- ‘Gay Jeans’ that fade into rainbow-colored denim created
- Divided court strikes down big porn award
- Jimmy Carter: Don’t hurt Russian people with sanctions
- Oldest ex-MLB player dies in Cuba, 2 days shy of 103rd birthday
- ‘Top Gun’ for drones: Squadrons of carrier-based killers have Navy’s approval
- Bill Clinton to endorse Charlie Rangel for re-election
- Pfc. Bradley Manning is now Pfc. Chelsea Manning: Court says so
- Secret base U.S. special forces used to train Libyans now under terrorist control: report
- 9th suspect in N.C. kidnapping turns self in to FBI
- L.A. sheriff admits to testing flyover spy program without notifying residents
Cyber Storm III aims to protect against real thing
13 nations unify for exercise
An international cyberwar game to be staged this week by the Department of Homeland Security will simulate a sophisticated hacker attack that undermines the trusted relationships between computers on which the very architecture of the Internet relies.
Thirteen countries, 11 states and seven Cabinet-level federal agencies will take part in the exercise, dubbed Cyber Storm III — the third such biannual war game Homeland Security has organized.
The war game is a so-called “tabletop” exercise, meaning no actual computer networks will be attacked. The purpose, say U.S. officials, is to try out a national draft plan for responding to major cyberwarfare incidents — the National Cyber Incident Response Plan, or NCIRP.
“Cyber Storm III will be “a good way to tell where we have some kinks in the NCIRP,” Bobbie Stempfley, director of Homeland Security’s National Cyber Security Division, said at an embargoed briefing for reporters last week.
Ms. Stempfley noted that the war game will have nearly three times as many countries taking part as the last Cyber Storm, which involved only four in addition to the United States — a reflection of the globalized nature of threats to the Internet and the burgeoning cooperation among U.S. allies in combating them.
But there also will be more domestic participants, a function of the large — critics say confusingly large — number of federal, state and private-sector entities who would be involved in dealing with a real attack.
Another important objective of the exercise is to test a new multi-agency center, the National Cybersecurity and Communications Integration Center (NCIC), inaugurated last October to bring together at a single location the various different elements of Homeland Security and other agencies involved in dealing with Internet threats.
“We want to focus on information-sharing issues,” said exercise director Brett M. Lambo. “We want to know how well all of the different organizations in that room [the NCIC] are compiling, aggregating and acting on information they they’re sharing.”
In particular, the exercise had been designed to test how well and how quickly government agencies could declassify information so that it could be shared with private-sector companies that own and operate the infrastructure on which the Internet and other computer networks run, he said.
Rather than test the technical aspects of the response, the exercise is designed to explore “the decision-making process … and the information that informs that,” Mr. Lambo said.
The exercise is to begin Tuesday and will run for three or four days, depending on how play develops, he said. It consists of a series of so-called “injects,” narrative statements about make-believe events delivered to the players by e-mail, which they then have to respond to.
Mr. Lambo said Homeland Security had “significant industry involvement in building the scenario” for the exercise to ensure “technical rigor.” He declined to name any of the 60 companies taking part but said they include “major software firms, major anti-virus firms, [and] major network operators.”
He said “we’re trying to upset the chain of trust” on which the Internet depends by compromising two very basic services on which Web traffic relies: certificate authority and the domain name system (DNS).
Certificates are the computer codes that identify trusted instructions or addresses. DNS directs Internet traffic, translating Web addresses into the unique numeric codes that identify specific websites.
“We’re kind of using the Internet to attack itself,” Mr. Lambo said.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
TWT Video Picks
By Andrew P. Napolitano
Obama's veil of secrecy is pierced
- Pentagon plans to replace flight crews with 'full-time' robots
- 'Top Gun' for drones: Squadrons of carrier-based killers have Navy's approval
- Kansas will nullify local regulation of guns
- Nevada rancher Cliven Bundy hailed as patriot, ripped as lawless deadbeat
- CARSON: When government looks more like foe than friend
- America is an oligarchy, not a democracy or republic, university study finds
- Washington Redskins' 2014 schedule opens with Texans
- Texas is next! AG warns BLM wants 90,000 acres after Bundy ranch standoff
- Georgia governor signs bill expanding gun rights
- Opposition rising to Colorado gun control laws
Top 10 handguns in the U.S.
Celebrity deaths in 2014