said that a considerable effort is being put into making the exercise as realistic as possible.
A production company has been hired to recreate a White House situation room in the Mandarin hotel, and professional scriptwriters will aid security experts in creating the simulated attack.
The whole exercise itself was developed by former CIA director general Michael Hayden and several others, including former New Jersey governor Thomas Kean and Congressman Lee Hamilton, both of whom were co-chairs of the 9/11 commission. Companies and organizations that are participating in the effort include General Dynamics, Georgetown University and PayPal.
This is not the first time that BPC has organized a similar exercise. In 2007, it hosted Oil Shockwave, an oil crisis simulation, in which nine former cabinet and national security advisors participated. The purpose of that exercise was to explore the economic and national security implications of a prolonged crisis in the oil industry.
This month's planned cyber-security simulation comes amid growing concerns over state-sponsored attacks against critical IT assets. The recent cyber-attacks against Google and more than 30 technology companies allegedly by operatives based out of China have highlighted what many say is the need for a formal U.S. policy for deterring and responding to such attacks.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success! All Cybercrime and Hacking White Papers | Webcasts